I think you are in a great position because you are dealing with risk, and that is by definition a business activity. So focus on learning about the business, interacting with business people and understanding how to relate security to your organization's business imperatives.
I'd rather see you further specialize in your field and gain a greater understanding of how your business operates and some of the critical success factors for your company, as opposed to getting a credential that simply indicates you can attend a boot camp and take a test.
There is no way to fake real industry knowledge in an interview. If I were you, I'd be spending my time focused on gaining that industry knowledge, as opposed to a generic security certification. That is, unless you are passionate about the technology. In that case, being in the risk management group may not be the best fit.
For more information:
Dig Deeper on Information security certifications, training and jobs
Related Q&A from Mike Rothman
While liaison officer responsibilities vary depending on the company they work for, their strong organizational and communications skills make them ... Continue Reading
The CISSP certification can be a challenge to obtain. Mike Rothman unveils how to get on the right education and career tracks in order to get CISSP ... Continue Reading
In the world of security certifications, what is the GISP and how alike is it to the CISSP? In this security management expert response, learn about ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.