Pros and Cons of Becoming a Computer Security Manager
Computer security managers can play a crucial role in ensuring that a medium- or large-scale organization's information technology (IT) systems and data remain secure. Find out the pros and cons to determine if becoming a computer manager is right for you.
| PROS of a Computer Security Manager Career |
|---|
| High wages ($136,000 mean annual salary in May 2014) |
| Favorable job growth (expected 15% from 2012-2022)* |
| Opportunities to advance to senior IT management positions* |
| Get to be highly involved in network and security planning * |
| CONS of a Computer Security Manager Career |
|---|
| Long hours possible (33% of managers exceeded 40 hours a week in 2012)* |
| Pressure to meet goals* |
| Risk of companies outsourcing IT jobs to other countries |
| Need to continuously learn new technologies* |
Source: *U.S. Bureau of Labor Statistics
Career Information
Job Description and Duties
A computer security manager, also known as an IT security manager, is an individual responsible for the security of a business's networks and computer systems. These professionals will often direct network security specialists and e-commerce security specialists, among others, in the perpetual safekeeping of a company's privileged information, databases and financial operations. Unlike network managers, who primarily work on a company's network infrastructure, computer security managers must also manage physical security, application security, operating system security and database security.
Project management is a major part of the job, since computer security managers work on multiple projects and must be able to manage more than one team. With some companies allowing employees to work remotely, the manager may be responsible for employees inside and outside the workplace. Pressure to meet deadlines and fit project budgets can make the job stressful and may require you to work long hours. Excellent analytical and communication skills are needed to ensure projects come out as planned.
Job Prospects and Salary
The BLS projects excellent job prospects for computer and information systems managers, which includes those who primarily manage security. The projected job growth from 2012-2022 is 15% due the increased need of personnel to manage companies' computer networks and systems. The computer systems design industry has the highest level of employment for computer managers.
As of May 2014, the mean annual wage for the profession was roughly $136,000. Salary depends on geographical income, industry and the type of employer. The highest wages for computer managers were in the securities and commodity exchanges industry, where they earned an annual mean wage of about $201,000.
Education and Training Requirements
A technical bachelor's degree is a must for computer security manager positions. Although some employers prefer a computer science degree, you can typically choose from various bachelor's programs, including those that focus on computer and network security, information systems or information assurance. General technology and computer science degrees give you a broader foundation in general technology than specialized programs in information security, but security programs have courses that are directly related to careers in security administration, network auditing and IT security management.
In addition to your degree, employers will likely ask for industry security certifications. Two common credentials include the Certified Information Systems Security Professional (CISSP) from the International Information Systems Security Certification Consortium (ISC)2 and the Certified Information Security Manager (CISM) from the Information Systems Audit and Control Association (ISACA). The CISSP covers information security management in depth, including network security, software security, access control, disaster planning, legal compliance and physical security. The CISM focuses mainly on information security program management and incident response. You may need to take additional training courses to be prepared for these certification exams.
What Do Employers Look for?
While employers look for technical skills, security certifications and at least a bachelor's degree, they also place a strong emphasis on work experience in an information security role. They look for individuals who have strong leadership skills and are proficient in project management. Below are some samples of computer security manager job listings posted by employers in March 2012:
- An engineering firm in Massachusetts seeks an information security manager with 10 years of information security experience, in addition to an information systems or a computer science bachelor's degree. Applicants also need either the CISM or CISSP certification.
- A wireless communications company in California is looking for an IT security manager with skills in intrusion detection and systems forensics, eight years of project management experience and a bachelor's degree. The listing's preferred requirements include a master's degree and a certification in security or project management.
- A Colorado staffing agency is advertising for an IT security manager with experience in 3G wireless networking, SOX compliance and financial systems security. The posting lists a bachelor's degree as a preferred qualification and requires at least seven years of related work experience.
- A hospital in Colorado is looking for an IT data security manager with knowledge in remote management and budgeting. A bachelor's degree, project management experience and security certifications are preferred, and work experience in IT, management and HIPAA security are required.
How to Get an Edge in the Field
According to the BLS, some employers look for candidates with Master of Business Administration (MBA) degrees for management positions. Some schools have MBA programs with an information security focus, which can help you stand out from those with only a bachelor's degree. Since related work experience is critical, consider working in an entry-level IT role in networking, computer support or security if you don't have the required experience for a management job. Learning to use common tools for scanning networks and finding vulnerabilities in systems can also help you stand out. If you're interested in working in finance or healthcare, learning the security regulations that apply to the selected field can get you noticed.
Get Certified
While the CISSP and CISM are the most commonly requested, there are other certifications in security and project management that can help you stand out amongst the competition. The Project Management Institute's Project Management Professional (PMP) exam is designed for those with a bachelor's degree and project management work experience. Global Information Assurance Certification (GIAC) offers various security management certifications, including the GIAC Security Leadership, GIAC Information Security Professional and GIAC Certified Project Manager credentials. Since managers usually do security audits, ISACA's Certified Information Systems Auditor (CISA) certification can be helpful.
Other Careers to Consider
If a managerial role is not for you, there are alternative careers you can pursue in information security. One option is to become an IT security analyst, which is a hands-on engineering role. IT security analysts perform tests on networks, operating systems and applications, as well as completely design secure systems. The job requires a strong understanding of networking concepts and the ability to use and configure network security appliances. The BLS has projected faster than average growth for information security analysts, at a rate of 22% from 2010-2010. The mean annual wage as of May 2011 was $82,000.
If you're interested in network administration, you can consider a career as a network security administrator. In addition to managing and troubleshooting a company's network, network security administrators run tests to check for intrusions on the network and individual workstations, as well as secure stored data using encryption. A faster than average growth rate of 28% is projected for network administrators from 2010-2020. As of May 2011, the average annual wage was $74,000. The computer system design industry has the highest levels of employment for computer and network administrators.
