The information security manager must be able to work independently without direct supervision or encouragement. In many cases, top management will not know exactly what he or she is doing. At the same time the manager must be accountable to top management and the Audit Committee on the Board of Directors.
The manager must be able to stay focused and get things done, even though the resources at his or her disposal are quite limited. The manager must also be accustomed to taking the lead and not waiting for users or other groups to tell him or her what to do.
From the editors
Learn more about how coworking facilitates working independently in IT, and watch this video case study about how the HoneyBaked Ham company fostered successful business collaboration between two independent business groups.
A deep and abiding commitment to improve the information security status of the organization must carry the information security manager through the inevitable contentious and difficult situations that he or she will encounter. To work independently, the manager must be creative, proactive and inspired by a vision of how things could be.
INFORMATION SECURITY MANAGER QUALIFICATIONS
Excellent communication skills
Good relationship management skills
Ability to manage many important projects simultaneously
Ability to resolve conflicts between security and business objectives
Ability to see the big picture
Basic familiarity with information security technology
Real world hands-on experience
Commitment to staying on top of the technology
Honesty and high-integrity character
Familiarity with information security management
Tolerance for ambiguity and uncertainty
Demonstrated good judgement
Ability to work independently
A certain amount of polish
| Information Security Roles and Responsibilities Made Easy, Version 2
By Charles Cresson Wood
278 pages; $495
Published by Information Shield
Download Appendix B, Personal Qualifications