It's indeed a large amount of traffic. But it's not scary. None of it will get through if your SSH software is up to date, you have it configured properly, and user accounts are managed sanely. The attacks to be scared of are those that are actually targeted at you. And they will find the port SSH is running on either way.
If you think someone could get in thru the ssh port (exploiting an undisclosed vulnerability or with brute force password cracking) moving it elsewhere is not a long term solution. fail2ban is good to avoid brute force attacks, but portknocking with i.e. fwknop will be safer in more situations. If a service is not meant for the public then they shouldn't be able to even notice that is there.
fail2ban and other programs that just grep a log file are a horrible idea as most of them can't properly parse a log entry and it's possible to inject an arbitrary ip address into the log file one way or another. I'm not sure if there are any outstanding exploits for the latest version of fail2ban right now but the whole concept of searching through log files that are in a format that can change at any time, aren't delimited properly, and subject to the sysadmin customizing is a precarious one at best.
Even if fail2ban and others were perfect, all it would take is the sysadmin customizing the log format to include some random field and all the sudden it's possible for an attacker to block every IP address with one request.
Does pam_abl work when you're not using PAM for authentication--only for authorization ("account") and session management? e.g., when UsePAM is enabled, but ChallengeResponseAuthentication and PasswordAuthentication are disabled.
I believe this is the problem with using pam_tally2. Then again, if you're only allowing PubkeyAuthentication then maybe you don't care about brute force login attempts so much.
If you're worried about that, it probably shouldn't be publicly accessible in the first place.
Yes, moving ports helps, but it's not a real defense. It just lowers bandwidth costs and prevents some not-so-harmful attacks (from people who don't know whether what they've compromised has any value.)
At the very least, use public-key authentication instead of password authentication for SSH.
I don't think you're committing career suicide. Sticking around indefinitely while you're miserable will not only suck the life out of you, but your drive to do well at work.
Might I recommend a book called Quitter by Jon Acuff? He's done a couple of books about making the leap from the corporate world to a more fulfilling "dream" job. It was a good, quick read.
If you've got the savings and a decent plan, I'd say go for it.
