Fresh Graduate Going into Penetration Testing?

Cybersecurity as a whole is a field that is highly unlikely to ever go away. The simple reason for this is that technology is advancing at such an accelerated rate in the 21st century-- compared to any of the preceding centuries of humanity combined-- that it is extremely challenging for cybersecurity professionals to keep up when it comes to securing new technologies. For this same reason, pentesting is unlikely to ever fall to the wayside in the job market. The first step to securing any software or hardware is demonstrating that there are exploitable vulnerabilities to begin with.

Having said that, penetration testing is a very specific subdiscipline of cybersecurity. A common certification which most entry-level penetration testers need to start a career in pentesting is the OSCP. There are many other security certs that you can get such as the Security+ or the CISSP, but if you look at the chart in this link (https://pauljerimy.com/security-certification-roadmap/), you'll see that the OSCP, along with the Exploitation section in general, makes up a very small part of what cybersecurity consists of.

Furthermore, if you take a look at the following chart (https://pauljerimy.com/it-career-roadmap/), you'll see that cybersecurity in general makes up a very small portion of what IT consists of. That doesn't necessarily mean that you will stay in cybersecurity forever. In fact, many people have a non-linear career path in IT. But if you want skills that will transfer to other subdisciplines in IT, you may need to pursue other certifications. I am not an expert in what kinds of non-cybersecurity certs you should pursue, but if you foresee yourself staying in cybersecurity for the next decade or so, the CompTIA Security+ is the place to start for you.