What Is an Information Security Risk Manager?
Information security risk managers are responsible for the oversight of all of an organization's cyber-security programs as they relate to the organization's information initiatives. Also known as information security analysts, these managers develop and implement various policies and procedures for an organization's information network that are designed to maintain information safety and mitigate risk. Security risk managers work closely with chief information officers (CIO) to establish budgetary parameters as well as set risk mitigation goals required by the organization. Managers assume responsibility for monitoring all processes that have to do with information exchange, including firewall usage, anti-virus/anti-trojan protection measures, and internet filtering processes.
Risk security managers analyze existing risk mitigation policies and security controls and communicate with the organization's CIO on the efficacy of these measures, suggesting ways and means for improving them. These managers are also the front line for developing contingency plans and recovery processes and procedures when an organization's information systems are severely compromised. They work with all staff to train them in cyber-security measures and policies outlined by the organization.
|Educational Requirements||Bachelor's degree|
|Job Skills||Expert knowledge of information security systems and procedures, strong analytical and problem-solving skills, excellent communication skills, expertise in computer networks|
|Median Salary (2019)*||$111,031 (information security managers)|
|Job Outlook (2016-2026)**||15% (information security analysts)|
Sources: *PayScale.com; **U.S. Bureau of Labor Statistics
A bachelor's degree is required for a career as an information security risk manager. The degree could be in such fields as computer information systems or information security. Some employers prefer a Master of Business Administration of Master of Science in Information Security. Practical prior work experience in computer security is largely desirable for candidates seeking this career.
It is imperative that information security risk managers possess expert knowledge in all computer and network security methods and procedures because they are the lead on overseeing all security measures for an organization, including risk mitigation, assessment, and implementation of new security measures. They must also ensure network integrity and usage. Cyber attacks and threats are a constant menace for networks, so the risk manager must have strong analytical and critical-thinking abilities to be able to identify any potential vulnerabilities in an organization's existing network and address any attacks quickly. Excellent written and oral communication skills are also a must, as the manager assumes responsibility for training all staff in cyber-security protocols and procedures, and communication with the CIO is frequent.
Career Outlook and Salary
In 2018, the U.S. Bureau of Labor Statistics (BLS) reported a 15% job growth rate for information security analysts between 2016 and 2026. The BLS notes that this figure reflects a faster than average growth compared to all other occupations. The annual median salary for information security managers in June 2019 was reported to be $111,031 by PayScale.com.
The following articles provide occupational information for careers related to information security risk managers. They contain job descriptions, education requirements, median salaries, and career outlooks.