Addressing SSL/TLS vulnerabilities in IoT Device client side implementation

I understand SSL/TLS is the most commonly data transmission protocol for a secured communication. I need to implement the same in one of the IoT device (ARM® Cortex®-M4 Core at 80 MHz). This will be TLS Client implementation.

Since the device is a small scale device, I am looking for a light weight SSL Library (bearSSL, mbedSSL, ..) to use.

Device needs to store as well as transmit data to server; and I need to ensure a secured communication with data confidentiality and integrity; avoiding any possible attack (MITM,..).

However as I got to read, there are vulnerabilities/pitfalls in SSL/TLS also, does just using a right library will ensure addressing them? Or there are specific things I need to do in my code implementation to address them?

Like right ciphersuite selection; generating and securely storing the keys (key management); …

request for some insight into this.