Should I move back from Cybersecurity to Software?

Question

I started of as a SDE, but moved to a web application penetration tester role around 3 years back. I feel that I've grown stagnant and am seriously considering moving back to software. Any thoughts?

howlett · Accepted Answer

I think you're just stuck because your current employer doesn't have clear paths of progression. Usually in 3 years pentesters move to an either team lead role or pivot to other areas like simulated attack (red/purple teaming).If you enjoy pentesting, I'd just look for another job, especially since the demand for ex-devs in pentesting is huge. Have a look at a previous comment I posted: https://news.ycombinator.com/item?id=32303528#32305561

minds-matter · Answer

Cyber security is a very broad domain. There are roles where your combination of experience would be both interesting and valuable.
You might find it interesting to explore other areas of the domain through the Cyber Security Body of Knowledge [1] or through some activities I’ve been putting together on Cyber Springboard [2]. See which areas might interest you, and then find roles that allow you to grow in those areas.
Moving back to software with security experience can be a good way to keep your skills fresh, but with a different perspective and set of skills that you can use to help grow others around you as well.
[1] https://www.cybok.org/ [2] https://cyberspringboard.com/

worthless-trash · Answer

There is more to the cybersecurity than web apps..But seriously, do what you want.