Ask HN: Transitioning into Security

I'm a software developer with around 12 years experience. Recently, I've started to learn more about security (pentesting specifically). My interest in security goes back to my teens, when I was involved in local 2600 groups. Rather than perusing security, I went into development because it seemed to be the easiest way to jump start my IT career without a degree.

I'm concerned that making the change will be tough since my experience is all development with a small amount of administration / devops. Currently I am studying for my OSCP and working through HTB machines.

For people that have made the transition from a developer into a security roll, do you have any advice? How did you go about it? Thank you!