I think you are in a great position because you are dealing with risk, and that is by definition a business activity. So focus on learning about the business, interacting with business people and understanding how to relate security to your organization's business imperatives.
I'd rather see you further specialize in your field and gain a greater understanding of how your business operates and some of the critical success factors for your company, as opposed to getting a credential that simply indicates you can attend a boot camp and take a test.
There is no way to fake real industry knowledge in an interview. If I were you, I'd be spending my time focused on gaining that industry knowledge, as opposed to a generic security certification. That is, unless you are passionate about the technology. In that case, being in the risk management group may not be the best fit.
For more information:
Dig deeper on CISSP Certification
Related Q&A from Mike Rothman, Contributor
In the world of security certifications, what is the GISP and how alike is it to the CISSP? In this security management expert response, learn about ...continue reading
Depending on your enterprise, it may or may not be necessary to utilize a QSA. In this security management expert response, learn how to determine ...continue reading
When developing software securely, what role does gap analysis play? In this security management expert response, learn how to implement gap analysis...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.