Opportunity to pivot from IT Audit into a security manager, but more focus on Program strategy design and implementation?

I’ve had a progressively more technical IT Audit career beginning with Sox and then focused on Auditing and Assessing ERP Security, GRC, Etc… we will say 10+ years, with the last 5 focused on much more technical design, GRC programs, TPRM, and oversight role where I operate more in a collaborative capacity with all the technical IT folks. I’ve essentially built out the program and then guided adoption over 3+ years. I’ve got Certs spaced out over the last 5 …

audit auditing career cybersecurity design erp etc focus grc manager opportunity pivot program security security manager sox strategy technical tprm