Hi @Dickens,
Welcome to the community forum 
Great to have you here.
I went down the rabbit hole in early 2017. I learnt a lot about smart contract security by reading OpenZeppelin audits: https://blog.openzeppelin.com/security-audits/
I learnt how to test smart contracts by looking through the OpenZeppelin Contracts repository: https://github.com/OpenZeppelin/openzeppelin-contracts
I recommend looking through our documentation and trying out various contracts from OpenZeppelin Contracts: https://docs.openzeppelin.com/openzeppelin/
An easy way to do this is to use the presets: Create an ERC20 using Truffle, Remix, buidler or OpenZeppelin CLI without writing Solidity
You may want to look at entering https://ethonline.org/ or the upcoming Solidity Underhanded Contest: https://twitter.com/solidity_lang/status/1301783896019947520