What Does a Security Administrator Do?
The Short Version
A Security Administrator is basically the point man/woman for cyber security systems.
Although job descriptions vary widely, you will likely be responsible for installing, administering and troubleshooting your organization’s security solutions.
Security Administrator Responsibilities
Depending on the scope of your responsibilities, you could be asked to:
- Defend systems against unauthorized access, modification and/or destruction
- Perform vulnerability and networking scanning assessments
- Monitor network traffic for unusual activity
- Configure and support security tools such as firewalls, anti-virus software, patch management systems, etc.
- Implement network security policies, application security, access control and corporate data safeguards
- Analyze and establish security requirements for your networks
- Train fellow employees in security awareness and procedures
- Develop and update business continuity and disaster recovery protocols
- Conduct security audits and make policy recommendations
- Provide technical security advice
If you’re working in a small organization, you may find yourself taking on many of the same proactive security tasks as a Security Specialist or Security Analyst. You will typically report to a Security Manager.
Security Administrator Career Paths
Security Administrators often work their way up the ladder towards mid-level positions of responsibility, including:
From there, you can aim for leadership positions such as:
The role of “Security Administrator” encompasses job titles such as:
- Systems Security Administrator
- Network Security Administrator
- IT Security Administrator
Unsurprisingly, Network Security Administrators are primarily concerned with the security of a company’s networks.
Security Administrator Salaries
According to Payscale, the median salary for a Security Administrator is $61,553 per year (2014 figures). Overall, you can expect to take home a total pay of $39,497 – $91,319. This includes your base annual salary, bonuses, profit sharing, tips, commissions, overtime pay and other forms of cash earnings, as applicable.
Security Administrator Job Requirements
It’s hard to give you a definitive answer since the job of a Security Administrator in a giant corporation is going to be very different from a 10-person operation. Some employers will be happy to accept an associate’s degree and/or a lot of work experience; others will firmly require a bachelor’s degree in Computer Science, Cyber Security or a related field.
Don’t have a technical degree? Put your efforts into gaining work experience, training and certifications. You may also wish to assess whether a master’s degree with a concentration in IT security is worth the investment.
This will largely depend on the size of the company and your responsibility level. We’ve seen requirements range from 1-10 years of experience.
Bone up on security fundamentals. In its survey of administrator job descriptions, IT-Pathways found that employers are looking for technical skills such as:
- Knowledge of common L4-L7 protocols such as SSL, HTTP, DNS, SMTP and IPSec
- Strong understanding of firewall technologies
- Packet Shaper, Load Balancer and Proxy Server knowledge
- Intermediate to expert IDS/IPS knowledge
But this is just the start. You’ll also need a deep understanding of:
- TCP/IP, computer networking, routing and switching
- Network protocols and packet analysis tools
- Windows, UNIX and Linux operating systems
- Firewall and intrusion detection/prevention protocols
As always, check with your professors, colleagues and employers to see what hard skills are a “must have” for the job/field you’re interested in.
Work on honing soft skills such as teaching, writing and communication. Part of your job will involve drafting security policies and training less technically-savvy colleagues in security procedures. Clearer explanations = less pain and frustration.
Certifications for Security Administrators
Security certifications look good on résumés, but they’re not always necessary for entry-level positions – check the job requirements. In addition, some of these certifications (e.g. CISSP) require a number of years of experience:
- Security+: CompTIA’s popular base-level security certification
- CCNA: Cisco Certified Network Associate – Routing and Switching
- ENSA: EC-Council Network Security Administrator
- CISSP: Certified Information Systems Security Professional
- CISM: Certified Information Security Manager