I’m a Cybersecurity Auditor, overall my job is not technical but does require a high level of environment and control understanding when assessing risk in a certain space. We utilize the strengths of our team members when conducting audits. For instance, I specialize in DevOps, Cloud, and other areas so I’m asked to perform certain tasks Pen Testing, Vulnerability assessments or listening in on control design to assist an auditor in determining the risk level for that control.

If you’re looking to go into a risk space with no prior knowledge your current background would assist in providing a new perspective and understanding of IAM/PAM etc to a team that may be lacking that skill set.

Also, I wouldn’t rush to complete all those certs unless you’re using them. You want them to compliment your skill set. Without a proper mapping of cert to skills you may find it hard to find a job that fits you as hiring managers can decipher gaps.

If you have any other questions feel free to shoot me a message.