I have switched from finance to security ("Next Gen" IPS Company) two years ago and sadly I have to agree with most of the comments regarding the current state of the industry.
While I have heard good things about OSCP, I think CISSP is better known and it might be easier for you to get a foothold in a security position with this certification.
Pentest can be a good place to enter the field but from my experience it gets repetitive quickly. Also, while it's a good way to understand the vulnerabilities, you seem more interested in securing/defending than offensive security. Joining a SOC team might be a good starting point.
While I have heard good things about OSCP, I think CISSP is better known and it might be easier for you to get a foothold in a security position with this certification.
Pentest can be a good place to enter the field but from my experience it gets repetitive quickly. Also, while it's a good way to understand the vulnerabilities, you seem more interested in securing/defending than offensive security. Joining a SOC team might be a good starting point.