The position of information security manager is one of the most sought-after ones available today. Any successful information security team or department must have effective information security managers. The abilities and characteristics that an efficient, capable information security manager will have and ultimately apply on an almost daily basis are described in this blog.

Information Security Manager Skills and Information Security Manager Traits will serve as the general categories for this blog. The skills section lists the kinds of abilities a potential information security manager should have acquired, either through education or employment. The Traits section lists the candidate's more ethereal, soft abilities, which they most likely learned about themselves before submitting their application. In other words, you probably won't be the best candidate for this role or will need to make up the shortcomings in other areas if you haven't yet discovered the qualities needed of a professional information security manager in yourself.

Background of an information security manager

To define the skills and traits that an information security professional should have picked up at this point begs one serious question: What sort of educational and professional experience prerequisites exist for the information security manager?

Information security managers need at least a bachelor’s degree in an information security- or IT-related discipline. Some organizations will hire you on with just a bachelor’s degree in any field for your first information security job. Other organizations may require a master’s degree in an information security-related field to offset a bachelor’s degree with a non-technical degree.

In terms of professional experience in the field, you will generally want to have at least five years of information security experience before you are qualified for this position. With that said, a career that shows a history of steadily progressing up the information security ladder will probably put you in the best spot for this position, because it demonstrates a steady increase in both responsibility and acquired skill.

Information security manager skills

The list of skills required of a successful information security manager may seem daunting at first. However, these are the skills that a successful information security professional would have picked up in their career up to this point. Below is a general overview of the categories of skills organizations are looking for, including lists of the specific skills under their respective categories.

Security/network architecture

Information security managers are expected to not just be familiar with security and network architecture; rather, they must have mastered this category of skills before applying for this position.

The skills involved include:

  • Practices and methods of security architecture, enterprise architecture and IT strategy
  • Security architecture definition and development
  • Security concepts related to routing, DNS, VPN, authentication, DDOS mitigation technologies/tools and proxy services
  • Firewall and other security tools and technologies
  • Intrusion prevention and detection protocols
  • Networking concepts related to TCP/IP, switching and routing
  • Security infrastructure and network configuration

Systems and frameworks

There are several systems and frameworks that a successful information security manager will want to have acquired before taking on this position. These include:

  • Linux
  • UNIX
  • Cisco
  • Python
  • Information assurance
  • Virtualization/VMware
  • Active Directory
  • ISO27001/27002, COBIT and ITIL frameworks

Compliance-related skills

Information security managers will also be expected to have a strong compliance background. This translates into the ability to effectively assist compliance auditors if and when needed, as well as having experience with the following compliance assessments (to the extent that it is relevant to their organization):

  • HIPAA
  • PCI
  • GLBA
  • NIST
  • SOX

Information security manager traits

This a short list of the required traits that most successful information security managers possess. This list should give you a good idea for what organizations will expect you to be equipped with, trait-wise:

Communication

Communication is absolutely essential for the position of information security manager. Effective information security managers are expected to act as the focal point of communication between their respective information security department or team and the rest of the organization. Information security managers need to have open, effective communication with all other department managers with the organization. Part of this is maintaining a good relationship with these other department heads.

Analytical skills

Information security managers must have a highly-developed analytical sense. They must be able to quickly analyze high-level information security issues and see them to resolution. Since information security managers are often the highest level of event escalation in their department or team, the buck stops with them.

Adaptability

Adaptability is one of the most essential traits to being a successful information security manager, and with good reason. On an almost daily basis, issues could potentially arise and events could occur that would require both a high-level understanding of the information security environment and quick adaptation to bring about successful resolution. While good planning and strategy could avoid much of this, you can never plan enough to not be adaptable.

Innovation and growth within constraints

The last trait we will discuss (but by no means the last trait) is innovation within constraints. Specifically, the constraints we are concerned about here are budgetary constraints. Budgetary constraints dictate how much funding can be allocated to the information security department or teams within the organization. With these financial boundaries in place, information security managers must be able to effectively adopt new information security and IT technologies and tools into the organization. Information security managers are also responsible for hiring new information security staff members which must always be figured into the budget.

Conclusion

The role of information security manager is a major milestone in the information security careers of many, and for some, it may be their ultimate goal. Whether you fall into one of these categories or you are simply in the exploratory phase of pursuing a career in information security, you can expect the skills and traits listed above to be required of you for this position. If, after soaking in the information above, you think you are a good representation of said skills and traits, you will be a strong candidate for an information security manager position.

Posted 
Jan 8, 2023
 in 
IT & Software
 category

Jude Touqan

View Posts
Post Tags:
IT
Cyber Security

More from 

IT & Software

 category

View All
Cloud Computing: Advantages and Disadvantages
 min read
Cloud computing: What is it? Advantages and Disadvantages
 min read
Encryption: What Is It? Types, Functions, and Advantages
 min read
Two-Factor Authentication: How It Works and Example
 min read

Join Our Newsletter and Get the Latest
Posts to Your Inbox

No spam ever. Read our Privacy Policy
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.