Is middle age wrong time to make a career move to Information Security?

I have noticed a clear trend among employers to hire young people and specially new Grads for grooming in Information Security. On the other hand I have also seem some old folks still sticking around in management and senior positions.
However, does it mean that the chances of IT professionals with 12-15 years experience and (2-3 years experience in Information Security in the same company) don't stand a chance of entering mainstream Infosec market?
I hope we do have some examples on this board who defied age bias but somehow I beginning to suspect that age does play a major negative role in this industry specially when one is trying to move from IT.
What do you think?

Find more posts tagged with

Comments

Tekn0logy

Middle age is the wrong time to transition if you don't have fresh skills. Some employers are realizing that mature employees are well grounded and look to employ them. Keep your skill set up to date with verifiable certs appropriate for your career, maybe get a new degree and you shouldn't have trouble. Also, I think that it is also important that you have "connections" either with insiders or reputable staffing company.

nathandrake

While I'm not middle age, I think I'm pretty close (39), so I figured I'd give my story.

I've been working in IT since 2001. A few years in help desk, then a lot of time spent in desktop support. This was mostly due to a combination of my employer at the time paying for my bachelor’s and master’s degree, and a little bit of procrastination from my end as I got too comfortable with my job flexibility, duties, and seniority.

About 3 years ago, I took a new position as an "Engineer", but the position was more of a system admin (SCCM administration, application packaging/integration, group policies, AD administration). During that time, I really wanted to transition more into a security role that would align more with the master's degree and certs I obtained. I just felt at the time that I needed to pad my resume with more than just help desk and desktop support before any company would take me serious.

I started looking for a job in the info sec field about 3 months ago. I accepted a position as a Security Analyst II about 2 months ago. Within 5 weeks, I was promoted to Security Engineer that's going to be focusing an web application security. I did not find it too difficult to make the transition at my age. Employers didn't seem to find my age an issue either during the interview process. Before I accepted the position where I'm at now, I went on 3 other interviews. One I got to the final round of interviews (4th round), one I turned down the offer due to the compensation, and then the other one I pulled out of consideration due to the offer I did accept. My only regret is not getting into this field sooner.

infosecs

nathandrake wrote: »

While I'm not middle age, I think I'm pretty close (39), so I figured I'd give my story.

I've been working in IT since 2001. A few years in help desk, then a lot of time spent in desktop support. This was mostly due to a combination of my employer at the time paying for my bachelor’s and master’s degree, and a little bit of procrastination from my end as I got too comfortable with my job flexibility, duties, and seniority.

About 3 years ago, I took a new position as an "Engineer", but the position was more of a system admin (SCCM administration, application packaging/integration, group policies, AD administration). During that time, I really wanted to transition more into a security role that would align more with the master's degree and certs I obtained. I just felt at the time that I needed to pad my resume with more than just help desk and desktop support before any company would take me serious.

I started looking for a job in the info sec field about 3 months ago. I accepted a position as a Security Analyst II about 2 months ago. Within 5 weeks, I was promoted to Security Engineer that's going to be focusing an web application security. I did not find it too difficult to make the transition at my age. Employers didn't seem to find my age an issue either during the interview process. Before I accepted the position where I'm at now, I went on 3 other interviews. One I got to the final round of interviews (4th round), one I turned down the offer due to the compensation, and then the other one I pulled out of consideration due to the offer I did accept. My only regret is not getting into this field sooner.

kudos. Cant read a better post than yours on a Friday. Cheers:)

scaredoftests

I have defied it (I am 59). Just keep the skill set up to snuff and all will be fine..

Jon_Cisco

There are lots of reasons for age discrimination. Employers look for value and in some cases they feel the young guy that is willing to work long hard hours for little pay is a great value. Others might be looking for a little more experience and the guy in his early 60s might have handled a few more problems in his lifetime.

What you really have to address is what will you do if you don't change careers? Is everything fine and you will coast to retirement? Are you in a dead end job and can't pay bills? Will your job exist in 2 more years?

Be aware of possible discrimination but don't back away from the challenge. If you have decided a career change is the right move then go for it.

alan2308

I was 32 when I went back to school and transitioned into infosec. Age probably had a hand in a few things along the way that didn't pan out, but I've been doing fine. Especially when considering where I was before making the move.

The electronics field that I was in had all but disappeared by then. We reached the point it was cheaper to throw things away and replace them. There was a line out the door to interview for a $10/hr job fixing games at Chuck E Cheese.

triplea

Never too late to move....as others said just have some worthwhile skills and a bit of faith.

Im 46, took the sscp last year and have been helping the infosec guys for about 4 years even though Im really a systems admin from support desk.

I moved over into infosec this year and expect my infosec roles to see me out til retirement now. JUST KEEP YOUR KNOWLEDGE CURRENT.

Only took me 3 interviews with different companies ( 1 I got to the final 2 on ) and Im transitioned.

Keep plugging away and good luck.

Danielm7

I'm not sure where the "only young people" thing is coming from but I'm not seeing it. Outside of somewhere like defcon, when I go to local events I find tons if not the average person to be 40+. I don't know what you'd consider to be middle age but if you say 12-15 years experience you could easily be mid 30s, which is not middle age. If you're hung up on ageism in mid 30s just try to get over it, that's not remotely old.

yoba222

Ageism is a thing, sexism is a thing, racism is a thing, honey pyramid truthism is a thing. I prefer to not be a victim, so I positioned myself as best as possible to not appear to be too old as well as inexperienced from the perspective of those reviewing resumes and hiring. It worked.