Security Manager Jobs
What is an IT security manager?
An IT security manager is responsible for the protection of a company’s network and data against attempted breaches and other security threats. Those in this job role oversee every aspect of IT security from ideation, engineering, implementation and monitoring. Security managers may also be responsible for the day-to-day management of the security team.
What are the duties of a security manager?
The security manager is an organisational and observational role in which you will need to be able to manage other employees and ensure that your team is operating smoothly and professionally.
- Managing security team
You will be responsible for managing a company’s security team as they devise, build and roll out new security frameworks in response to identified threats.
- Organising and reviewing security assessments
In line with the rest of the security team, you will organise and monitor risk assessments, vulnerability assessments or penetration tests. You will then review the results of the tests and prepare the team to resolve any issues identified.
- Delivering reports to senior members of staff, stakeholders
You will most likely need to liaison with other senior members of the business, key stakeholders or other security professionals to ensure that projects are running at the correct timeframe and a guaranteed a return on investment.
- Implementing training for security staff or staff in other parts of the business responsible for data safety
You will need to manage the implementation of new security protocols and, if necessary, organise training for your staff or staff in other parts of the business who are likely to encounter them.
- Planning disaster recovery
Even the most robust systems can be breached and, as IT security manager, it will be your responsibility to ensure there are plans in place for the event of a data breach or unauthorised intrusion.
- Managing compliance
You may also be responsible for ensuring the business remains compliant with any necessary legislation, like the GDPR for any business which operates in Europe.
How much does an information security manager make?
According to PayScale, the average UK security manager earns a salary of £50,000. The lower 10% of workers in this role earn around £32,000.
In the US, this role has an average salary of $104,000 and the lower 10% earning is $69,000.
Security professionals in this role often progress into roles such as security director or chief information security officer (CISO).
How do you become a security manager?
Security managers often begin as security administrators before progressing into a more specialised role such as security engineer or security analyst.
In addition to 5-10 years’ experience in the field of cyber security, some of the most common skills security managers will need to hold are:
- Understanding of security concepts like VPN and proxy services
- Knowledge of programming languages such as Java, C and C++
- Experience with firewalls and other intrusion prevention systems
- Ability to devise and implement network security infrastructure
For more specialised positions, you may be expected to have experience running penetration tests and implementing cloud security systems.
Practical experience of the job is vital for this role but as a managerial position, you will also need to show that you have the ability to manage people and interact with other members of the business on behalf of your department.
What qualifications do I need to be an information security manager?
Most security managers are expected to hold at least a bachelor’s degree in computer science, mathematics, computer engineering or a related field. If you have an unrelated degree, it may be beneficial to gain a master’s in information security to help your career search.
There are also IT security manager certifications that you might want to consider if this is the role you are aiming for. These include the Certified Information Security Manager (CISM) and the Certified Information Systems Security Professional (CISSP).