While I'm not a security pro (I wear the hat at work from time-to-time), here's my take...practice, study, and training. Definitely get comfortable with networking, and having a programming background would be good, too. If you have the $ and time, I'd check out Offensive Security (the training arm of BackTrack). I haven't taken any classes myself, but they are on my to-do list.
Here's another link which may help.