Just got a copy of Security Risk Management: Building an Information Security Risk Management Program from the Ground Up.
The book goal is to teach you practical techniques that will be used on a daily basis, while also explaining the fundamentals so you understand the rationale behind these practices.
Took a brief look and looks to be a really good read.
Full review to follow.