I personally as a general rule don’t hire people who work in cybersecurity if they were not traditional developers first. The chances of you understanding “cybersecurity” without also understanding how general software works is extremely low.

This is true for most sub-fields. The average person in them is either a failed dev or more of a pencil pushing box checker. The quality employees are devs with extra specialized expsrtise

Security, qa, devops, data emgonerkng, the list goes on and on.

Infosec also adds the angle that you want someone with actual grey or black hat hands on experience

This is broadly true for all concentrations in cyber. There is no entry level. Your first job should be learning how what you want to focus on works… be it networking, sysadmin, devops, vendor risk management, etc.

Unfortunately, cybersecurity was a hot topic in the education market and people got sold on the idea that they could get a six figure job with nothing but some theory and an entry level certification.

Kind of funny, my cousin studied software development, then she pivoted to cyber security last minute because she was uncomfortable about finding work, she's been through a few different companies so far, so I guess it worked out for her.

100%. I started out in cybersecurity and was complete shit. I gave up and went into software engineering and devops instead. Now returning to cybersecurity again and things finally make sense