Hello, I'm an IT professional with 5 yrs of experience in Software Quality Assurance and Information Security. When I say InfoSec, I mean I have experience getting my organization ISO27001:2005 certified. Mostly my job was concentrated on the Process Compliance part of it and also the entire cycle of ISMS implementation. As my long dreaded dream, I want to continue my career in only Information Security but I don't have a specific idea as where to start from how to start from. I'm interested in safeguarding networks, database security, cryptography and encryption. It would be highly appreciable if someone can guide me on this with respect to the courses or training to be taken so that I can be part of a real team tackling the Information Security issues. Thanking you in anticipation.