How to Become an Information Security Manager


Becoming an information security manager is a goal that many in the information security and IT fields have set for themselves. The position demands a symphony of skills all coming together – from top-flight security technology and tool skills to innate managerial skills that either you have, or you don’t. In return, information security managers receive experience with a commanding view of their respective security department or team and are paid well to boot.

This article will detail what you have to do to become an information security manager and serves as a general roadmap for how you can blaze your own trail to this promising career.

DevOps Connect:DevSecOps @ RSAC 2022

What Does an Information Security Manager Do?

In terms of the big picture, information security managers are essentially the brain of the operation in an information security department or team. Whereas the “lower-ranking” information security professionals will focus on the more hands-on daily security technology and tool configuration changes, information security managers focus more on the higher-level information security considerations and changes. This distinction may sound like not that big of a deal, but it really can be quite profound.

At a micro level, information security managers are really the biggest star of the information security team or department. This is not by any means an exhaustive list of what an information security manager does on a daily basis; it does, however, give a general feel for what one would be expected to do daily:

  • Create and implement strategies to improve the security and reliability of IT projects
  • Create, execute and maintain organization information security policies and procedures
  • Manage a diverse team of information security experts, from incident responders to vulnerability auditors
  • Institute an information security awareness training program for the entire organization
  • Act as the highest escalation level for security incidents (Read more...)

*** This is a Security Bloggers Network syndicated blog from InfoSec Resources authored by Greg Belding. Read the original post at: