The Job Description for an Information Security Manager

Skills

These managers must have a strong background in information technology with a clear understanding of the challenges of information security. They require excellent analytical and problem-solving abilities to identify and fix security risks. To build understanding and awareness of security issues throughout the organization, they must have excellent communication and presentation skills. They also need good team working skills to develop security solutions in collaboration with other information technology professionals.

Assessment

Information security managers assess the organization’s security measures, such as firewalls, anti-virus software and passwords, to identify any weak points that might make information systems vulnerable to attack. They may carry out simulated attacks to test the efficiency of security measures. They also prioritize security coverage to ensure that strategically important data, such as commercial information or personal data, receives the highest levels of protection.

Policies

To minimize risk, these managers develop policies that encourage secure working and protect data. They give employees and managers different levels of access to company data based on seniority and job function. They also provide training for employees, explaining security risks and demonstrating good practices, such as using strong passwords and protecting data when they use mobile devices outside the office.

Monitoring

Managers set up procedures and automated processes to monitor the status of computers and networks. If the monitoring system detects unusual patterns of behavior, managers must respond quickly to determine the cause and deal with any threat. They also analyze reports generated by the monitoring system to identify trends that might indicate a future risk.

Prospects

Information security professionals earned a median wage of $75,660 in May 2010, according to the Bureau of Labor Statistics. Employment in this profession is projected to grow 22 percent between 2010 and 2020, which compares to a projected average growth of 14 percent for all U.S. occupations.


THIS IS A CERTIFICATION COURSE

All Students Will Receive A Certificate As A "Certified Information Security Manager". National Cyber Security University is recognized by governments and corporations around the world.

Overview

Management of Information Security primarily focuses on the managerial aspects of information security, such as access control models, information security governance, and information security program assessment and metrics. Coverage on the foundation and technical components of information security is included to reinforce key concepts. The third edition includes up-to-date information on changes in the field such as revised sections on national and international laws and international standards like the ISO 27000 series. With these updates, Management of Information Security continues to offer a unique overview of information security from a management perspective while maintaining a finger on the pulse of industry changes and academic relevance.


Features and Benefits

  • Reflects changes in the field, including revised sections on national and international laws and international standards such as the ISO 27000 series.
  • Expanded coverage in key managerial areas of Information Security Governance, Access Control Models, and Information Security Program Assessment and Metrics.
  • Applies a running case study which follows a fictional company as it encounters various information security issues, rounded out by discussion questions that encourage class participation.
  • Offers "Viewpoint" essays to provide a range of commentary that illustrate interesting topics or share personal experiences--providing students with real-world examples.
  • Reinforces skills as they are learned with extensively revised review questions, hands-on activities, and case projects in each chapter.

 Six-figure salaries are the norm for Information Security Managers in the United States, with median pay hovering around $108K per year.  Cash earnings of Information Security Managers can occasionally include $20K each in bonuses and profit sharing proceeds; this strong performance component causes pay grades to stretch from approximately $73K to almost $153K.  Geography is the biggest factor affecting pay for this group, followed by the company and years of experience.  Job satisfaction is reported as high by the vast majority of workers.  Medical and dental benefits are awarded to a large number, and most earn vision coverage.  Men account for the majority of Information Security Managers who responded to the questionnaire — 88 percent to be exact.  Participants in PayScale's salary questionnaire provided the particulars of this report.

While not commonly seen, Information Security Managers who transition into a Chief Information Security Officer position may see a rise in pay. The median salary for Chief Information Security Officers is $157K per year.  The most common promotion for Information Security Managers is an Information Security Officer position, which usually brings in $87K a year. Another standard transition for Information Security Managers seeking advancement is to assume a Director of Computing & Information Technology Security role, where pay is often $116K.



Task Of A Information Security Manager

  • Create and execute policy and audit plans, and identify security risks and operation needs.

  • Lead security training and communicate policies.

  • Manage security testing platforms, including leading forensic investigations and mitigation procedures.

  • Review configuration and updates to ensure software and infrastructure are protected.

  • Assist in migrating information assets and environments into compliant, secure systems.

  • Manage security testing platforms, including leading forensic investigations and mitigation procedures.

Course curriculum

  • 1

    Getting Started

    • Course Discussion

    • Getting A Taste Of Information Security Managment

  • 2

    Chapter 1

    • Introduction to the Management of Information Security

    • Information Security Management Breakdown

  • 3

    Chapter 2

    • Planning for Security

    • Information security training for new employees

  • 4

    Chapter 3

    • Planning for Contingencies

    • Pause Think And Act

  • 5

    Chapter 4

    • Information Security Policy

  • 6

    Chapter 5

    • Developing the Security Program

    • Password Policy

  • 7

    Chapter 6

    • Security Management Models

    • Information Security Awarness

  • 8

    Chapter 7

    • Security Management Practices

  • 9

    Chapter 8

    • 10 Steps of Cyber Security

    • Identifying and Assessing Risk

    • How to Analyze Employee Risk

    • Don't Trust Your IT Department

  • 10

    Chapter 9

    • Risk Management

    • Pause, Think And Act

  • 11

    Chapter 10

    • Protection Mechanisms

  • 12

    Chapter 11

    • Personnel and Security

  • 13

    Chapter 12

    • Law and Ethics

Get A Discount

Get This Course For Less. Download The "National Cyber Security University" App!