I've been an IT Auditor for 5 years and I just got an offer for a Senior IT Auditor position with another company for $10k more than what I currently make. The problem is I find auditing boring and I've been trying to change my career track to a more technical role in information security. I even achieved my CISSP and I'm also CISA certified but I cant seem to get an in person interview for a security analyst position after the technical phone screenings. Should I take the Sr IT Auditor position or keep trying to pursue something different? Part of the reason why I interviewed for the audit position was due to frustration and boredom from my current job.
Sorry I'm a bit late to the party. It's not an easy transition, one I don't have the answer too as I'm working through the same problem right now. From my experience I can share this:
With a Senior IT Auditor role you may find more of an opportunity to work with external security firms or directly with your information security group or network security. You could also look into information security governance or an information security officer type role as a career plan.
Do you have a mentor? If not now is a good time to get one, try looking outside of your job (maybe at your local ISACA chapter?).
Try asking potential employers for feedback regarding what they are looking for. You've got good experience, and the right certifications, I'm assuming their concern is limited technical background?
In short, I'd take a Senior IT Auditor position and keep working to better yourself professionally with some direction from a mentor to move into Information Security (i.e., that doesn't mean you have to stop applying for those jobs!).
Goodluck and keep us updated!
p.s.<-----waiting on Cisa results from the June exam.