IT Security Manager Responsibilities: Oversight, Reporting, Personnel Management
Brian Thomas | July 30, 2019
The role of IT security manager, information security manager, or cybersecurity manager will vary depending on a number of factors — industry, business size, network sophistication, and so on. However, a person in this role can expect to be held to some or all of the following information security manager responsibilities:
Taking ownership of security and risk management processes/policies
Auditing and understanding existing policies and adjusting policies as needed to meet new threats
Aligning company policies to existing frameworks (NIST, CIS, etc.)
Conducting periodic policy/process assessments and updates
The first and most important responsibility of an IT security manager is taking ownership of existing risk management policies, understanding what processes are in place, and adjusting them to meet best practices. As a cybersecurity leader at your organization, you’re responsible for maintaining cybersecurity policy and ensuring that processes are adequate for the current threat landscape.
Have a full understanding of the current threat landscape
Identify risks to the business and recommend strategies to address those risks
Develop long-term security roadmap
IT security manager responsibilities include both protecting systems for today and anticipating tomorrow’s threats. The protections you have in place now may leave you exposed in only a few months time. A big part of an IT security manager’s job comes down to staying informed about emerging threats and new trends in cyber crime.
Understand all laws and regulations applicable in your state/country and industry
Implement policies that will keep the organization compliant
Coordinate regular internal and third-party compliance audits
Cybersecurity is increasingly a matter of public safety. Not surprisingly, a number of new laws are going on the books that are designed to regulate businesses that store customer data — CCPA in California and GDPR in the EU being two noteworthy examples. Part of an IT security manager’s job today involves understanding and implementing policies that are based on legal guidelines to ensure that all IT systems are both secure and compliant with the law.
Incident detection and management
Analyze information systems using packet analysis tools, intrusion prevention software, forensics tools, and vulnerability assessment software
Investigate and respond to security incidents
Develop standardized documentation to create a record of breaches
It’s not always apparent when your network has been compromised. In a recent incident involving a Saudi petrochemical plant, cybercriminals had gained control of third-party devices a full two years before the attack was discovered, leaving vital protective systems exposed the whole time. Monitoring of network systems for intrusion is a full time job, one that involves ongoing updates to tools and tactics based on current threats in the ecosystem.
Business continuity/disaster recovery management
Create a business continuity plan in the case of a data breach or cyber attack
Coordinate cyber attack drills to rehearse plan
Periodically review and update
80% of companies will experience some kind of critical security breach in 2019. IT security managers are responsible for having a plan in place for when the worst happens. Your responsibility includes developing a plan to conduct business during a cyberattack, and mitigate the worst effects during recovery. Everyone will be looking to you for guidance and leadership in the wake of a crisis.
Assessing internal cybersecurity
Coordinating regular penetration tests, vulnerability scans, etc.
Identify weaknesses in network protections and remediate
Running penetration tests and vulnerability scans offer valuable insight into gaps and weaknesses in your cybersecurity defenses. IT security managers will be tasked with identifying and remediating deficiencies to ensure network systems can withstand a head-on cyber attack.
Managing cybersecurity hygiene/diligence
Ongoing patch management
General network hygiene (reviewing open ports, updating firewalls, etc.)
Website/domain security hygiene (TLS/SSL, etc.)
Networks require ongoing work to stay up to date with best practices. That involves periodic updates to ports, patches, and domains to ensure that no easy access points are left exposed. As the IT security manager, scheduling ongoing maintenance (and putting tools in place to track when your network is exposed) is part of your job.
Third-party risk management
Managing the third-party risk management (TPRM) program
Sending cyber risk questionnaires to third parties and reviewing responses
Third-party site visits
Every third-party vendor in your network presents a potential risk. In fact, many of the biggest data breaches in recent years have originated in third-party software. Your cybersecurity is only as good as the security at your third-party vendors.
As the IT security manager, you’re tasked with managing a TPRM program, sending cyber risk questionnaires and keeping your vendors in check. You’ll also be in charge of finding software tools that can automate TPRM processes and alert you about high-risk vendors.
Lead the planning, testing, tracking, remediation, and risk acceptance of existing and proposed technology
Promote implementation of new technology, solutions and methods to improve business processes, quality, efficiency, effectiveness and value delivered to customers
Conduct ongoing reviews of technology partners to weed out weak links
IT security managers will often be tasked with finding and implementing new technology and software to keep network protections up to speed with best practices. In many cases, the security manager will also need to make a case to other team leaders for directing investment to new technology solutions.
Encourage the technical development of all team members
Train technical and non-technical personnel on compliance requirements
Assorted other managerial tasks and responsibilities
Not every part of the IT security manager’s job is technical. Personnel management is a vital part of running a successful IT department. As the manager, you’ll be tasked with hiring, providing support and training for junior team members, getting them up to speed with compliance requirements and best practices.
In short, IT security managers are saddled with a number of mission-critical responsibilities. To ease the burden, many cybersecurity managers rely on tools like BitSight that automate internal systems monitoring, and keep an eye on the wider ecosystem to survey for threats.
Between difficulty communicating with boards and executives, decreasing budgets, and difficulty measuring how exactly risk was being reduced, security leaders are under pressure to change the way they do things. The situation for security...
Cloud computing is not new to the cyber world; it’s here to stay. Web services are common in our everyday lives and workplaces, with things like Facebook, Salesforce, JIRA, Adobe, and GSuite all falling into the cloud-based category. But...
In the cybersecurity industry we deal with news of breaches or potential threats nearly every day, but when you really think about it, it’s bizarrely rare how little these events impact our everyday lives. Yes, they impact the professional...