u/TodayFar9846

Hey everyone, long-time lurker, first time posting here. Looking for honest advice from people who've actually made this kind of transition.

My current stack:

Python · Django / FastAPI · Docker + Compose · Kubernetes (basics) · Redis / PostgreSQL · Celery / Async · Bash / Linux · RTSP / FFmpeg pipelines / LLMs · YOLO / OpenCV

I've been building backend systems and a full AI-powered camera security system from the ground up — ingestion pipelines, async workers, containerized deployments, the whole thing. So I'm not starting from scratch, but I know my infra/ops knowledge has real gaps.

Now I want to go deeper into the operations side — CI/CD pipelines, infrastructure-as-code, monitoring, cloud, reliability engineering. Basically bridge the gap between "I can Dockerize things" and "I own the entire deployment lifecycle."

What I want to learn next:

• CI/CD pipelines end-to-end (GitHub Actions, GitLab CI, Jenkins?)
• Terraform or Pulumi for infrastructure-as-code
• Proper Kubernetes beyond just "kubectl apply" — RBAC, Helm, Ingress, autoscaling
• Cloud fundamentals — AWS or GCP (which is better to start with?)
• Observability stack — Prometheus, Grafana, ELK, alerting
• GitOps workflows — ArgoCD, FluxCD

Real questions for this community:

1. What order should I learn these in? I've seen conflicting roadmaps. Some say start with cloud, others say master Linux first, others say just go build something and learn as you go.
2. What are the actual painful problems nobody tells you about? Not the beginner stuff — I mean the things that trip up even experienced engineers. The stuff that takes months to unlearn or figure out on your own.
3. Career reality check — I'm coming from a Python/ML background. Will that help me in DevOps roles or will recruiters just not take me seriously because I don't have a traditional sysadmin / infra background?

The real problems I'm already anticipating (want your take on these):

• Tool sprawl confusion — Terraform vs Pulumi vs CDK vs Ansible vs Chef — no one agrees and every job posting wants something different. How did you pick one and stick with it?
• Cloud costs — I have zero experience budgeting cloud infra and I know this bites everyone at some point. Any war stories?
• Debugging distributed failures — logs scattered across 10 services, no clear owner, alerts firing at midnight. How long did it take you to get good at this?
• Kubernetes complexity cliff — goes from "simple" to genuinely hard very fast, and tutorials always skip the hard parts. What resource actually helped you get past that wall?
• "DevOps is a culture, not a role" — some companies don't even have a DevOps team, it's just dumped on top of dev work with no extra support or title. How common is this really?
• Imposter syndrome — coming in as a developer, not a sysadmin, means constantly feeling like you're missing some foundational Linux/networking knowledge everyone else just has. Did this get better?

​

Hey everyone,

I’m currently interning in AI/ML and have built up a really strong technical foundation in backend engineering, computer vision, and infrastructure. On paper, it looks like a great path, but I’m facing a major dilemma and need some honest career advice.

I don't think I have a developer mindset. I think my mind is wired for cybersecurity.

When I look at code or infrastructure, my brain doesn't get excited about building it from scratch. Instead, it instantly goes to: Where are the mistakes? Where are the insecurities? How can this be broken or bypassed? Observing system flaws, finding edge-case vulnerabilities, and spotting gaps is something that just comes naturally to me. It's how my thought process works natively.

Because of this, I'm seriously considering making a hard pivot into Cybersecurity. But before I pull the trigger, I want to ask this community: Should I actually make the switch, or am I risking a major career gap?

My Background & Technical Stack:

I am not a complete beginner to tech. I hold a BCA and an MSc (CA & IT). Here is the technical stack I

already use daily:

• Backend & Code: High proficiency in Python (FastAPI, Django, Flask), C, Bash scripting, and handling concurrency/async pipelines.

• Networking & Hardware Infrastructure: Massive deep-dive into IP networks, ONVIF protocols, RTSP/RTP video streaming, and FFmpeg configurations (I built a complex intelligent surveillance architecture called Sentrix-AI).

• DevOps/Cloud: Docker, Docker Compose, and currently working with Kubernetes (managing pods, services, network policies).

• AI/ML Security: Experience with anomaly detection, YOLO models, and working with LLM APIs/Agentic workflows.

Web Scraping & Automation: Advanced headless scraping and automated browser workflows using Playwright.

I already understand concepts like OWASP, JWT token authentication, rate limiting, and SSL/TLS from the backend side.

The 3-Month Countdown Situation:

I have exactly 3 months left in my current internship. My goal is to utilize these 3 months to upskill intensely in security so that immediately after this internship ends, I can land a Cybersecurity internship. I absolutely want to avoid a major career gap between roles.

My Questions to the Community:

1. Is 3 months enough time to pivot? Given that I already know Python, networking, Linux, Docker, and Kubernetes inside out, can I learn enough dedicated security concepts in 90 days to be employable for an entry-level cyber internship?

2. Will this look like a bad career gap or a messy pivot? Will recruiters look at my BCA, MSc, and AI/ML internship and think I am unfocused, or will they see my backend/infrastructure skills as a massive advantage for security?

3. Where would I fit best on Day 1? Are there specific niches (like AppSec, DevSecOps, Cloud Security, or IoT/Surveillance security) where my background allows me to skip the basic helpdesk route?

4. What should I focus on during these 90 days? Should I grind out a specific practical cert (like eJPT or a specialized cloud/K8s security cert), or focus purely on building security-focused portfolio projects?

Everyone keeps telling me AI/ML is the future, but I feel like I'm forcing myself to be a "builder" when my natural instinct is to be an "auditor/breaker." I'd love to get your brutal, honest opinions on the timing and feasibility of this switch.

Thanks!