[howlett]

The reason I switched was because pen testing is in really high demand and will stay that way for a few years to come. Also, I didn't want to get full time into management at this point.

My security skills were average (hobby for about 10 years but mostly because I was a web developer) but like I said the OSCP did most of the work in terms of getting the interview and doing any technical test. The course itself took about 2 months, 6 hours every day after work, and fulltime weekends!

My suggestion would be to do the OSCP course and if you like it then go for it. There is also vulnhub.com which has a lot of CTF VMs where you can practice (I personally dislike CTFs because I find them unrealistic).