I need some advice and guidance…
I currently work in security with 15+ years background in Admin and Engineering. Generally speaking my role is more Security Admin, leaning towards GRC. More specificially I manage enterprise security solutions, push CIS standardsbenchmarkspolicyproceduresstandardization improvements and identify risk.
Progress is incredibly slow, at best. I am 100% capable of remediating just about every finding I’ve identified AND I have the time to do so but … separation of duties. The speed of change is too slow, I’m bored and losing my technical savvy. Submitting a ticket and waiting is not my thing.
I’ve been circulating my resume but not getting many hits. I’m fairly new to InfoSec (3 years) and lack certifications. That said, the SecOps manager (whom is much younger than I but has my respect) is attempting to recruit me for the primary role of EDR, threat intelligence and the like.. specifically because of my background and reputation.
Would accepting a position in operations (even though we’re not the classic 24/7/365 operations) with a focus in EDR be moving backwards? Is GRC generally a more lucrative position than Threat Intelligence? Should I wait it out in GRC and continue to “move the needle”? Is it okay to be bored and perhaps use that time to cert up? I’m definitely in need of advice.