Daniel mentions a few of the types of security testing but there are so many more. There is software, hardware, social engineering, network, IoT, …
The key is to pick 1 of these and start a deepdive, don’t try to do them all together or you’ll get lost.
I mean it helps if you have an IT background but what really matters is motivation and the willingness to learn. People often say you need to code to be a good hacker but that’s not true. You don’t create your own word or OneNote to write something down right? To become a superhacker yea then you’ll need it to create your own “stuff”. But yea it does help to know a bit to understand what’s going on at some point, depending on the field of choice.
I think you’ll like this video from Stök:
How i became a HackerOne MVH without writing a single line of python (Motivational talk)
The video below: HOW TO GET STARTED IN BUG BOUNTY by Stök - Why do I link this? It’s about security testing explaining his journey. Also very motivational.
Anyone who is willing to learn can do it.
Certifications are just tests so that you can prove that you sort of know what you are talking about. So focus more on the Hands On part.
Elon Musk once said
“I hate when people confuse education with intelligence, you can have a bachelor’s degree and still be an idiot”
Also: Google is your friend in security testing 
If you want to get started, you’re going to have to learn about vulnerabilities and there is no better way to do it then hands on or reading reports from bug bounties.
That way you can see how others think and what others do to get the job done.
Hope it helps a bit, if you have more questions, shoot!
Kind regards
Kristof