The ideal job is the job one likes above all. However, often the choice of a job depends on other factors but personal preferences, such as the expected income level, availability of the job in the labor market, and other factors. Nevertheless, there is a job which I consider ideal and which, in my opinion, is prospective and this is the job of the information systems security manager. The job of the information systems security manager is very responsible but I am ready to take the responsibility and to perform this job well because I do like this job and, more important, I consider this job prospective and essential, especially due to the fast development of information technologies and the growing number of threats information systems are exposed to. In this regard the CIS 2010 is very important in terms of the development of my professional career as the information systems security manager because key concepts I have learned from CIS 2010 are relevant to the job and professional duties of the information systems security manager.
In fact, the responsibilities of the information systems security manager are diverse. For instance, the responsibilities of information systems security manager are to manage the implementation and development of an organization’s IT security. In fact, the management and maintenance of IT security is one of the primary concerns of any information systems security manager because the manager has to provide the organization with well-functioning and stable information system and information technologies which perform their functions properly and prevent such threats as information breaches or identity theft, for instance. Today, information systems of organizations are vulnerable to numerous threats and the information systems security manager should come prepared to confront those threats and to develop and to implement an effective information system that can secure the important information and IT of the organization.
In addition, the information systems security manager has to manage security policies, standards and procedures. In fact, the information systems security manager should develop information security policies and set standards which the organization and its employees have to follow. In such a way, the manager takes the full responsibility for the information security of the organization, while the organization has to fulfill all the procedures defined by the information systems security manager properly to minimize the risk of information breaches and other threats the organization may be exposed to. At the same time, the elaboration of policies, standards and procedures require the in-depth knowledge and professional skills of the information systems security manager.
The information systems security manager is also responsible for the coordination of information security inspections, tests and reviews. Obviously, the information systems security cannot function well, if there is no control over the information systems and employees, who create and maintain the information systems security. In fact, the manager should perform the control function accurately because the control will help the manager to perform his/her job properly. Otherwise, even if the information systems security manager has elaborated perfect policies, standards and procedures, the lack of control may ruin them along with the information systems security of the organization. The lack of control may provoke regular violations of existing information systems security policies, standards and procedures set by the manager. As a result, those policies, standards and procedures become ineffective. Instead, the regular and strict control over information systems security policies, standards and procedures will ensure their proper functioning and increase the information security within the organization.