How to Become a Security Manager
Information Security Manager Job Overview
Security Managers or more accurately titled, Information Security Managers are individuals responsible for the protection of an organization or businesses computers, data, and networks from cyber security related attacks and threats such as computer viruses, breaches, and malicious hackers.
Information Security Manager Duties
- Collaborate interdepartmentally to identify and create action plans for infrastructure and application vulnerabilities
- Design the security budget
- Improve the reliability and security of IT projects
- Conduct cyber security remission protocols and procedures
- Create security policies and procedures for organization and businesses
- Launch forensic investigation and vulnerability audits
- Monitory the process of security systems
- Design and provide training for employees outlining security risks and how to mitigate them
- Rapidly respond to security-related incidents
- Write post-incident analysis, and report to upper management, auditor, and other team members
- Select security products, and remain abreast of the latest cyber security technologies
Information Security Management Systems (ISMS)
Firstly, we want to address the question: what is a management system? A management system is a set of clearly defined objectives and policies that outline the processes that ensure that the specific objectives and goals of an organization are met. So, information security management systems (ISMS) are systems that do the same thing with a focus on cyber security. ISMS are useful for security managers as they streamline the role and clarify expectations not only of the manager but of the individuals who are part of the cyber security team. For an in-depth examination of IMSM and how you too can engage in best-practice security management, check out our resources section below.
Information Security Manager Career Pathway
Based on your starting point (whether you’re already active in cyber security, a service member, IT specialist, or a student) there are a few paths to entering the field of security engineer. We’ve listed some different levels at which you can engage in security jobs below. These levels will depend on the typical number of years of experience associated with career stages (entry, middle, senior) as well as how specialized your education is. For an in-depth look at how job experience in cyber security and education levels compare and contrast, check out our guide on how to prepare for a career in cyber security.
As this is a mid to senior-level position, one way to enter into this position is through education. Most security managers will have at least a bachelor’s degree in a computer science or cyber security, while many will hold master’s degrees in information assurance. Another way to get in is to work you way up through an administrative position- in fact, a lot of this job will require leadership and management experience.
A note on the positions below: Some job titles are tiered within that position- a position labeled “mid-level” for example, may have a range between mid to advanced.
- Entry level:Security Administrator, IT Auditor
- Mid-Level Level:Security Analyst, Security Specialist
- Senior Level: Security Manager, Security Director, CISO
Information Security Manager Technical Skills
- Security architecture
- IT strategy
- Knowledge of Windows and Linux/Unix
- HIPPA, GLBA, NIST and other compliance assessments
- Computer networking and routing- TCP/IP
- C
- C++
- C#
- Utilize an Information Technology Infrastructure Library (ITIL)
- COBIT framework
- Management systems knowledge of the specific org you’re trying to work for (waterfall, SCRUM, Agile)
- Risk management with NIST
- FIPS Compliance
- Information Security Management Systems (ISMS)
- Cobit
- NIST
- SOX
- PCI
- ITIL
Information Security Manager Soft Skills
- Collaboration
- Team Player
- Leadership
- Oral and Written Communication
- Creativity
- Innovative Thinking
- Organized
- Multi-task
Information Security Manager Job Outlook and Salary
There are thousands of jobs available for security managers across the nation. This is a highly specialized field. Security manager positions are projected to grow by 18% by 2024, which is a much faster rate than most fields. The median salary of penetration tester is $88,004, though can range from $75,000 – $100,000+
Information Security Manager Resources
- For information how to utilize the G.I Bill Head to the U.S. Department of Veteran Affairs
- The Institute of Internal Auditors outlines Best Practice ISMS for Security Manager here.
- Are you ready to get certified as a Information Security Manager? Head to ISACA
- Great insights from Joe “the IT guy on COBIT 101