Welcome to another edition of our career insights series! Today, we’ll be covering a position on IT that has become increasingly more important over the last years. We’re talking about Information security managers or IT security managers.
With huge companies like Sony being hacked and entire countries suffering damage to their infrastructure from hacks, security has to be on the mind of big and small companies alike.
Who handles that security? The person whose job we’re going to talk about in this article – the Information Security Manager.
What does an Information Security Manager do?
The Information Security Manager or IT Security Manager is responsible for protecting the IT infrastructure of the company, whether it is against viruses, security breaches or hacker attacks. It is their job to make sure that information doesn’t leak or get lost as a result of an attack and preventively reduce the possible amount of lost data to as little as possible.
First and foremost, an IT security manager will be checking for weak areas – any spots that might be particularly vulnerable to viruses or outside attacks. That means maintaining stuff like anti-virus software, changing passwords and ensuring good firewalls are in place. This is the first part of the job – prevention.
The second is minimizing loss potential. In practice, that means ensuring that backups are being made at regular intervals and basically reducing the probability that sensitive data is affected by a breach.
Finally, you can expect a lot of testing and reporting to be part of your everyday tasks.
What are the responsibilities of an Information Security Manager?
- Monitor operations and IT infrastructure to ensure the security
- Responsible for creating security strategies
- Develop security response program in case of breach or incident
- Investigate violations if they happen
- Monitor and decide on security tools to use (e.g. data encryption)
- Run IT security audits
- Be up-to-date with the latest IT security trends and incidents
- Ensure compliance
Looking for an IT Security Manager?
Qualifications and Experience required to become an IT security expert
As far as academic qualifications go, security experts are more often than not expected to have at least a bachelor’s degree in a field like a computer science, programming or anything closely related to that. A master’s degree is likely to increase your chances of getting an IT security expert position.
There are some universities that offer programs in cyber-security; these are obviously as directly related to the field as possible, which makes them a great advantage on a resume.
With all that said, this is a field where experience will absolutely top academic qualifications. So if you’ve worked a couple of years at a similar position or have certificates which are more directly related to the field than a university education, your chances will be pretty good as well.
Technical and soft skills required to land a job
There are a lot of technical skills that could be a part of an IT security expert job. One of the most important skills includes network administration. This is the ability to understand how internal networks work, as well as having knowledge of how to examine and test different security methods.
Risk management frameworks like COBIT, ITIL, ISO or other similar ones are also some of the skills that are required most often. Additionally to that, programming skills are expected. You don’t have to know every common programming language, but knowing at least two of C, C++, Java, SQL or PHP is almost a necessity.
Depending on where you work and what you’re expected to manage, the soft skills will also vary. As a security expert, you will have to interact with other employees on a regular basis. A lot of them will not be tech-savvy. That means patience and the ability to break down solutions to technical problems is crucial to the job. If you get impatient as soon as a user asks a question that seems self-explanatory, you’re not going to live a happy life as an IT security expert.
Additionally, if you work at a larger company, you might be heading an entire IT security team. This is where soft skills like personnel management come in handy.
What should an IT Security Manager know?
- Knowledge of network architecture – security, configuration, and development
- Understanding of security concepts DNS, VPN, DDOS, proxy services.
- Risk management frameworks – COBIT, ITIL, ISO
- Understanding of several systems such as Linux, UNIX, or Cisco
- Experience with compliance assessments such as PCI, HIPAA or NIST
- Effective communication skills
- Adaptability to react to potential issues
- Analytical skills
Who is hiring information security consultants?
If you take a look at current job openings looking for network security experts or IT security consultants, you will see that all kinds of companies are looking to fill that kind of position.
As far as size is concerned, smaller companies are less likely to have the infrastructure that requires an IT security expert or the means to afford it. But as far as the field of work is concerned, almost any company that handles an average amount of data on computer networks needs at least one. It doesn’t matter if it’s pharmaceutical, delivery or tech companies. In the world of Big Data, almost everyone needs an information security consultant.
Potential for freelancers:
Freelancers are likely to be called in as security experts from time to time. If a company is building up its security infrastructure from scratch, they might hire a freelancer. If they have an unexpected breach, they might also look for outside help. More likely than not, they will be looking for long-term solutions through an in-house IT security expert. But there are plenty of situations where external expertise can be helpful. As such, freelancers have a great chance in this field! Check the latest Information Security jobs available.
Looking for a new job?
How much do Information Security Managers earn?
The average Information Security Manager salary in the United States is $120,000 and it usually ranges between the $108,000 and $135,000.
What about freelancers?
The average freelancer hourly rate of an IT Security Freelancer is $132 / hour. Extrapolated to an 8-hour day, the daily rate is around $1,056 per day. (freelancermap price index – as of August 2019).