Agree with the outsourcing/offshoring issues, that’s part of life. But is you still want to be in IT, the further you move up in knowledge (specially abouyt a company’s business & processes), the lesser the risk your job could be at.

After security… why not IT Auditor? Tech knowledge is useful, as well as process-related one. And you need to ba able to understand risks, frameworks, audit guidelines, etc. Yes, this can also be outsourced (even offshored), but is a less risky path (AFAIK). For this a CISA certification (which also requires some experience, see: <a href="http://www.isaca.org" title="http://www.isaca. " target="_blank">www.isaca.org</a>) is highly recommended.

And with proper qualifications, well you can “offshore” yourself! (as far as you’re happy to relocate in a different country/region).

Good luck!
Diego.

CISSP has value to understand the whole security aspects. The guys like to say that gotten knowledge is one inch deep and miles wide.

You can start with the book CISSP Certification All-in-One Exam Guide, 4th Ed. (All-in-One) by Shon Harris or research online on <a href="http://cccure.org/" title="http://cccure.org/" target="_blank">http://cccure.org/</a> or <a href="http://www.isc2.org" title="http://www.isc2.org" target="_blank">http://www.isc2.org</a>.

The certificate require thinking like a manager and out of the box. I assume you are looking for a new challenge. According to your listed experience I assume that you can qualify for CISSP. Without experience you can still apply for CISSP Associate.

CISSP learning material can help you to decide where in security area you would like to deep dive in. Another option is to add to CISSP some project management certificate or MBA, as there is and it will even increase demand for such knowledge combination.

Are you sure you want to stay in the IT field?

What I’ve done is bit different. I decided to re-tool for a more “recession proof” job. By recession proof I mean accounting, life sciences (doctor, nurse, etc.) or law. This was a very tough decision, but the way things were going with the economy, offshoring, etc., something had to be done.

All of the complaining, no matter how well put together the facts were/are, companies turned the other cheek and IT people are suffering because of it. It has now evolved into us simply having to accept these things and living with them or moving on. The ups and downs in our economy and the way the country has been run over the last eight years or so, contributed to my decision. I love IT and still keep a hand in it, but overall, my career is transitioning to one of the recession proof ones I mentioned above.

What we need is more control over our careers! The IT world has changed too much! Salaries have gone through a decay process due to offshoring, industry lobbys, etc. The worry of layoffs loom over our heads every two or three years.

I think IT pros need to look at other alternatives, either inlieu of, or in addition to IT.

What will you want to do after security?