The constantly changing cybercrime landscape paired with the speed of new technologies can make it difficult to know which skills a security administrator should focus on. However, a look at recent job postings may shed some light on the fundamental skills that make an effective admin. Here are several of the common themes within today’s security job market:
1. Leadership and Communication Skills
A security administrator needs to have experience working with the physical security layer, as well as understand how to develop a security plan, coordinate with appropriate personnel, implement security measures, and monitor the IT environment for potential threats.
While it is extremely important to be able to run an effective IT staff, there will be other communication aspects involved. For example, the security administrator will often need to work with other corporate departments, most commonly with application development and business departments that rely on IT teams to facilitate success and growth. As a result, effective communication and the ability to translate technical concepts into ideas that business units can understand are crucial capabilities.
2. Technical Expertise
It is also essential that a security administrator have a strong knowledge of security aspects related to networking and use of the Internet. This includes aspects such as authentication, access control, firewalls, disaster prevention and recovery, intrusion detection, encryption, and data integrity. Other technical tasks include components like managing incident response and virus protection.
3. Regulatory Role
A final area of expertise should be in areas related to compliance, meaning the security administrator needs to be able to implement the correct measures to satisfy audits and support related initiatives.
To ensure that a business is able to achieve compliance, administrators need to stay on top of evolving standards so that data security plans can be adjusted accordingly. For example, the security administrator should be familiar with the latest requirements of the Payment Card Industry Data Security Standard (PCI DSS) and prepare to implement proper measures to avoid the risk of non-compliance.