The role of the IT Security manager is a recent one and many are grappling with how to define it. A decade or so ago, security was just a name and no special significance was attached to it. It is not the case today. Today, the IT Security manager is an important person in the organization.
These are some personal qualities that a successful security manager will possess:
An ideal IT Security manager will have a proper mix of education and experience to start with. The CISSP, CISA, CEH and other GIAC certifications are great to have. It is said that “Knowledge is power” and more the amount of information in this developing field the better it is for the professional.
Other advantageous tools to have in the personal arsenal might be a good amount of networking experience. Other must haves for the Security manager should be that she/he must definitely be technically very sound and knowledgeable in all aspects related to technology.
Additional traits to become a successful IT manager can be defined as follows:
- Must be able to lead the way. The first and foremost amongst the important qualities for an Information Security manager should be that he/she must be a charismatic leader. He/she must be able to able to lead the entire team with a broad vision on the long-term impact on the organization. Having a pleasant demeanor and always being a good listener are other crucial personal special traits necessary for a successful Security manager. Visioning the security scenario five years hence or ten years hence helps the planning process a little bit better.
- Enable management to understand Information Security issues. Since Information Security is still not considered a major component of today’s infrastructure, it is the duty of the IT Security manager to help the management understand the Information Security issues within an organization. If there is information, it must be protected. If there are physical assets, it must be protected.
- Information Security manager should be aligned with business objectives of an organization
- Information Security manager should be able to bridge the gap between upper management and peers. It is also important for the security manager to bridge the gap between the upper management and peers. While it is crucial for the security manager to emphasize the importance of security issues to upper management, the same has to be communicated to the peers. Prioritizing tasks, sticking to budgets and making sure appropriate security controls are implemented are also equally important for the security manager.
- The IT Security manager should make sure that all aspects of the Information security program are followed. Last but not the least security manager should make sure that security education is an ongoing program and it is continually updated. It is the security manager’s duty to ensure that an information security program is diligently followed. Failure to do will result in great losses to assets to the organization.