#BeAnAwesome: Security Manager
What will I do?
In general, security in IT means ensuring computers, networks and systems in an organisation are safe and protected from any form of illegal and unauthorised access such as intrusion, hacking and other threats.
Cyberthreats are real, as anyone who has been a victim of a computer worm or virus will testify. The widespread use of the Internet and cellular phone systems have exposed large user populations to security threats. A security manager provides IT security certification, system monitoring, compliance and audit.
The security manager's responsibilities include:
- Reviewing and collating input regarding security performance
- Reviewing threats and opportunities identified by security assessments and technical reports
- Identifying IT security issues requiring remediation and investigation
- Providing quality assurance for ICT security training programs
- Reviewing IT security policy to ensure that it remains consistent with government policy and business requirements
- Monitoring and auditing the effectiveness of control systems related to information security
- Performing regular information security risk assessment and developing mitigation strategies for identified risk.
Is it for me?
A security manager should have well-developed communication skills with experience in providing practical and cost-effective security solutions, policy development in security environments, and demonstrate leadership, interpersonal and people management skills.
Various study programmes are available to prepare you for a career in IT security, such as bachelor's degrees in computer science or information technology of engineering, with specialisations in computer security and auditing, network and data security, computer forensics, etc. You can also acquire a professional certification, such as the Certified Information System Security Professional and Certified Hacker.
How much will I earn?
In Malaysia, a security manager may expect a salary between RM3,000 to RM19,000 per month when you are at a senior manager level.
Who will employ me?
Potential employers are Cybersecurity Malaysia, F-Secure Sdn Bhd, Symantec, Malaysia Communication and Multimedia Commission, the Ministry of Defence, the police force and banks. However, some security analysts work freelance for companies to develop security policy and evaluate security performance of IT hardware, applications, computer communication and networks.
Specialisations in ICT security management involves the following aspects:
- Establishing organisational security policy
- Organisational security infrastructure
- Asset classification and control
- Physical and environmental security
- Personal security
- Communications and operations management - the daily management of IT systems and business processes to ensure that security is maintained
- Access control - can apply to databases, computers, services and communications, with special attention to remote access eg Internet or dial-in connection
- System development and maintenance
- Business continuity and planning