If you are looking for a job in cybersecurity, web application testing is the area I’m recommending people to take a look at.
There are mad positions open for this skillset.
Please drop some resources here to help people get skilled up.
First thing I recommend is learning how to write web applications yourself.
I’m still a fan of Ruby on Rails for quickly learning to do web app dev.
By doing dev everything will start making sense.
Ultimately that’s who you will communicate with.
Build your own APIs and interact with them with Burp and Zap proxies.
Use the OWASP top ten to secure your own app.
Install SSL certs, ddos mitigation, try to automate deployment on Amazon, Heroku
Everyone is using free stuff for the most part.
You can learn the basics of that for sure.
Your not trying to be a corporate dev, but you want to understand their process.
You can learn from their job requirements what to study
Use YouTube and Google.
This is exactly what we all do to learn something new.
There are no secrets.
You can do it.
Learn to do a proper threat modeling. At @threatcare we use STRIDE. Go look that up.
Use @Microsoft free tool to create some data flow diagrams of your application.
I believe that you can’t do a serious assessment without threat modeling.