i want to start my career as a information security auditor. i completed my engineering in information technology in 2012 and working as a support engineer. i want to switch to information security path. please help me to choose the correct certification. i am confused whether to choose security+, sscp, giac etc. please help..