Do you know any follow up books to read after that?
Read everything you can. Read other hacking books--Hacking Exposed, Counter Hack, Hacking: The Art of Exploitation. Read networking books--TCP/IP Illustrated, Odom's CCNA guides. Read programming books (pick a language). Read other security books--The Web Application Hacker's Handbook, The Shellcoder's Handbook, Inside Network Perimeter Security, Network Intrusion Detection by Northcutt and Novak, The Tao of Network Security Monitoring, Applied Cryptography, Understanding Cryptography by Paar and Pelzl.
For certs, the CISSP is required/desired for a lot of positions, especially if you push toward management but it requires five years of experience so it's something to look at down the road but not now. Many postings ask for the CEH so it's worth getting for that reason alone. The SANS certifications probably don't show up in as many postings as the CEH but they are generally more respected by tech folks. Look at GSEC, GCIH, and GPEN. The OSCP is one of the most respected certs among pen testers as far as I can tell, but it won't help you much with HR/business folks since they don't seem to know what it is.
BS in IT: Security, CISSP, CEH. MBA in progress.