9 Critical Responsibilities of an IT Security Manager

This post was updated on January 27, 2020.

IT security managers (also known as cybersecurity managers) serve as an organization’s experts on cybersecurity protection, detection, response, and recovery.

The responsibilities of an IT security manager, however, can vary depending on the size of the organization. 

In smaller organizations, you may be the one running the show and could be tasked with everything from setting security policy to managing the technical aspects of security (and everything in between). 

In a larger organization, the role of the IT security manager typically assumes a more narrow focus and you can be expected to play one of two roles:

1. A technical security manager. In this role, you would be in charge of security systems, such as firewalls, data protection controls, patching, encryption, vulnerability scanning, pen testing, and so on. You would also manage the team that oversees the proper deployment, configuration, and functioning of these systems. 
2. A program security manager. This is a more strategic role that would see you engaged in the world of risk management and mitigation. Typically, this individual is involved in evaluating vendor risk, examining vendor contracts or terms of service, helping different teams around the organization understand third-party risk and data privacy issues, and more.

Of course, an IT security manager’s role and responsibilities are going to vary tremendously based on the size of the team and the industry. But there are still a number of critical functions tasked to this individual at nearly any organization. We’ve organized those roles and responsibilities below.

What does an IT security manager do?

This strategically important role compromises nine key responsibilities:

1. Monitor all operations and infrastructure. This could be something you do by yourself, or you could be leading a team — either way, your daily bread and butter involves going through alerts and logs (the computer security equivalent of video surveillance) in order to keep an eye on your organization’s digital security footprint.
2. Maintain all security tools and technology. This could be a shared responsibility or the sole responsibility of the IT security manager and their team.
3. Monitor internal and external policy compliance. You want to ensure that both your vendors and employees understand your cybersecurity risk management policies and that they operate within that framework. The IT security manager is the living embodiment of policy, and while you may not always be in charge of enforcement, you are responsible for making sure things are in line internally.
4. Monitor regulation compliance. This is particularly important if you’re in a heavily regulated industry and are dealing with things like credit card information, health care data, or other personally identifiable information.
5. Work with different departments in the organization to reduce risk. From technical controls to policies (and everything in between), you’ll likely be tasked with working across the aisle of departments in your organization to get everyone on the same page.
6. Implement new technology. If your organization is looking at a new technology, you must evaluate it and help implement any controls that might mitigate the risk of its operation.
7. Audit policies and controls continuously. Cybersecurity is a circular process, and as a manager, you must drive that process forward. This means regularly auditing the policies and controls you put into place. These audits will tell you if there’s anything you need to improve, remediate, or quickly fix.
8. Ensure cybersecurity stays on the organizational radar. Does it seem as though the organization you’re with isn’t being proactive about cybersecurity? As the IT security manager, your job is to make the benefits clearly visible and champion all efforts going forward.
9. Detail out the security incident response program. Every organization should have a well-defined and documented plan of action to put into place if a security incident does occur. 

As the IT security manager, it is your responsibility to ensure that this program is tested throughout the organization and that every high-level manager knows his or her duties during such an incident. This may be a responsibility that is the IT security manager’s alone, or it could be a shared responsibility.

Optimize your security program performance

In many large organizations, the chief information security officer is involved in briefing the board members on cybersecurity — but depending on the size and maturity of the security program in your organization, this may fall on the IT security or cybersecurity manager. 

If this falls within your scope of work, you should focus on communicating the state of your information security program, including your successes and failures. 

That’s where BitSight can help. Our security performance management tools help facilitate data-driven conversations to help teams communicate effectively on cybersecurity risk, identify gaps in their cybersecurity programs, and determine where to focus investments for the highest impact on security program performance.