In information security, if you are interested in programming, you can automate:
- response to incidents - automate the response of the protection system to an incident (pass IP for blocking, send hash for blocking), automate the deployment of protection tools and their settings - SOAR.
- interaction of SOC components - you need to be able to get an indicator of compromise, transfer it to SIEM, send requests to different systems based on the events found in order to collect data and enrich the incident itself with them
- audit automation - collection and processing of data: configs of network devices, servers, settings parameters and policies, further checking them with the configuration standard and generating a verdict (the requirement is met or there is a violation), with the issuance of a recommendation for correction
- access control automation - you requested access, and the program should go to the target system and issue access that was agreed, check along the way for inconsistent accesses and role intersections - IDM
- automation of access negotiation for a security guard
- etc.
I think you will post a vacancy and you will find a job in an instant.

Firstly, information security is more paperwork than programming. Secondly, if IB is supposed to be a kind of full-time hacker, then you should look towards C. Ideally, also with Assembler.

After virus epidemics that affected industrial enterprises, information security in industrial systems was popular several years ago. These are not so much scripting languages, but rather network and application protocols, vulnerabilities in them ... Kaspersky then just brought KICS to the market and began to actively advertise its OS for industry.
Look in this direction too. Maybe it will be interesting.

as an option, go to the sites of positive technologies, group ib, kaspersky and see what technologies are indicated in the vacancies