Any advice on requirements to have a shot at appsec jobs?
I have my sec+ and my job is devops. We do everything in AWS (no on prem at all). However I have no actual cyber experience. Our team is pretty small, so I do as much dev as anyone else and as much ops as anyone else (deploying/managing cloud infrastructure), including standard security stuff like IAM and network configuration. It’s also a small unknown company.
Is this enough to try and directly break into appsec, or do I need to start with another “cyber” role like SOC analyst or security engineer or something like that? I also plan on getting my OSCP at some point soon if that’s relevant.