CyberSeek Cybersecurity Career Pathway: Cybersecurity manager/admin
Introduction
Cybersecurity managers are advanced-level IT professionals who have worked their way up through the ranks to take on responsibilities in leadership and management. Typically, they have boots-on-the-ground experience with security risk assessment and remediation, computer forensics, incident response and network security; with all this experience and more, they’ve reached a point in their career where they’re ready to manage teams and execute strategies.
Are you considering taking the next step in your career? Or perhaps you’re new to the cybersecurity field and you want to get an idea of what your long-term career plan will look like. In either case, considering a job as a cybersecurity manager is a solid option.
What should you learn next?
The demand for qualified leaders in this growing field only continues to rise as cybersecurity becomes increasingly important. Between September 2017 and August 2018, there were 14,320 job openings for cybersecurity managers. That’s an extremely promising number for future cybersecurity leaders!
If all this sounds good to you, stay tuned and take a look at the rest of this article. We’ll do a deep dive into what it means to be a cybersecurity manager and go through a few pointers on how to become one. All of this information and more is available through the CyberSeek Cybersecurity Career Pathway tool, a free resource for information security professionals.
What is a cybersecurity manager/administrator?
Cybersecurity managers have risen through the ranks of entry- and mid-level jobs to manage a team and handle higher-level strategies. Your company relies on you to prevent security breaches by knowing the IT systems inside and out. Instead of doing the hands-on work, your role is to hire, train and direct the staff who performs those tasks.
As a cybersecurity manager, you will be primarily responsible for:
- Managing a team of technicians, analysts and auditors
- Creating strategies for audits and security protocols
- Executing policies and procedures for corporate computer security
As you can see, being a cybersecurity manager is a lot less about hands-on security work and more about directing the people who work in those roles. You also play a huge role in ensuring the company doesn’t fall victim to hacking, breaches or cybercrime.
If a breach does take place on your watch, you’ll likely lead a forensic investigation to determine exactly what happened and identify weak spots in the system that your team will have to patch. To best anticipate and stop attacks, cybersecurity managers are expected to stay on top of emerging trends in cybersecurity. Current, up-to-date knowledge is power when going head-to-head with cybercriminals who are always looking for a weakness to exploit.
Common job titles
Job titles for cybersecurity managers may vary from company to company and differ based on the role’s specific duties. Common job titles for cybersecurity managers include information security manager, security administrator, information systems security officer, information security officer and information systems security officer.
How much does a cybersecurity manager/administrator make?
Cybersecurity managers can expect to make around $115,000 on average. This number is an average based on online job openings from September 2017 through August 2018.
Keep in mind that your salary will vary based on a couple of key factors. Your work experience and education will have the biggest impact on your salary: The more years of experience and credentials you have under your belt, the more money you can expect to make.
Where you live and work can also influence your salary. Jobs in cities with high cost of living, such as New York or San Francisco, will usually (but not always) come with a higher salary than less pricey areas.
Last but not least, the company you choose to work for will also have an impact on your salary. Some companies will have more money to offer cybersecurity managers than others. Startups or non-profits, for example, may have less money to work with than larger companies or corporations. Websites like Glassdoor can be helpful for learning more about salary expectations at a particular company.
Education, certifications and skills
Education: Having at least a bachelor’s degree is highly recommended for this career track. According to CyberSeek, 68% of job listings for cybersecurity managers want to see a bachelor’s degree. Keep in mind that an additional 24% of job postings would like to see a graduate degree. Since this is a high-level position, having an advanced education that combines information security with business principles will be an asset to you.
Top certifications: This far along in your career, employers expect to see a range of certifications that demonstrate your skills and knowledge of the field. The most common certifications employers want their cybersecurity managers to have are:
- CISSP
- CISM
- CISA
- Security+
Top skills: Cybersecurity managers need to have a deep understanding of core technical skills in addition to business acumen and management principles. According to CyberSeek, the following technical skills are the most sought-after among cybersecurity managers:
- Information security
- Information systems
- Information assurance
- Linux, network security
- Project management
- Vulnerability assessment
- NIST Cybersecurity Framework
- Security operations
On the management and leadership side, CyberSeek recommends having a grasp of the following:
- Executive cyber leadership
- Acquisition and program/project management
- Cybersecurity management
- Legal advice and advocacy
- Strategic planning and policy
- Training, education and awareness
Career pathways for cybersecurity managers/administrators
Cybersecurity management is an advanced-level career you can reach by following one of several different career paths. Naturally, you’ll have to advance from entry-level through mid-level jobs before you’re qualified to work as a cybersecurity manager.
Most cybersecurity managers are promoted from mid-level jobs as either cybersecurity analysts or cybersecurity consultants. The least compatible background for becoming a cybersecurity manager, according to CyberSeek, is penetration and vulnerability tester.
Not all cybersecurity managers come from mid-level careers. Some may instead transfer into the role from a different advanced-level career. CyberSeek shows that both cybersecurity engineers and cybersecurity architects can move into higher-level management or administrative roles. As you can see, you have a few different paths for reaching a cybersecurity manager position.
Common NICE cybersecurity workforce framework categories
Cybersecurity is a complex and growing field, so the National Initiative for Cybersecurity Education (NICE) created a helpful framework to organize cybersecurity jobs by core duties and technical skills. For each job in the CyberSeek tool, you can do a deep dive into which NICE skill clusters are associated with each role. Here’s what it has to say about cybersecurity managers/administrators:
Click on each skill heading in the Career Pathways tool to explore a (very, very extensive) drop-down list of core competencies for cybersecurity managers.
Conclusion: What are the next steps?
Are you ready to ascend to a leadership position? If you’ve diligently worked in the cybersecurity field for some time, are skilled at managing employees and are excited by enacting strategies to protect your company’s information security, then this might just be the role for you. As a seasoned leader, you’ll be driving the business’s efforts to keep out hackers, scammers and cybercriminals.
So what are your next steps? First, you should check out the CyberSeek Cybersecurity Career Pathway page and explore everything there is to learn about cybersecurity managers/administrators. Next, take a look at opportunities to learn advanced cybersecurity skills through certification programs.
FREE role-guided training plans
Sources
- Cybersecurity Career Pathway, CyberSeek
- 9 Critical Responsibilities Of The Cybersecurity Manager, BitSight
- Cybersecurity Manager Career Guide, Florida Tech
- Responsibilities of an Information System Security Officer, Chron
In this Series
- CyberSeek Cybersecurity Career Pathway: Cybersecurity manager/admin
- Top-paying cybersecurity jobs and salary trends for 2024
- The importance of IT certifications in boosting your career
- Understanding the role of a network engineer in IT
- The role of the chief information officer (CIO) in cybersecurity
- What is a network engineer and how to become one?
- What does a system administrator do and how to become one?
- Cyber security hiring: Tips and best practices
- Cybersecurity soft skills: Career benefits of public speaking
- CompTIA Data+ certification: Opening doors to new careers
- Surviving cybersecurity burnout: Tips from industry experts
- How to make a mid-career change to cybersecurity
- 7 top security certifications you should have in 2024
- The Changing Role of the Modern SOC
- Discover the top 5 information security management certifications
- CySA+ versus CASP+: Is the CySA+ good enough for a career in cybersecurity?
- The best cybersecurity jobs in 2023: Trends, roles and salaries
- Top 10 penetration testing certifications for security professionals (2023)
- How to land an entry-level cybersecurity job: Essential skills and certifications
- 133 cyber security training courses you can take now — for free
- Breaking down barriers: How to make cybersecurity more inclusive and diverse
- Computer forensics interview questions
- The digital security forensic analyst salary guide
- Applying linguistics to cybersecurity: The journey of Jade Brown, a 2022 Infosec Scholarship winner
- The Path to “Career 4.0”: Amy Bonus leverages humanities, FinTech experience to bring Cybersecurity to the layperson
- Security engineer: Degree vs. certification
- Cybersecurity engineer: CyberSeek
- Infosec Accelerate Scholarship winner highlights essential qualities of a successful cybersecurity professional
- Career skills, imposter syndrome and intelligence-led pentesting | From the Cyber Work desk
- Cloud security engineer interview questions and answers
- Prior preparation results in a big payoff for Jason Mondragon, an Army veteran transitioning into cybersecurity
- Infosec scholarship winner Kandice Kucharczyk salutes her mentors as she sets her sights high
- Which CompTIA cert is right for you: Security+, PenTest+, CySA+ or CASP+? [updated 2023]
- How VetsInTech and Infosec Laid the Path to Gaurav Panta’s New IT Career
- Infosec 2022 scholarship winner Anthony Torres: Bringing the Marine Corps ethos to the cyber domain
- Infosec Scholarship winner Chris Chisholm knows the power of service and diversity in cybersecurity
- Betta Lyon Delsordo, Infosec scholarship 2022 winner, is a true life-long learner
- A veteran transitions from military medical logistics to multi-national security analyst
- An Army National Guard member fast tracks his cybersecurity career transition with VetsinTech
- How a career harnessing Navy nuclear energy can power a transition to a Security+ certification
- What is a cloud administrator? Essential roles and skills
- Security control mapping: Connecting MITRE ATT&CK to NIST 800-53
- Should you take the CCSP/SSCP before the CISSP? [updated 2022]
- (ISC)² certifications: The ultimate guide [updated 2022]
- CCSP vs. Cloud+ [updated 2022]
- Data architect: The ultimate career guide
- The ultimate guide to ISACA certifications: Overview & career paths [updated 2022]
- I failed IAPP’s CIPP/C certification. Here’s how I recovered
- How learning to be "Always Flexible" helped a Marine in earning the Security+ certification
- How to learn and pass your next certification exam
- Mission accomplished: How one army veteran turned neurobiologist moved into cybersecurity
Get certified and advance your career
- Exam Pass Guarantee
- Live instruction
- CompTIA, ISACA, (ISC)², Cisco, Microsoft and more!
Professional development
Professional development
Professional development
Professional development
The role of the chief information officer (CIO) in cybersecurity