Working on moving from being a penetration tester (pentester) into a risk and compliance, specifically PCI-QSA position. Several people have asked me if I have gone crazy, but the answer would be no (well I do not think I am going crazy at least). While I do enjoy being a pentester, I am just looking at moving into a position that will allow me to move into a management position somewhere later on. I figure with the experience of being a pentester and a QSA will give me a broader perspective.
Took the PCI fundamentals course the other day, and completed the exam at the end to allow me to sit for the actual QSA course/exam. I was actually surprised at the content that was needed to go over to take the fundamentals test. Scheduled to go to Boston on June 18 to take the course, and will sit for the exam at the end of the course. Hope I am a little more prepared to take the exam than I was for the fundamentals course.