Well, I'm in a somewhat similar position.  I'm actually federal sector, but I'm 1 week from taking my CCNA, just finished up ccna3 and 4 classes.  Next I'm grabbing my Security +, Network +, and CEH.  The CISSP is also a good one to look into, as it is widely accepted and respected.  I'm gunning toward network security management, so I am splitting up certs in both the security and networking arenas.  I already took the classes for the A+ and Linux +.. so I will probably end up getting those too.  The comp TIA certs arn't overly impressive, but at least they don't expire and you don't have to worry about them too much.  From what I have heard the CEH is growing in acceptance.  It is definately rather popular... quite possibly due to the name alone.  CISSP is a solid security cert that looks good to management though, and is worth looking into.

do a sans course like GCIH if you have the cash

SANS offers excellent training. I took both the GCFW (Firewall) and GCIH (Incident Handler) tracks. If you can attend a SANS conference do so! You will meet a ton of interesting people and learn a great deal. I was fortunate enough to attend a week long track in Las Vegas last year for the GCFW then I did the GCIH with a local mentor. Both have their advantages.

The conferences are more expensive but you see and do so much more. The downside is the material is presented very quickly and it's hard to absorb everything in five days. Going with the Mentor program or doing the online track may be better if you plan to attempt the cert. You have more time to digest the material and try out all the stuff you've learned each week.

I can't praise the guys at SANS enough. They are very professional and are worth every penny.