young handsome business man engeneer in datacenter server room

What are the responsibilities of a Security Manager

Summary

As a Security Manager, you are expected to play a role of management when it comes to the organization’s IT security in almost every aspect. You will be creating new security plans and solutions, implementing training procedures and policies.

A Security Manager may never be involved in technical issues until necessary. They are the force behind every organization’s security team.

Full Responsibilities

The Security Manager role position is a mid level career. You will be required to do the following:

  • Implement, define and maintain all corporate security procedures and policies
  • Be responsive to immediate security incidents and provide a thorough analysis after investigation
  • You will be the bridge connecting the team of programmers, auditor’s, risk assessment professionals and the upper management
  • Make sure compliance is there regarding the staff clearance and security
  • Identify integration issues with new technologies and prepare cost estimates for upgradation/renewal of technologies
  • Take care of staff schedules and department budgets
  • Develop and execute different strategies that will improve the security and reliability of IT projects
  • Take care of forensic investigations, vulnerability audits and mitigation procedures
  • Take control and manage a team of analysts, security administrators and other related staff
  • Make sure necessary training programs are implemented within the organization that increases awareness in security, procedures and protocols
  • Test, assess and find new security technologies and products

As a security manager, you will be directly reporting to a security director or CISO

Career Paths

To reach the post of a security manager, you will have to begin at an entry level position like:

When you have spent enough time in the above positions, you can take your experience to the next level and become the following:

If you want to reach to the top, you can move on to a top level security position such as:

Related Jobs

A security manager is often also called:

  • Information Security Manager
  • Systems/Applications Security Manager
  • Information Systems Security Manager
  • IT Security Manager
  • Security Manager (systems/information/applications)

Expected Salary

Average yearly salary of a Security Manager is $60,985 per year. The basic salary can start anywhere at $33,037 yearly and can reach a maximum of $109,370 per year (2016 figures)

Requirements

Education

Security Managers are expected to hold at least a Bachelor’s degree in cyber security, computer science or related technical subject like mathematics or engineering.

If you don’t have a bachelor’s degree in IT related field, you can opt for a master’s degree in IT security. You can enhance your application by having professional experience and certifications.

Work Experience

A security manager position is a managerial position. You should at least have 5-10 years of experience in IT. Many employers want to see at least 3-5 of those years of experience in Security.

Soft Skills

Management positions revolve a lot around soft skills. In this position, you will be collaborating with seniors like a Security director or CISO. You will also be in touch with vendors, analysts and engineers. You are expected to show significantly good leadership qualities as well as oral and written communication skills.

Many employers also demand problem solvers and multi-taskers because you will be dealing with a variety of issues in the organization.

Hard Skills

Security Managers are required to have a very good understanding of technical skills that include IT Security, Programming and Architecture. When working under entry level positions, try to polish the following skills:

  • Security concepts revolving around authentication, DNS, DDOS mitigation, VPN, Proxy services,routing etc
  • HIPAA, GLBA, SOX, PCI and NIST compliance assessments
  • C, C++, C#, PHP or JAVA programming languages
  • Ethical hacking, secure coding practices and switches
  • Network security architecture definition and development
  • Methods and practices of IT strategy, security architecture, enterprise architecture etc
  • ISO 27001/27002, COBIT and ITIL frameworks
  • Unix, Linux and Windows Operating Systems
  • Firewall intrusion prevention, detection protocols
  • Computer networking, TCP/IP, switching and routing
  • Good knowledge of auditing and cloud risk assessment technologies from third parties

Recommended Certifications

Security Managers are expected to hold some sort of certifications. For most employers, a candidate holding CISS or CISM are good enough. However, you can also look at the following:

  • CISSP: Certified Information Systems Security Professional
  • GSLC: GIAC Security Leadership
  • CISM: Certified Information Security Manager
  • CISSP-ISSMP: Information Systems Security Management Professional

Jake Ciber

Jack of all trades... master of none... ABL... Always Be Learning! I love what I do and I love helping people.