Hello! My name is Mike and I am an infosec engineer with 10+ years experience. I've worked in GRC, Vulnerability Management, PenTesting & AppSec. I have 17 SANS certs (I have a serious problem) and I'm also an infosec community enthusiast and creator/mod for /c/cybersecurity. AMA!
My old work place had a relatively progressive training policy and a decently healthy budget. The real beauty of it was that the budget was a departmental pool. The IT department did NOT take a lot of training so those few of us who did want to take advantage of it had access to a huge pool of money. Think, 10 people accessing money meant for 100 people kinda thing…