So our budget has allotted for 3 business related certs per IT employee this year.

My current role is the jack of all trades IT guy (1 of 8) with most of my responsibilities falling in the realm of security. I have a INFOSEC BAS degree.

What 3 security minded certs are actually worth the money? Cost is an issue but we have a negotiable price depending on the cert. So In your experience what is worth having?

I was thinking SOX, Hippa and Sans Giac/GSNA .... any thoughts?

I have been thinking about an RHCE but it is not work related as we use UNIX and Windows primarily. Only a few of our systems are Redhat....