You're not likely to have much luck jumping straight into the R/B team pentesting or forensics world without either some practical experience or certification. With a firm tech background I can imagine you can re-train into a slightly lower position on the security totem pole pretty easily though. Certs can be a mixed bag - pretty much everyone knows they don't actually mean a whole hell of a lot other than a basic grasp of the concepts, but some places will still use them as HR filters. SANS exams can be helpful and are not particularly difficult, but as you said, are very expensive. I'm not really sure about current pay rates for sysadmin type work are, but I wouldn't expect that significant of a pay cut, if you encounter one at all.
Security as a field in general is definitely hiring, though. You'll almost certainly be able to get a job pretty much anywhere in a large variety of companies. For example, here in the Midwest there's a lot of health providers, insurance companies, and banks that have plenty of positions available at locally competitive rates (though bear in mind this exists outside the SV wage bubble) and they generally do not have any qualms about hiring older folks.
Security as a field in general is definitely hiring, though. You'll almost certainly be able to get a job pretty much anywhere in a large variety of companies. For example, here in the Midwest there's a lot of health providers, insurance companies, and banks that have plenty of positions available at locally competitive rates (though bear in mind this exists outside the SV wage bubble) and they generally do not have any qualms about hiring older folks.