Yes, information security is the same as labor safety or fire safety, etc., it’s not about hackers at all and similar romance that is shown in the movies. These are pieces of paper, tons of pieces of paper, a bunch of departmental regulations, orders and instructions of very dubious quality, often contradictory, on the basis of which you need to generate your tons of pieces of paper and magazines, collect familiarization signatures, etc.
Practical infobez, IMHO, such a specialty does not currently exist in nature, people come to it from different directions and there is no training program, since this area is very extensive.
An important point, if it speaks specifically about the allocated activities in the field of information security, then often the vacancies will not be traveling.

IB is a sign in a square.
You can't enter the IB "patamashta cool!". It is necessary to have a whole set of personal qualities that are quite rare in the population. In particular, one must be able to think logically and independently work with information, literally bit by bit fishing for it where at first, second and third glance it seems that there is no information at all. Or vice versa - to be able to catch the same grains from the insane flow of indirect information. That is, also to have inhuman perseverance and attentiveness.
If these qualities are present, then a person will completely enter the IB, and without asking anyone.
If they are not there - as the author of the question obviously does not have them - then yes, it remains only to shift the papers for a small price, except that in the form of a bonus the position will not be called "junior clerk" and "ibe specialist!"
Well, in principle, before you start looking at information security, you must first study in depth either programming or system administration. Not at the mysql_query level in popup and sudo apt install, but in-depth, in order to understand how programs and networks work. After that, if desired, it will be possible to drop into the IB almost by gravity.

80% of work and training is a routine, endless and dreary work with pieces of paper, salary fluctuates around 20k in areas,

There is no "average temperature in the hospital." Information security is a huge area in which there are dozens of directions, which are further divided into dozens of sub-directions.
It all depends on where you work - in one in an office with a hundred or two snouts, in a small department in an office of 500 people or in Sberbank, for example.
The smaller the office - the wider the range of responsibilities, the more - the narrower. In a small office, you may not be very bound by regulations, especially since you have to write half of them to you. In Sberbank, you can spend 100% of your time on regulations.
From outside, you can only get into IS into an office like Sberbank - where you will grow for a long time inside the unit. In a small office, I dug for a hundred or two - an IS specialist (if there is one at all) is usually one, maximum two, and he deals with everything and has access everywhere and expects him to solve everything, including very unpleasant issues (for example, to view one hundred thousand (this is not a turn of speech - there were actually a hundred thousand of them!) Photos and delete those compromising a certain person).
He should know the work of the administrator better than the administrator - because he has to control them.
The work of a lawyer - in a certain area of ​​\u200b\u200blegislation - is no worse than a lawyer
The work of a psychologist is no worse than an average psychologist (IB is not always about computers. IB is often about people)
There is no romance here. There are no emotions here - only the harsh ruthless truth that crushes illusions ruthlessly when you see on the operational monitor of the SMP that the girl from the reception, whom you secretly dream about, is corresponding with the boy from the sellers, and at the same time swearing like a shoemaker and is going to give herself for rides on a wheelbarrow...
This is boring, routine work, where there are a lot of mikrotiks (or ciscos, or even fortigate), a lot of proxy configs and iptables rules, a lot of logs and their analysis, a lot of SMP / DLP and no hacker romance

https://qna.habr.com/answer?answer_id=2054500#answ...

Specialty 10.05.02 Information security of telecommunication systems. Go ahead and learn, or at least check out the list of basic subjects that you need to master.