Profession ict security manager

ICT security managers propose and implement necessary security updates. They advise, support, inform and provide training and security awareness and take direct action on all or part of a network or system.

Would you like to know what kind of career and professions suit you best? Take our free Holland code career test and find out.

Personality Type

  • Conventional / Investigative

Knowledge

  • Internal risk management policy

    The internal risk management policies that identify, assess and prioritise risks in an IT environment. The methods used to minimise, monitor and control the possibility and the impact of disastrous events that affect the reaching of business goals.

  • Legal requirements of ICT products

    The international regulations related to the development and use of ICT products.

  • Information security strategy

    The plan defined by a company which sets the information security objectives and measures to mitigate risks, define control objectives, establish metrics and benchmarks while complying with legal, internal and contractual requirements.

  • ICT problem management techniques

    The techniques related to identifying the solutions of the root cause of ICT incidents.

  • ICT security standards

    The standards regarding ICT security such as ISO and the techniques required to ensure compliance of the organisation with them.

  • Internet of Things

    The general principles, categories, requirements, limitations and vulnerabilities of smart connected devices (most of them with intended internet connectivity).

  • ICT quality policy

    The quality policy of the organisation and its objectives, the acceptable level of quality and the techniques to measure it, its legal aspects and the duties of specific departments to ensure quality.

  • ICT project management

    The methodologies for the planning, implementation, review and follow-up of ICT projects, such as the development, integration, modification and sales of ICT products and services, as well as projects relating technological innovation in the field of ICT.

  • Internet governance

    The principles, regulations, norms and programs that shape the evolution and use of internet, such as internet domain names management, registries and registrars, according to ICANN/IANA regulations and recommendations, IP addresses and names, name servers, DNS, TLDs and aspects of IDNs and DNSSEC.

  • Computer forensics

    The process of examining and recovering digital data from sources for legal evidence and crime investigation.

  • ICT system user requirements

    The process intended to match user and organisation's needs with system components and services, by taking into consideration the available technologies and the techniques required to elicit and specify requirements, interrogating users to establish symptoms of problem and analysing symptoms.

Skills

  • Implement ICT risk management

    Develop and implement procedures for identifying, assessing, treating and mitigating ICT risks, such as hacks or data leaks, according to the company's risk strategy, procedures and policies. Analyse and manage security risks and incidents. Recommend measures to improve digital security strategy.

  • Establish an ICT security prevention plan

    Define a set of measures and responsibilities to ensure the confidentiality, integrity and availability of information. Implement policies to prevent data breaches, detect and respond to unathorised access to systems and resources, including up-to-date security applications and employee education.

  • Manage IT security compliances

    Guide application and fulfillment of relevant industry standards, best practices and legal requirements for information security.

  • Define security policies

    Design and execute a written set of rules and policies that have the aim of securing an organisation concerning constraints on behaviour between stakeholders, protective mechanical constraints and data-access constraints.

  • Solve ICT system problems

    Identify potential component malfunctions. Monitor, document and communicate about incidents. Deploy appropriate resources with minimal outage and deploy appropriate diagnostic tools.

  • Maintain ICT identity management

    Administer identification, authentication and authorisation of individuals within a system and control their access to resources by associating user rights and restrictions with the established identity.

  • Develop information security strategy

    Create company strategy related to the safety and security of information in order to maximise information integrity, availability and data privacy.

  • Manage disaster recovery plans

    Prepare, test and execute, when necessary, a plan of action to retrieve or compensate lost information system data.

  • Lead disaster recovery exercises

    Head exercises which educate people on what to do in case of an unforeseen disastrous event in the functioning or security of ICT systems, such as on recovery of data, protection of identity and information and which steps to take in order to prevent further problems.

Optional knowledge and skills

organisational resilience information confidentiality ict recovery techniques hybrid model ict network security risks cyber security ict encryption identify ict security risks ict process quality models investment analysis mobile device management open source model decision support systems provide technical documentation service-oriented modelling saas model outsourcing model execute ict audits tools for ict test automation systems development life-cycle ict security legislation define technology strategy cyber attack counter-measures web application security threats audit techniques levels of software testing use ict ticketing system

Common job titles

  • Facilities & security manager - san antonio, texas
  • Facilities & security manager
  • Security senior manager - secret clearance
  • Regional partner manager iii
  • Cholera response meal manager
  • Facility operations specialist
  • Configuration analyst ii
  • Infrastructure projects manager
  • Correctional service administrator
  • Case mgr - lcsw, lmft, lpc, rn