Cybersecurity project manager: Is it the career for you?
A career in cybersecurity has a lot to offer, including a fast-paced work environment with upward mobility fueled by the field’s growing prioritization in board rooms around the globe. Whether you’re looking to advance your current cybersecurity career or considering a switch of industries all together, a cybersecurity project manager could be the perfect fit.
The Project Management Institute (PMI) defines project managers as change agents. “They make project goals their own and use their skills and expertise to inspire a sense of shared purpose within the project team.” Glassdoor ranks the role of project manager #32 on their Top 50 Best Jobs in America in 2021.
What should you learn next?
Now add cybersecurity to that title and you’ve got the allure of cool new tech and rising responsibility as executive teams look to IT for defense against cyber attackers who increasingly wage costly war on organizations of all sizes, in every industry.
What is a cybersecurity project manager and what does it take to thrive in the job? Jackie Olshack, PMP, a longtime cybersecurity project manager says it comes down to managing risk. “I work to ensure my organization’s critical infrastructure, their assets, things that are critical to the organization’s survival has security built in, preferably from the very beginning.”
Day in the life of a cybersecurity project manager
Project managers work in every type of organization to resolve activities into documented, monitored and controlled tasks. On-time and on-budget are always the goals. For cybersecurity, it’s no different.
Cybersecurity project managers work to resolve activities that are designed to reduce risk that could be exploited by hackers and help the organization thrive. That may mean overseeing vulnerability management projects, or the need for security patches to be applied in a timely manner. Or, if your organization accepts credit cards, compliance calls for a wide range of requirements to be met and therefore managed. If your organization handles personally identifiable information (PII), you need to take certain steps to ensure that information is always protected.
Olshack is a cybersecurity project manager for her organization’s Identity Access Management (IAM) efforts, which is all about making sure the right people have the right access to the right resources at the right time.
Security tools, while mission-critical, can also be costly. Leadership wants to know they work as intended so it’s the job of a cybersecurity project managers to “constantly track [IAM] progress, show value and demonstrate ROI,” Olshack says.
What does it take?
Cybersecurity project managers are problem solvers. The dominant trait among most successful people in this role is an ability to navigate seemingly constant change. Because along with change often comes stress, the ability to manage projects and people through stressful times is also important. There are many moving people, parts and processes that come with any one project and ensuring they all move forward together, even during times of uncertainty, is key.
While a computer science or engineering degree isn’t required to work as a cybersecurity project manager, there are numerous cybersecurity project management certification opportunities that will help you get your foot in the door. Some are for project management and others are for IT and security. Both can be beneficial.
PMI offers the Project Management Professional (PMP) certification which provides a methodology and a framework for managing projects successfully. It demonstrates you have the technical skills to manage a project, and a dedication to excellence.
IT Infrastructure Library (ITIL) certification highlights your abilities to manage the IT lifecycle while aligning it with the business. It’s a framework for effective digital service delivery, including best practices for disciplines that include IT Service Management or IT Asset Management.
Certified Information Security Manager (CISM) is a security-specific certification from ISACA that demonstrates your ability to handle a wide array of infosec issues.
From CompTIA, Security+ certification is another infosec option. It validates basic security skills so you can more effectively navigate your team’s scope of work and understand the potential pitfalls.
According to Olshack, who came from a non-IT, non-project management background, both types are helpful. They helped her understand the function of project management, IT and security service, industry lingo and general thought processes used when approaching new work. They also give her credibility among the teams she works with every day.
Bright future
Like other cybersecurity disciplines, the project manager has a defined career path. At its core, they manage projects. At a more advanced level, the management of other project managers is handled by program managers. There are also functional cybersecurity project managers that both manage an on-time, on-budget project delivery while they also perform some of the work. More advanced technical knowledge is required of course for this role, and it usually represents an increase in compensation over those that don’t project manage.
In larger organizations, you will likely find a Project Management Office (PMO) with a cybersecurity committee. This is where the cybersecurity project manager fits in, alongside those that manage other organizational projects such as engineering, product development and other functional departments. Rather than staffing cybersecurity project managers, some smaller companies will assign standard project managers to cybersecurity needs, as they arise.
FREE role-guided training plans
Regardless of your chosen path, the future for cybersecurity project managers is bright. Many work from home full time, as Olshack has always done, and feel rewarded about the contribution they are able to make to the security of their organization.
“I’ve met so many smart people in my role, she said. “I’ve learned what it takes to run an organization’s security. Our entire team feels great compassion for those companies that we hear about on the news, who have been breached. We talk it out because, at the end of the day, we’re all trying to make sure cyberattacks like Solar Winds don’t happen to us.”
That’s the other plus to being a cybersecurity project manager – in a backwards sort of way. Hackers will always hack. And that equates to both job security and constant challenge.
To learn more about what it takes to become a cybersecurity project manager, watch our Cyber Work Podcast, Project management in cybersecurity with guest, Jackie Olshack, PMP.
Sources
Project Management Institute, Who are Project Managers
GlassDoor, 50 Best Jobs in America for 2021
Get unlimited and self-paced training for you or teams in your organization with Infosec Skills.
- 190+ role-guided learning paths
- 100s of hands-on labs & cyber ranges
- Custom certification practice exams
In this Series
- Cybersecurity project manager: Is it the career for you?
- Top-paying cybersecurity jobs and salary trends for 2024
- The importance of IT certifications in boosting your career
- Understanding the role of a network engineer in IT
- The role of the chief information officer (CIO) in cybersecurity
- What is a network engineer and how to become one?
- What does a system administrator do and how to become one?
- Cyber security hiring: Tips and best practices
- Cybersecurity soft skills: Career benefits of public speaking
- CompTIA Data+ certification: Opening doors to new careers
- Surviving cybersecurity burnout: Tips from industry experts
- How to make a mid-career change to cybersecurity
- 7 top security certifications you should have in 2024
- The Changing Role of the Modern SOC
- Discover the top 5 information security management certifications
- CySA+ versus CASP+: Is the CySA+ good enough for a career in cybersecurity?
- The best cybersecurity jobs in 2023: Trends, roles and salaries
- Top 10 penetration testing certifications for security professionals (2023)
- How to land an entry-level cybersecurity job: Essential skills and certifications
- 133 cyber security training courses you can take now — for free
- Breaking down barriers: How to make cybersecurity more inclusive and diverse
- Computer forensics interview questions
- The digital security forensic analyst salary guide
- Applying linguistics to cybersecurity: The journey of Jade Brown, a 2022 Infosec Scholarship winner
- The Path to “Career 4.0”: Amy Bonus leverages humanities, FinTech experience to bring Cybersecurity to the layperson
- Security engineer: Degree vs. certification
- Cybersecurity engineer: CyberSeek
- Infosec Accelerate Scholarship winner highlights essential qualities of a successful cybersecurity professional
- Career skills, imposter syndrome and intelligence-led pentesting | From the Cyber Work desk
- Cloud security engineer interview questions and answers
- Prior preparation results in a big payoff for Jason Mondragon, an Army veteran transitioning into cybersecurity
- Infosec scholarship winner Kandice Kucharczyk salutes her mentors as she sets her sights high
- Which CompTIA cert is right for you: Security+, PenTest+, CySA+ or CASP+? [updated 2023]
- How VetsInTech and Infosec Laid the Path to Gaurav Panta’s New IT Career
- Infosec 2022 scholarship winner Anthony Torres: Bringing the Marine Corps ethos to the cyber domain
- Infosec Scholarship winner Chris Chisholm knows the power of service and diversity in cybersecurity
- Betta Lyon Delsordo, Infosec scholarship 2022 winner, is a true life-long learner
- A veteran transitions from military medical logistics to multi-national security analyst
- An Army National Guard member fast tracks his cybersecurity career transition with VetsinTech
- How a career harnessing Navy nuclear energy can power a transition to a Security+ certification
- What is a cloud administrator? Essential roles and skills
- Security control mapping: Connecting MITRE ATT&CK to NIST 800-53
- Should you take the CCSP/SSCP before the CISSP? [updated 2022]
- (ISC)² certifications: The ultimate guide [updated 2022]
- CCSP vs. Cloud+ [updated 2022]
- Data architect: The ultimate career guide
- The ultimate guide to ISACA certifications: Overview & career paths [updated 2022]
- I failed IAPP’s CIPP/C certification. Here’s how I recovered
- How learning to be "Always Flexible" helped a Marine in earning the Security+ certification
- How to learn and pass your next certification exam
- Mission accomplished: How one army veteran turned neurobiologist moved into cybersecurity
Get free resources in your inbox!
Sign up for our newsletter and get free cybersecurity resources in your inbox every week. Prepare for your next cert, learn new skills, increase your salary and more!
Professional development
Professional development
Professional development
Professional development
The role of the chief information officer (CIO) in cybersecurity