Nice. How do you plan to manage the switch?

In my area cyber security companies only hire people with the same background and experience. Without that, HR will just filter you out.

I'm like you, CompSci degree with embedded background and working on my Offensive Security certificate.

So far it’s just been a lot of theory (books, man pages, reading PoC code and vulnerability disclosures, dusting off old texts on networking) and practice (CTFs, bug bounty, writing my own exploitable apps then fixing them after, trying out PoCs) since I want to hit a certain level of competence before applying for jobs.

I’ll be talking to contacts in cybersec and HR/recruitment departments in my area since the hiring filter is a bit of a concern. I’m used to going around HR, but not sure how that plays out in this industry. Despite doing front-end and full-stack development for every position I’ve had I do feel I need to groom my experience a bit to downplay my UX/UI contributions. Worst case is I get certs like the OSCP you’re getting to speed things up.

That's an interesting jump. Mind sharing how that came to be?

After doing design for so long I just didn’t feel excited about what I was doing day-to-day nor did I find the discussions in the industry that interesting.

But I never really got tired of programming and at this point in my life the latter meshes better with what I’m interested in – privacy, encryption, hardening or subverting systems, etc. – than the former. I also get to reapply knowledge that was abstracted away while I predominantly did front-end development.