Follow any certification path. Most popular choice will be OSCP-
Follow it end to end. Dont waste time/money in beginner certification. Instead invest it in htb/pentesterlab other labs.
If you dont have money for OSCP or other good certs. do Bug bounty/internships if you get a chance. For BB, you will learn more via twitter/reading reports/actually hacking instead of a course or watching YT.
There’s one advice I have read multiple times- Learn/follow technology instead of security.
To start with you can follow TCM Sec courses and then gradually up your level.