A cyber security manager wears several hats depending on the size and function of the employing company. In the case of a large company with a cyber security department, the manager will typically establish the polices for network security. In addition, the manager is responsible for supervising cyber security employees including security software developers, analysts, and forensic experts. Hiring, overseeing training, and terminating security employees also falls to the manager.
When it comes to smaller companies, the cyber security manager might be a one-man show. This would entail establishing networking policies as well as training company employees in how to use the business security software. In most cases the cyber security manager is expected to monitor the company's networking system, spot gaps in security, and develop solutions. The manager is also expected to generate and provide reports to various executive staff members.
What Does a Security Manager Do?
Walking into a cyber security manager position without prior experience in the field is almost unheard of. Your career path is much more likely to lead you there through education and work experience.
According to the Bureau of Labor Statistics, you will need a minimum of a bachelor's degree in the computer science field to be considered for the position.
Degrees that can start you on the right path include:
- Computer Science
- Computer Information Systems
- Computer Engineering
- Computer Information Technology
While a master’s degree will increase your value in the workplace, a bachelor's degree with the right work experience can also get you there.Read More
What are Their Responsibilities, Common Duties, and Tasks?
Cyber security managers have varied duties depending on the department that they oversee and the size of the company they work for. With that said, there are several responsibilities that apply to most cyber security management roles.
- Monitor Policy Compliance: Since the manager will establish policy, who better to check compliance? This duty can include checking, not only internal employee security-based compliance, but also checking external compliance of company clients.
- Regulation Compliance Checks: This responsibility is extremely important of you are working in an industry that has significant government regulations covering how things are to be done. Any time you accept payments online through credit and debit cards or retrieve customer bank information and store it, etc. it is vital to do routine checks to make sure the company is in constant compliance with the sometimes frequently changing regulations about how those things are handled.
- Monitor Operations: This is a task that you might perform or, if you have a team, you will delegate. However, that person will report to you and the ultimate responsibility of keeping everything running well will be yours. Monitoring will include checking alerts, reading performance logs, and identifying potential or ongoing threats to the system's security.
- Department Reports: You will be expected to let department heads know if there are security breaches. In addition, you will provide reports to them, as well as assist in scheduling training for new employees in using the security-based company networking system.
- Oversee Software and Hardware Purchases: In many cases, the cyber security manager has a large voice in deciding which software and hardware products the company purchases. This is because the manager knows what will work well with existing equipment as well as which products are known for being strong in the security arena.
- Hiring and Firing: If you have a team working for you at your company, part of your job will entail hiring and/or firing. While human resources typically conducts initial interviews and background checks, you will be called upon to do secondary interviews to decide whether the candidate possesses the knowledge and has the skill sets needed for the job. A human resources person will not have the technical knowledge needed to confirm these things.
How to Become a Security Manager
The steps to becoming a security manager are straightforward. First, get an education. You should have at least a bachelor's degree, and it needs to be in a computer field such as computer sciences or information technology. An optional but positive step toward building this career is to also secure an intern position in the field while working toward your degree. If you cannot get an internship in cyber security, getting one in any computer field will still be beneficial.
Then, work in the field. To be hired as a cyber security manager, you will be expected to have several years of work experience, preferably in cyber security, but if not then at least a consistent path in the field of computers. You can start in any area you want including software development, networking, database work, etc. Then you can move into cyber security from there and position yourself to apply for a management position down the road.
It’s also important to stay current. While working toward the management position, stay current on new virus threats, government security regulations, and new security software on the market. You should also continue to get certifications to demonstrate a desire to constantly improve and gain new skills.
Typical Requirements for Hiring
- Work Experience
- Personality Characteristics
A cyber security management position is not an entry-level position. It is at least mid-level if not a high-level career goal. There are many facets to becoming a manager at this level, but it can be achieved through strategic educational and experience planning.
As discussed above, you will need at least a bachelor's degree in the computer industry. To this end, it is important to choose a college that offers the courses you will need to succeed. It might be helpful to talk with someone working as a cyber security manager and ask for guidance about which courses will help start you on the right path. Then, select a school that offers those choices as part of their degree program.
Optional – Interning
An intern position in the field of computers while seeking your degree will give you something solid to put on your resume other than having a degree. Potential employers will like that you already have a track record working with others.
Once you have the degree secured, it is time to start gathering the needed work experience. Find a job in a company that will allow you to grow. Employers will want you to have a pretty broad knowledge in computer topics if you are to move into cyber security management. To accomplish this, a company that will allow you to grow, apply for lateral transfers, etc. gives you a good starting point.
Networking within the company is also a good idea. Have you ever heard the saying, ‘dress for the job you want, not the job you have?’ That can also apply to who you network through. Over the years when you are gaining work experience, interact with and develop business relationship with current cyber security upper management in your company and others if you can. These relationships will serve you well for references when the time comes for you to try for a management position of your own.
Cyber security managers are expected to be among the most trustworthy and integrity-filled people in the company. This is because you will have access to the company's most privileged information, not to mention the information of the company's clients. Make sure that, while you are gaining work experience, you consistently demonstrate integrity and character in all you say and do. This can apply to behavior in your daily duties, at company functions, and yes, even on your social media sites.
The ability to multi-task is vital in this position. You will be expected to watch constantly moving parts (the network system), quickly spot anything different or “off”, and figure it out. While doing this, there will be reports you need to generate, training you need to set up, policies you must continue to develop and oversee, compliance checks to be done, and many other tasks. While moving toward this management position, try to work in positions that require increasing levels of responsibilities and multi-tasking. This will show potential supervisors that you can do the job of a manager.
The salary of a cyber security manager can vary greatly depending on several factors. Different areas of the nation have different costs of living, and this is reflected in what people are being paid. In addition, the field you work in also has a bearing on your salary. Government cyber security management positions will pay differently than the private sector.
In general, however, let's take a look at salary for this position. We will compare two sources.
According to payscale.com, the average salary for a cyber security manager is around $106,000. The low end is about $70,000 and the high end tops out at about $148,000 per year. The U.S. Bureau of Labor Statistics reports a similar average income of $142,000 per year.
The outlook for this position is bright. As more technology develops and people continue to depend on automated systems for tasks, computer related jobs will continue to increase. With that will come an increased need for cyber security positions and those positions will continue to be managed by higher-level employees. According to the U.S. Bureau of Labor Statistics, the security management field will grow by 11% from 2018 through 2028. This is much faster than the average occupation's anticipated rate of growth, though slower than the more common cyber security positions, which may grow up to 32% in the same time frame.