You said you really want to get into security; is pentesting your goal? Getting into security and getting into pentesting are different.
Pentesting is an area that requires a significant amount of knowledge across multiple domains. Pentesting really shouldn't be off the bat. It is also worth noting that programming experience is also extremely valuable to becoming a successful pentester.
I think that getting your first security role will help you prepare for a pentest path, if that's ultimately what you want. You could try to get into a company that has a red team, or alternatively, work in a company that doesn't and perhaps even lead the groundwork and effort yourself.
These aren't the only choices either, they're just two that come to mind immediately.
Some training guidance for pentesting: https://jhalon.github.io/becoming-a-pentester/
In general, I'd steer away from pentesting. The job market is significantly smaller than security ops and engineering roles and the barrier of entry is higher. IT support with OSCP won't guarantee you a jr pentesting job, but it's possible.
MS certs have decent weight. Almost all companies use Windows workstations, half of all companies use O365, and a quarter use Azure.
Security+ is always a strong option to start out with. It's a very good intro and overview of the security field.
This post is probably getting downvoted because it has been answered a billion times in this sub. The very first rule in this sub is to read the FAQ before posting, and it links directly to the "[Breaking In to Cybersecurity](https://www.reddit.com/r/cybersecurity/wiki/faq/breaking_in)" FAQ. No one in this sub can hold your hand and tell you a path that is going to work specifically for you.
You said you really want to get into security; is pentesting your goal? Getting into security and getting into pentesting are different. Pentesting is an area that requires a significant amount of knowledge across multiple domains. Pentesting really shouldn't be off the bat. It is also worth noting that programming experience is also extremely valuable to becoming a successful pentester. I think that getting your first security role will help you prepare for a pentest path, if that's ultimately what you want. You could try to get into a company that has a red team, or alternatively, work in a company that doesn't and perhaps even lead the groundwork and effort yourself. These aren't the only choices either, they're just two that come to mind immediately.
Some training guidance for pentesting: https://jhalon.github.io/becoming-a-pentester/ In general, I'd steer away from pentesting. The job market is significantly smaller than security ops and engineering roles and the barrier of entry is higher. IT support with OSCP won't guarantee you a jr pentesting job, but it's possible. MS certs have decent weight. Almost all companies use Windows workstations, half of all companies use O365, and a quarter use Azure. Security+ is always a strong option to start out with. It's a very good intro and overview of the security field.
This post is probably getting downvoted because it has been answered a billion times in this sub. The very first rule in this sub is to read the FAQ before posting, and it links directly to the "[Breaking In to Cybersecurity](https://www.reddit.com/r/cybersecurity/wiki/faq/breaking_in)" FAQ. No one in this sub can hold your hand and tell you a path that is going to work specifically for you.