Defining the Career
If you like sports analogies when it comes to understanding a career, think point-guard or quarterback when it comes to understanding the role of a Security Administrator. This position is the “in-the-game” point person of a company’s cybersecurity team. We want to make a distinction between “in-the-game” point person to make it clear that this position is not the head coach. If you want to be the head coach, check out our career guide for the role of Chief Information Security Officer (CISO). A company’s Security Administrator works closely with the CISO in designing the network security policies but takes more of a lead role in implementing them.
Deploying and maintaining the comprehensive security infrastructure for an organization is the overarching responsibility of this career. This role typically has multiple team members who help deliver on this broad and comprehensive assignment. Another aspect of this career is a mixture of training or at a minimum developing the procedures to ensure all employees are educated in cybersecurity awareness and procedures that ensure all data, hardware, and networks stay safe and secure. Very few, if any, cybersecurity decisions should be made in daily operations without first consulting with the Security Administrator.
Lastly, this career also will have you involved in developing and keeping your company’s disaster recovery protocols up to date. You are responsible for compiling security audit reports, suggest action items based on these reports and their findings, and handle any compliance issues for the company. If this sounds like a lot of paperwork (even if it is digital), then you are on the right track. So if this type of administrative, policy & protocol, compliance work is not what you are looking for, you may want to consider being a member of the security administrator’s team. If we have not scared you off, let’s turn our attention now to the type of education and experience that you need for this career.
Education & Experience
Let’s begin this section by reviewing the education needed to succeed in this role. Almost everywhere we looked, a bachelor’s degree in a computer-related field such as computer science or engineering was the starting point. The number of cybersecurity degrees is rapidly growing, and more and more of these degrees are focusing in on the field of network administration. As you consider which degree will best prepare you for a career as a security administrator, you need to keep in mind the distinction between a security Administrator and system Administrator. The latter has more responsibility for the physical set up and maintaining of the computer systems while the security administrator specializes more in keeping the data and networks on these systems secure and protected. We share this with you so that you do not spend a disproportionate amount of your education and training on the actual networks themselves. While it is extremely valuable to understand the different network components and how they interact with each other, this should not be your expertise. If a server breaks (as compared to a network security breach), you will more than likely be calling on another member of your company’s IT department.
While obtaining a minimum of a bachelor’s degree is very important for this career, it is more critical for other entry-level positions that you can enter into with little to no job experience. The role of a security administrator is not an entry-level position, so experience in the cybersecurity industry is a non-negotiable requirement. There is truly no consensus out there as to how much experience and this is supported by a wide range of surveyed job descriptions. However, if you consider the time it takes to obtain some of the leading certifications for the industry, a safe number to consider would be five years. This amount of work experience should give you enough time to develop a strong understanding of firewall technologies, experience across a variety of network platforms, network protocols, a broad range of operating systems, and intrusion detection/prevention just to name a few of the hard skills you need to have under your belt. Below we list out some of the most common certifications that prepare you for this role and give you a definite advantage over those applying for the same position if they do not have them.
Lastly, before we move on to the employment outlook section, you cannot overlook the soft skills you need to develop. Many of the roles and responsibilities outlined in the career-defining section, had aspects of them that require you to be an effective and clear communicator. This career involves teaching and training both in writing and face-to-face instruction. Often, these soft skills are the ones that equip you to be in this leadership role. Just as in any highly technical field, having a healthy balance between technical know-how and the ability to communicate that knowledge is a valuable asset.
Projected job growth in this career ranges from a low of seven percent up to as high as twelve percent, as reported by the Bureau of Labor Statistics (BLS). The reason for the range is this career does not match exactly with a BLS category. The role of a security administrator falls somewhere between the BLS listings for Computer and Information Systems Managers and Network and Computer Systems Administrators. Regardless of which end of the range you use to make your decision, the take-home message is a projection of strong job growth for this career. Local businesses, entire industries, and even nation states are rapidly increasing their dependency on the cyberworld through more cloud computing, electronic filing systems, and electronic financial transactions.
The average of all the median wage numbers that we collected put our salary projections at around $110,000. The BLS average was much lower and came in at $84,500 with the top 10% earning more than $127,610.00. Salary.com, glassdoor.com, payscale.com are three more sources we used to come up with our average projected pay for this career. Given this role, as described above, is not an entry-level position and thus creates more barriers to entry, both the projected job growth and earning potential for this career are robust.