嗯,用户发来了一段英文内容,看起来像是一个人在职业转型上的困惑。他是一位全栈开发者,有两年多的经验,现在想转向应用安全或安全工程师的角色。他提到自己的当前薪资是7.4万卢比每年,目标是在一年内达到20万卢比以上。他还询问了学习路线和目标的可行性。 首先,我需要理解用户的需求。他希望得到一个中文的总结,控制在100字以内,并且不需要特定的开头。所以,我应该直接描述文章内容。 接下来,分析用户可能的身份和场景。他可能正在考虑职业转型,寻求建议和指导。他的目标明确,但对如何实现不太清楚,特别是关于应用安全和DevSecOps的知识。 然后,考虑用户可能没有说出来的深层需求。他可能需要具体的建议、资源或成功案例来帮助他制定计划。此外,他对薪资增长的期望是否现实也是一个关键点。 最后,在总结时要涵盖他的背景、目标、困惑以及寻求的帮助。确保信息简洁明了,并且符合字数限制。 </think> 一位拥有两年全栈开发经验的技术人员希望转向应用安全或安全工程师角色,并计划在一年内将薪资从7.4万卢比提升至20万卢比以上。他寻求关于学习路线、优先事项(如AppSec基础、DevSecOps工具、认证或自动化)以及薪资目标可行性的建议。 2025-11-8 15:56:43 Author: www.reddit.com(查看原文) 阅读量:5 收藏
Hey everyone,
I’m a full-stack developer with a little over 2 years of experience (Next.js, Node.js, Docker, PostgreSQL). I’ve recently developed a strong interest in cybersecurity — especially application security and bug bounties — and I’d like to shift into a security-focused engineering role (AppSec / Security Engineer / DevSecOps).
My current CTC is ₹7.4 LPA, and my target is ₹20 LPA+ within the next year. I’m okay putting in serious effort to learn and build projects.
For developer roles, the path is clear (DSA + system design + projects = better offers).
But for cybersecurity, I’m confused about what the exact roadmap looks like to reach top-tier or product-based companies like Meta, Cloudflare, Razorpay, etc.
What would you recommend focusing on first — AppSec fundamentals, DevSecOps tools, certifications (Security+, etc.), or security automation?
How realistic is a 20 LPA+ goal in 12 months?
Any guidance, roadmaps, or personal experiences from people who made this kind of transition would be super helpful 🙏
TL;DR: 2 yrs full-stack dev → want to become security engineer and 3× my salary. What’s the smartest route?
如有侵权请联系:admin#unsafe.sh