I mean you can also work for your local hospital system, too, but sure those are all options, though you may find getting hired by them to be a bit difficult at first because your resume won’t have tons of experience on it yet.

Keeping data secure, especially in the medical field overall, is paramount, so the IT-medical field does have a certain level of job security to it but I’d personally find it boring. I get why it’s appealing on the surface however I’d recommended the MSP (managed service provider) space as a good career starting point because you’d get exposed to a fairly wide variety of industries and my logic was that you’d refine what you like about INFOSEC in the first year or 2 of working at the MSP while serving a wider audience’s security needs and once you know what sub-specialty you’re really into then go chase the bigger companies with a bit of experience “on paper”.

That’s just my $.02. :)

I’d recommend finding a junior security role at a Cloud-focused MSP to gain exposure and skills required at the larger firms.

Having the degree isn’t everything but it shows you’re motivated towards mastering the topic. We can teach you, you just gotta show up and want to do the job. There are plenty of non-scummy companies out there you can work for that’ll be a great resume builder, you just need to invest the effort into finding out which companies didn’t scrap the DEI rules and apply there ha.