The one thing that I learned and it was totally by accident is that security is the one thing that having a history on makes you more valuable to the company. The company also gets very nervous to the point of paranoid about moving the work, the testing and the architecture to another country. Even though I personally think that there is little chance of anyone embedding something in the product that would leave a back door (given the reviews we go though), the company does not think the same way. And from a history standpoint having all that old school shit in my head and pulling it out like "ya, this is a variation of the XYZ attack that was run years ago, we should be able to apply the same logic to prevent this, or at least it will be a starting point to prevent it" . Many times this my exec management has said " this is exactly why we pay you". But all that being said, if you do not stay current you will be unemployed, but with security once you spend years learning the basics of the subject staying current is still work but manageable.