IT SECURITY MANAGER SUMMARY OF FUNCTIONS

The Information Technology Security Manager ensures that the risk to the organization’s information posed by a variety of cyberthreats (cyberattacks; theft or corruption from within; etc.) is minimized. The IT Security Manager ensures that when cyberattacks occur or data are stolen or compromised, these incidents are dealt with promptly and effectively and the chance of that particular type of incident recurring is minimized.

IT SECURITY MANAGER ESSENTIAL DUTIES AND RESPONSIBILITIES

• Research the latest information technology security trends.
• Monitor their organization’s networks for security breaches and investigate violations when they occurs.
• Help to design, implement, and maintain the organization’s cybersecurity plan.
• Develop and direct implementation of security standards and best practices for the organization.
• Direct the installation and use of security tools (e.g., firewalls, data encryption), to protect sensitive information.
• Recommend security enhancements to IT Management.
• Help computer technicians, end users when they need to install or learn about new security products and/or procedures.
• Ensure that IT security audits are conducted periodically or as needed (e.g., when a security breach occurs).

ORGANIZATIONAL RELATIONSHIPS

Reports directly to the IT Manager (IT Director, CTO, etc.). Works in conjunction with organizational functions/departments to ensure employees are aware of cybersecurity issues, are trained in good cybersecurity practices, and are practicing safe/secure data collection, data transfers and storage, and use of social media, mobile devices, and apps, among others.

PROCEDURES

The IT Security Manager Job Description is mentioned in the following procedures:

IT SECURITY MANAGER QUALIFICATIONS

A bachelor’s degree in information technology or computer science is required. 10 years of related work experience, with 3 or more in an information security management position, is also required.

Excellent communication skills and the ability to work well with people at every level and in every department are essential. Candidates with certification in information security (CISSP, CSSLP, CCFP, CISM, etc.) or comparable work experience will be given preference. Risk analysis/assessment experience a plus.

Experience with Microsoft Windows Server 2008/Unix server required. Microsoft Project experience preferred.

IT SECURITY MANAGER PHYSICAL DEMANDS

Ability to communicate orally with vendors, management, and coworkers is crucial. Regular use of phone (mobile device) and email for communication is essential. Hearing and vision correctable to within normal ranges is essential for normal conversations, receiving ordinary information, and preparing or inspecting documents.

The ability to remain in a stationary position roughly 50% of the time, as well as the ability to move about the office occasionally (accessing files/storage, office equipment, computers and other office productivity devices, attending meetings, etc.), is required.

Using a computer while sitting for extended periods is common. Must also be able to position self to relocate or maintain equipment, including under tables and desks.

No heavy lifting is expected, though occasional exertion of 20 lbs. or less of force (e.g., picking up and carrying laptops, peripheral / network devices) may be required. Good manual dexterity required to use common office equipment (e.g., computers, mobile devices, calculators, copiers, scanners).

WORK ENVIRONMENT

The job is performed indoors in a traditional office setting. Extended periods of sitting while using a computer or other devices are common.