I just started doing cybersecurity work and I want to get into the compliance governance aspects of security or risk management, or maybe even education and awareness. Generally, I want to be in something less technical because I want to have a good work-life balance and I just don’t enjoy much of the technical aspects like programming. I could also see myself doing something with a more risk management/threat management aspect to it. Currently, I am looking at staying at my current position for about a year because it’s really a development-type position. I already have the Security + so I think the next step would be to start working towards a cert that will get me into a compliance/governance or risk management/threat management type position.
Any advice is welcome.