Information Systems Security Manager
Information systems security managers (sometimes called IT security managers) coordinate and execute security policies and controls, as well as assess vulnerabilities within a company. They are responsible for data and network security processing, security systems management, and security violation investigation. They also manage backup and security systems, employee training, security planning measures, and recovery of data in disaster situations.
The majority of computer and information systems managers, including security managers, work full-time in an office setting. In addition to overseeing an in-house team, some managers must be able to supervise workers who telecommute. Overtime hours are probable, as schedules often require security managers to continue working until a problem has been solved.
|Degree Level||Bachelor's degree; grad degree for some positions|
|Degree Field||Computer or information science|
|Certification||Voluntary certifications available|
|Experience||Varies; typically 5+ years in information security, computer, information science, or related field|
|Key Skills||Strong analytical, communication, and decision making skills; proficiency in a variety of computer programs and applications including VMware, Windows, Linux, Oracle, Solaris, Cisco, Active Directory, and NFTS/UNIX file systems; pass criminal and credit background check|
|Salary (2105)||$131,600 per year (median salary for all computer and information systems managers)|
Sources: U.S. Bureau of Labor Statistics (BLS), Monster.com job postings in June 2012
To get into this career, a bachelor's degree is standard. However, some organizations may require a graduate degree in computer or information science. Voluntary certifications are available. Previous experience requirements vary, depending on the company. But, generally, 5+ years of experience in information security, computer or information science or a related field is needed. The key skills that information systems managers need include strong analytical, communication, and decision making skills, proficiency in a variety of computer programs and applications including: VMware, Windows, Linux, Oracle, Solaris, Cisco, Active Directory. In May 2015, the U.S. Bureau of Labor Statistics stated that computer and information systems managers earned a median annual wage of $131,600.
Steps to Getting Into This Career
What are the steps to become an information systems security manager?
Step 1: Earn a Bachelor's Degree
The BLS indicates that a bachelor's degree in computer or information science is the minimum educational requirement to work as an information systems security manager. These programs examine the fundamental principles of web authoring applications, database design, data structures, programming, systems software security, and network security. Graduates should have a good understanding of the applications of computer science to help organizations run smoothly and solve technical problems.
To really stand out among the crowd, use time in school to develop a portfolio. In some programs, students will be required to keep a portfolio of completed work. This functions as an assessment of progress during the course of the program and can be an important tool for demonstrating skills when applying for jobs in the future.
Additionally, focus on course choices. Since many jobs require proficiency in a number of different programs and software suites, students may choose to take courses to help them gain skills in these areas. Additionally, students may want to find programs that offer specializations or coursework in computer or network security.
Step 2: Gain Work Experience
Many employers seek experience in network security aspects, such as firewalls, networking fundamentals, and government compliance laws. Additionally, certifications, such as the CISM, require applicants to hold at least 5 years of information security work experience, along with management experience.
Bachelor's holders can seek out entry-level information technology positions within smaller companies in order to build their resume. However, the BLS states that your entry-level work experience should be in your field of choice. Therefore, recent graduates will want to find positions as information systems security workers and work their way up into management positions.
To shine at the workplace, become familiar with common programs. Employers often prefer to hire employees who are familiar with the programs that they will use most. Linux, Oracle, and Cisco are a few of the programs where experience may be important. Job candidates who have these skills on their resumes may have an advantage over those who do not have strong experience.
Step 3: Get Certified
Employers often prefer certification because it provides proof of a person's knowledge and ability in computer-related areas, and some employers are more likely to promote or advance those who hold certification. Certifications in the field typically call for about 5 years of experience and the completion of a certification exam. For example, ISACA offers the CISA and CISM certifications. Individuals may earn the CISA if they complete the CISA exam, meet the ISACA code of ethics, have a minimum of 5 years of experience in information systems and meet requirements for continuing education. The CISM is available to individuals who complete the CISM exam, follow the ISACA's code of ethics and have a minimum of 5 years of work experience in information security.
Consider earning more than one certification. Many employers require multiple certifications when considering candidates for a position as an information systems security manager. Additionally, multiple certification credentials can demonstrate management expertise in multiple information security areas and may open doors to new career opportunities.
To recap, with a bachelor's degree, advanced computer security knowledge and about 5 years of experience, information systems security managers can earn about $132,000 a year to coordinate and execute security policies and controls, while assessing a company's vulnerabilities.