You don't have to be an IT expert to be in infosec
/Being a hacker like those seen on Mr. Robot is awesome, but don't fret...there are plenty of non-hacker positions needing to be filled in the information security or cybersecurity field.
I’ve seen a lot of blogs and stories detailing how you must be an IT expert (or hacker) in order to break into the cybersecurity/information security field. While they aren’t incorrect in some aspects, I think people often forget about the other jobs in infosec that don't require someone to be a hacker or IT expert. Being an expert in most, or all aspects, of IT would help you reach the top levels of infosec such as a security architect, bug hunter, malware analyst, penetration tester, etc. Don't fret though, because you can still still break into the infosec field without being an IT expert, or again a hacker. You should have a good understanding of IT concepts and you most certainly must have the ability and yearning to learn new things.
A good IT background could allow you to become a security engineer/analyst or a SOC analyst. By "good IT background", I would say 4-6 years in IT in roles such as a network engineer, system analyst, system administration, etc. or say 2-4 years in one of those roles plus a security certification. Those are just guidelines though, because in the end it depends on the person, the hiring manager, and the job requirements/duties of the open position. With all that being said, you have to be realistic. You may have to take a step back in title/rank and/or pay in your current position if you have been in the job force several years. I had several years of IT experience and took a step back in title and pay to get my first full-fledged infosec engineer role, but it was the best move I ever made.
If you just started in IT or don't have any IT experience at all, you could still jump into the infosec field. You could be limited to roles such as compliance analyst or business continuity analyst in risk management or a compliance auditor, but those positions could be a good foundation to help you progress in to other roles within infosec. You would still need to learn the foundations of IT by taking courses, on-the-job training, and/or passing security certifications to move into the more technical roles such as a security engineer/architect, but again being in a compliance or risk management role would be a good foundation to start with. I think to be great in the technical roles within infosec, you should have a good understand of compliance and risk management, so this would be a win, win if you did take this path.
I encourage you to take the time to read blogs from other infosec professionals. I just want you to keep in mind while reading those blogs that it is possible to break in to the infosec field without being an IT expert or "hacker". If you truly want to be in the information security/cybersecurity field, I also encourage you to reach out to people in the field and find someone you can relate to. A lot of us will, and do enjoy, mentoring people, because we know our field needs more good people that want to learn and help others...regardless of their IT and/or hacking background/skills.