If you're an IT security professional right now, you're in a pretty good spot. Even in this recession, you've likely noticed strong demand in the job market. So what's the sweet spot over the next few years? Many companies are now looking for security specialists who can make the transition into GRC, a position that will ask them to "make the connections among security, IT risk and business, then contribute significantly toward the organization's bottom line," notes gov info security.

In essence, this is a way to move from the IT side to the business side, perhaps a stepping stone into management. Says one expert: "While other individuals still talk about technology and software, it's the GRC-focused practitioner who becomes a friend of the business and ultimately shares a senior seat with management."

To make the move, more companies seem to relying on various certifications, such as the Certified Information Systems Security Professional and Health Information Systems Programme, which work hand-in-hand with standards such as the ISO and COBIT. Credentials offered by ISACA, such as the Certified Information Security Manager and Certified Information Systems Auditor, also seem to weigh in a candidate's favor. 

For more:
- here's the article

Related Articles:
Gartner: Security IT spending holding firm
What to make of the Wall Street hiring boom
IT jobs outlook improves