Any hip bar or nightclub is only as good as its bouncer. A talented bouncer can quickly and accurately spot fake IDs, maintain situational awareness and work with teammates to anticipate and respond immediately to security threats. You could have the best drinks, tastiest appetizers and swankiest clientele, but without a skilled security professional watching the house, the success of your whole establishment is at risk.
The same can be said for an organization and its cybersecurity. For government agencies and contractors whose businesses rely on sensitive and classified information, network security is essential to success. In order to protect highly valued data systems, organizations hire Information Systems Security Managers (ISSM).
What does an ISSM do?
Sometimes called “IT Security Managers,” ISSMs plan and enforce security measures that protect their organization’s data. They anticipate potential sources of weakness in the existing system, investigate security violations and design strategic security programs. Most often, the ISSM is an experienced manager who will lead a team that will help him or her carry out these tasks.
He or she is also responsible for working cooperatively with departments across the organization to ensure that proper security protocols and system integrity are maintained at all times. This requires good customer service skills and flexible thinking on the part of the ISSM; they must know how to ensure security while still ensuring functionality of the system for users across the organization.
If working for a federal agency or a contractor who services the federal government, ISSMs must also make sure that their organization’s security standards comply with all applicable federal guidelines and regulations. Regular reviews and inspections are necessary to ensure that compliance is always maintained.
What does it take to be an ISSM?
ISSMs and bouncers do have a lot of requirements in common, but don’t worry: maintaining an intimidating, linebacker physique isn’t one of them.
First and foremost, an Information Systems Security Manager needs knowledge of diverse operating systems, data structures and web authoring applications. Aptitude in wide range of programs like VM Ware, Oracle, Linux, Windows, Solaris and Cisco is key experience employers will look for.
In addition, knowledge of database design, systems software security, network security, firewalls, networking fundamentals and government compliance laws are necessary for success as an ISSM.
Along with this background knowledge, employers typically look for a BA in an applicable field and at least 5 years experience with information security, computer or information science. Because ISSMs are usually leading a team of security specialists, experience as a manager is typically also preferred.
Do you have what it takes to be a successful ISSM?
Given the high-stakes nature of data security, securing a job as an Information Systems Security Manager will take more than just a snazzy font on your resume. However, you could be a leading candidate if you possess the majority of these qualifications:
- At least a Bachelor’s degree (or equivalent work experience) in an applicable field like computer science or information systems
- At least five years experience working with security or information science
- Diverse and in-depth knowledge of a variety of software, operating systems, databases, government requirements, encryption tools and techniques and security tools and programs
- Analytical thinker capable of anticipating challenges and creating strategic plans to protect overall system security
- Strong interpersonal and communication skills to interact effectively across teams and departments, ensuring universal compliance to security protocols and practices
- Willingness to work overtime or irregular hours in order to address issues as they arise and ensure that problems are solved effectively
If you are just starting your career, have limited experience with security or lack a diversity in your technical knowledge, you may want to consider taking courses, receiving certifications or adding a few more years to your job experience to become a competitive candidate.