What does an IT security manager do?
IT security managers need to have a passion for learning and critical-thinking skills, as well as understand intrusion prevention and detection.
Enterprise cybersecurity departments are led by well-trained and highly educated cybersecurity managers. They lead teams of IT professionals whose job is to keep the business IT infrastructure safe and to prevent sensitive data from falling into the wrong hands.
Cybersecurity managers are equal parts technologist and manager. They must be conversant in modern security software, protocols, practices and regulations. They must also have managerial skills to work across departments and interact with upper management.
What skills and knowledge does a cybersecurity manager need?
Skills for cybersecurity managers fall into two categories: hard skills and soft skills. Hard skills relate to technology, while soft skills are managerial. Both skill sets are necessary to be a good manager.
Hard skills include the following:
- Intrusion detection and prevention. This is central to the task of cybersecurity. Successful security practitioners must be able to operate an intrusion detection system and identify any suspicious traffic or activity on the network.
- Identity and access management. Managers need to know best practices for identity and access management. They must ensure that the security policy demonstrates an acceptable use for various roles and responsibilities within the organization.
- Security incident handling and response. Security practitioners must be able to handle the complete threat spectrum and compliance of the organization's security policies or standard security practices. Threats include DDoS attacks and different types of malware, such as viruses, ransomware and phishing.
- SIEM. Security managers must be able to analyze SIEM tools and services. They must be able to create automation with the SIEM tool and create incident response plans based on real-time analysis from alerts.
- Audit and regulatory compliance. Well-rounded security practitioners must be able to conduct thorough reviews of the organization's adherence to regulatory guidelines. Regulations include HIPAA, Federal Information Security Management Act, Sarbanes-Oxley Act, PCI DSS and GDPR. Failure to adhere to regulations could result in significant fines and penalties.
- Application security development. Managers should have a good working knowledge of the test and quality assurance phase of internal development. These skills are highly vertical and best left to experts in the field; however, a good working knowledge of finding, fixing and preventing vulnerabilities in homegrown applications can't hurt.
Soft skills include the following:
- Leadership. Managers are expected to lead and set an example for those under them. Showing understanding of issues, whether it's configuring a firewall or talking compliance with the CISO, inspires confidence.
- Passion for learning. The threat and compliance landscapes are forever changing, so security managers must stay on top of the latest trends, technologies and security challenges.
- Collaboration. Cybersecurity is about shared responsibility across the organization. Security managers can't and don't work in isolation. Managers need to make sure security policies are not only in place, but followed by all departments.
- Critical thinking. To combat bad actors, security managers need to think like them. A good defense to fight hackers is necessary, but a good offense can solve a problem before it becomes one.
What are a cybersecurity manager's responsibilities?
Cybersecurity managers' technical works falls into two categories: monitoring and maintenance. Here are some of those tasks:
- Monitor all operations and infrastructure. This includes regular examination of security alerts and checking logs.
- Monitor internal and external policy compliance. This ensures that both employees and vendors comply with risk management policies.
- Monitor regulatory compliance. This is especially important in highly regulated industries, such as finance and healthcare.
- Manage security tools and other technologies used to secure the network. Managers must conduct regular audits of policies and controls to make sure they are being adhered to.
- Keep security on the radar of the C-level executives. This is necessary so security remains a budget and strategic priority. Managers shouldn't assume C-levels are watching security issues. They have a lot to follow.
- Keep up on technological developments. The cybersecurity landscape is constantly changing. Managers must constantly evaluate new technologies and policies and be prepared to implement new systems and policies.
- Work with different departments. The security department does not work in isolation. Managers will likely be tasked with working across many departments in an organization to get everyone on the same page.
- Manage resources. Cybersecurity managers need the right mix and number of employees, along with the right technologies, to run a successful department.
- Mitigate risk from attacks by adapting strategies to new attack styles. This includes routinely auditing business practices to keep cybersecurity strategies moving forward rather than letting them become outdated and ineffective.
How to become a cybersecurity manager
A bachelor's degree in cybersecurity is a good start, but to truly excel, a master's in cybersecurity management is essential.
The Cybersecurity Guide website lists what it considers the 75 top master's programs from around the nation. It includes online courses from schools such as University of California, Berkeley; Virginia Tech; Arizona State University; and Washington University.
There are also online learning organizations that offer recognized and accredited programs in cybersecurity. These are not college degree programs, but they do offer certificate programs that are mandatory for cybersecurity professionals of all levels. Programs include CISSP and Information Systems Security Management Professional.
Learn more here about the difference between certifications and degrees.
How much does a cybersecurity IT manager make?
Comparably, a site that specializes in salary comparisons, said the average cybersecurity manager in the U.S. makes $117,580 per year. Managers in San Francisco make the most at $172,000 annually -- 46% higher than the U.S. average.
Job recruitment site ZipRecruiter said the average annual pay is $136,625 a year, with a high of $171,000. Glassdoor puts the average at $122,730, with a high of $191,000.
Cybersecurity employee training: How to build a solid plan
Top 10 cybersecurity interview questions and answers
Why you need an email security policy and how to build one