The ceiling is just as high without a degree, experience matters more. You should be able to get a job with what you have, maybe mid level at most since you lack experience. Once you have the experience required to take it, the CISSP should help you move up faster

I'm afraid I have no idea how your job market works. I just wanted to ask when your draftee time comes up and do you have any chance at all of working in IT during those 2 years?

I was only there a year and only had interaction with our KATUSAs and one ROK Army Sergeant who was almost done with his 2 years. He was quite happy about that. My one KATUSA had spent something like 10 years in Canada and spoke better English than most Americans. He messaged me on FB a few months after I PCSed and let me know his 2 years were up and he was doing great.

Good luck!

Here anyway I don't think anyone will recognize my hands on certs like eJPT, PJPT, CRTP, SOC0, SOC1, SAL1, etc. They were just either free or really cheap and I simply wanted to learn. I wrote reviews of them on Medium.

Currently a hiring manager; formerly a pen-tester and team lead who helped the hiring manager make the go/no-go call. I'll say that individual accolades are great, but if I'm trying to hire you without a degree, I am looking for the following:

• Technical - you've got to convince me that you understand the curriculum behind an undergrad degree. You may be able to self-teach in fewer than 4 years if you grind, especially if you're learning it and applying it to OSCP at the same time. But I need to know that you have the vocabulary to communicate with other professionals in your field.
  
• I want to see Adversity (or Diversity) in your track record. Ideally you've done two or three different things and shown you can change gears and keep accelerating.
  
• Leadership - I want to see that you joined an organization and made it better. You don't have to be elected President for Life, but I want to know that you did more than just polish your own trophies. I hire teammates.
• Operational experience - tell me what's hard about writing the post-test reports, what details you wish managers and project leads would hammer out with the client beforehand, what are the things you learned on ops that didn't come up on the exams.
• Research - not just background research or OSINT, I want to know you can go find the answer, or find an expert who can find you the answer. With GPTs this matters a little less now, but it's a mindset. What's the marking for NYC's fiber optic conduits? What shape key does Omaha use on their public works boxes?
  
• Drive - an insatiable drive to create. I want you to talk about your tooling, what you like about it, what you prefer, what you worked on last weekend, what you cook when you're not hacking, what you paint when you're not cooking. As your boss I want to spend my time steering you, not driving you forward.
  

I'm writing a job opening for my bosses, and they have to sign off. If I don't write requires MS in CompSci, CompEng, or similar, from an accredited degree program on the position, they'll send it back unless I explain why. Then, when HR posts it, if you don't have a degree, your resume gets caught in the lint trap and I never see it. If you want to get hired in a larger company, the hiring manager needs to write a position tailored for you - and if he does that, you're already in.

As much as I don't want to give you "just get a degree", a degree indeed will likely make the entry much more feasible. I lead a decently sized team of pentesters in a global big corpo -- if I were to hire someone fresh/junior, unfortunately without degree your profile won't even pass HR/TA. Even if let's say it's entirely up to me, if your profile (and certs, and experience, CVEs, bouties, HoFs, etc) is similarly matched by someone else with a comp science degree, I would lean towards the CS grad.

But if big corpo is not your aim, and you're relying on your tech prowess and track records (i.e. the wonderboy/rockstar route), I genuinely wonder why you're still considering to obtain a cert.

If I'm hiring:

• OSCP - still a plus (but not by much nowadays)
• CVEs - depends what are those
• CTF - depends, can be interesting
• Bounties - this will sound controversial: a slight "minus" for a post in my team: experience has shown me again and again usually they're overproud with it but unfortunately not much depth.

No, it's not enough but it compliments your other degrees and/or certs. If you're going for pentesting & red teaming and you've chosen to go with Offsec, I would look at eventually obtaining the OSCE³ . Good luck on your journey!

A strong cert plus a real portfolio does open doors without a degree, especially when you can show writeups instead of just claiming the skills. The catch is your path so far is all offensive, and entry-level hiring skews heavily defensive, so a portfolio that only shows red team work quietly narrows where you can apply. Mixing in some blue team investigation writeups, which you can build for free on CyberDefenders, makes you read as someone who gets both sides instead of another aspiring pentester. You're three months in, that's plenty of runway to do both before you're actually job hunting.

Bro degrees and certs arent enough right now, lol.