I've been in this role for roughly 3 months now and I'm enjoying it so far. It's kept me challenged and busy the entire time. In my prior roles, I haven't had that. I'm also studying for the CISSP, so that's eating up my free time, but I think it's a worthwhile investment. I've been involved with everything from reports development to working with vendors on security solutions. So this is a great position for a 20 something person that has an interest in IT Risk.
The confusion now is what direction do I want to go in. I mean do I want to focus on governance, resilience, or risk consulting?
That's the next question