What does an information technology security manager do?
An information technology security manager is responsible for maintaining the safety and security of the organization's network systems to prevent unauthorized access and illegal dissemination of information from the database. Information technology security managers resolve technical issues, configure network updates, and upgrade system infrastructures to enhance optimal performance and navigation. They also install applications, inspect security breaches, and fix faulty servers to avoid system downtimes and operational delays. An information technology security manager must have excellent technical and communication skills, especially in writing reports for system findings and design networks according to business requirements.
Information technology security manager responsibilities
Here are examples of responsibilities from real information technology security manager resumes:
- Manage and represent RMFMC when dealing with patients and employees regarding matters of breach of privacy and / or HIPAA violations.
- Manage CoBIT compliance and control self-assessment program to identify control deficiencies.
- Manage the conversion to a hybrid NAS/disk/tape CommVault base backup environment resulting in decreasing backup windows and improving recovery objectives.
- Create and implement security controls (encryption, inventory management), policies and procedures to ensure HIPAA compliance.
- Maintain the operation in conformity with ITIL standards and practices.
- Assist NASA in its compliance with relevant security standards, including NIST and FISMA.
- Assist and coordinate with external auditors for obtaining ISO [] certifications for the company.
- Perform evaluation of AOL s businesses migration to AWS for compliance with AOL and NIST security standards.
- Develop enterprise processes and procedures to support SOX compliance initiatives.
- Design web-based security networks and architecture for secure on-line transactions.
- Evaluate similar DLP products and provide recommendations for enterprise implementation.
- Participate in annually SOX audit for process maturity and authorization compliance.
- Provide application and architecture security reviews and identify recommendations for improvements.
- Analyze firewall, proxies, windows event and security logs using various securityrelate proprietary and third-party tools.
- Utilize vulnerability detection data from QualysGuard to develop scripts that import data into Splunk log management system.
Information technology security manager skills and personality traits
We calculated that 7% of Information Technology Security Managers are proficient in NIST, Risk Management, and Project Management. They’re also known for soft skills such as Analytical skills, Detail oriented, and Ingenuity.
We break down the percentage of Information Technology Security Managers that have these skills listed on their resume here:
- NIST, 7%
Lead, develop and implement enterprise security risk reporting by business segments utilizing NIST 800-30 Risk Management Guide concepts.
- Risk Management, 6%
Implemented a vulnerability scan program that effectively monitored, analyzed and resolved threats and vulnerabilities for the Risk Management program.
- Project Management, 6%
Project Management responsibilities include coordination with corporate entities to communicate upcoming corporate projects to senior management.
- Risk Assessments, 4%
Achieved outstanding results on all yearly Information Technology audits and performed several internal and external penetration tests and vulnerability/risk assessments.
- Incident Response, 4%
Provided engineering support for security operations, including incident response and security monitoring.
- ISO, 4%
Achieved initiatives by developing and implementing quality systems for all phases of ISO 27001, ISO 22301/BS 25999.
"nist," "risk management," and "project management" are among the most common skills that information technology security managers use at work. You can find even more information technology security manager responsibilities below, including:
Analytical skills. One of the key soft skills for an information technology security manager to have is analytical skills. You can see how this relates to what information technology security managers do because "information security analysts must carefully study computer systems and networks and assess risks to determine how security policies and protocols can be improved." Additionally, an information technology security manager resume shows how information technology security managers use analytical skills: "provided guidance on data center security operations, disaster recovery, and documented results for multiple projects. "
Detail oriented. Many information technology security manager duties rely on detail oriented. "because cyberattacks can be difficult to detect, information security analysts must pay careful attention to computer systems and watch for minor changes in performance.," so an information technology security manager will need this skill often in their role. This resume example is just one of many ways information technology security manager responsibilities rely on detail oriented: "created detailed plans and reports related to audit findings iso 27001, soc2, pci (nist 800-53). "
Ingenuity. This is an important skill for information technology security managers to perform their duties. For an example of how information technology security manager responsibilities depend on this skill, consider that "information security analysts must anticipate information security risks and implement new ways to protect their organizations’ computer systems and networks." This excerpt from a resume also shows how vital it is to everyday roles and responsibilities of an information technology security manager: "provide expertise and ingenuity to the risk and information security management tasks. ".
Problem-solving skills. A big part of what information technology security managers do relies on "problem-solving skills." You can see how essential it is to information technology security manager responsibilities because "information security analysts must respond to security alerts and uncover and fix flaws in computer systems and networks." Here's an example of how this skill is used from a resume that represents typical information technology security manager tasks: "maintain and configure linux based server solutions. "
The three companies that hire the most information technology security managers are:
- KPMG LLP23 information technology security managers jobs
- Marsh & McLennan Companies6 information technology security managers jobs
- JPMorgan Chase & Co.5 information technology security managers jobs
Choose from 10+ customizable information technology security manager resume templates
Build a professional information technology security manager resume in minutes. Our AI resume writing assistant will guide you through every step of the process, and you can choose from 10+ resume templates to create your information technology security manager resume.
Compare different information technology security managers
Information technology security manager vs. Securities consultant
A securities consultant is responsible for maintaining the safety and security of the company's premises, including enforcing protection for all the employees and company assets. Securities consultants also handle the confidentiality and stability of data network systems to prevent potential breaches and unauthorized access to information. They coordinate with the system analysts to design programs and databases as part of technical solutions to maximize productivity and increase efficiency. A securities consultant writes incident reports, recommend strategic techniques, and research threat risks that may put the company in jeopardy.
There are some key differences in the responsibilities of each position. For example, information technology security manager responsibilities require skills like "risk management," "governance," "vulnerability management," and "network security." Meanwhile a typical securities consultant has skills in areas such as "application security," "security management," "customer service," and "architecture." This difference in skills reveals the differences in what each career does.
Securities consultants tend to make the most money working in the technology industry, where they earn an average salary of $99,249. In contrast, information technology security managers make the biggest average salary, $127,504, in the hospitality industry.On average, securities consultants reach lower levels of education than information technology security managers. Securities consultants are 6.5% less likely to earn a Master's Degree and 0.5% more likely to graduate with a Doctoral Degree.Information technology security manager vs. Securities analyst
Securities analysts, also known as financial analysts, are responsible for collecting and interpreting data on securities, economies, corporate strategies, and financial markets. They provide clients with recommendations on investments based on in-depth research. This role has various duties and responsibilities that include putting out a buy, sell or hold recommendation in the financial markets, assessing the value and financial stability of companies, and meeting with company representatives to better understand their business practices. Securities analysts are also responsible for devising financial models.
Each career also uses different skills, according to real information technology security manager resumes. While information technology security manager responsibilities can utilize skills like "risk management," "project management," "governance," and "security program," securities analysts use skills like "security policies," "security systems," "database," and "security events."
On average, securities analysts earn a lower salary than information technology security managers. Some industries support higher salaries in each profession. Interestingly enough, securities analysts earn the most pay in the finance industry with an average salary of $95,246. Whereas information technology security managers have higher pay in the hospitality industry, with an average salary of $127,504.Average education levels between the two professions vary. Securities analysts tend to reach similar levels of education than information technology security managers. In fact, they're 4.2% less likely to graduate with a Master's Degree and 0.5% more likely to earn a Doctoral Degree.Information technology security manager vs. Sap security consultant
An SAP security consultant is responsible for maintaining the safety and security of network and applications within the database management systems. SAP security consultants analyze the stability and efficiency of the user interface, authorize data access, and perform audits and quality checks. They also identify resolution for system issues and determine network solutions to increase optimization. An SAP security consultant must have excellent communication and technical skills, especially in assisting end-users with the server navigations.
There are many key differences between these two careers, including some of the skills required to perform responsibilities within each role. For example, an information technology security manager is likely to be skilled in "nist," "risk management," "project management," and "risk assessments," while a typical sap security consultant is skilled in "bi," "crm," "eam," and "sap ecc."
Sap security consultants earn the best pay in the pharmaceutical industry, where they command an average salary of $120,464. Information technology security managers earn the highest pay from the hospitality industry, with an average salary of $127,504.When it comes to education, sap security consultants tend to earn similar degree levels compared to information technology security managers. In fact, they're 1.0% less likely to earn a Master's Degree, and 0.5% less likely to graduate with a Doctoral Degree.Information technology security manager vs. Cyber security analyst
A cybersecurity analyst is responsible for planning and carrying out security measures to protect a company's computer networks and systems. They constantly keep tabs on threats and monitor their organization's networks for any security breaches. Their tasks involve installing computer programs or software and encryption, reporting breaches or weak spots, exploring new IT trends, educating the company's information security team on security. They also do simulate security attacks to find possible network and system vulnerabilities.
Types of information technology security manager
Updated January 8, 2025
