Cyber paths that combine business analysis and technical implementation

I've been working in GRC for a consultancy for 5 years (primarily NIST and ISO audits, data security, and cyber strategy work). I have broad but non-specific cyber knowledge (ISO auditor, security frameworks, SSCP, Net+, variety of basic cloud certs)

I've spent the last 2 years working on a variety of IAM projects, implementing Sailpoint solutions. I love this work - IAM generally, but more specifically ​the combination of business analysis/requirement gathering and technical implementation. It suits my skillset and …

analysis business cyber cybersecurity technical