Security Director: A Day in the Life

by

Updated February 3, 2023

A day in the life of a security director is full of activities and duties aimed at keeping an organization's information, employees, and facilities safe.

CyberDegrees.org is an advertising-supported site. Featured or trusted partner programs and all school search, finder, or match results are for schools that compensate us. This compensation does not influence our school rankings, resource guides, or other editorially-independent information published on this site.

Are you ready to discover your college program?

Credit: Dragos Condrea / iStock / Getty Images Plus

Security directors oversee the safety and integrity of institutional information and operations. As individuals who safeguard information, security directors must have comprehensive knowledge of cybersecurity principles, practices, and policies.

These professionals, who may also have the title of information security director, cybersecurity director, or safety and security director in some organizations, develop and deploy strategies for enhanced security technologies.

A day in the life of a security director includes creating and protecting a safe, stable work environment. Security directors train technical personnel, manage security programs, and report on security issues.

This guide covers the day-to-day activities of a security director. Explore information on security director responsibilities, workplaces, and collaborators.

What Is a Security Director?

Security directors keep businesses and organizations safe. They supervise safety and security policies and standards by protecting information and people. Their efforts cover aspects of physical safety, cybersecurity, facility management, and legal matters.

Security directors handle small and large tasks. They know how to use security technologies, handle security issues, and report on overall security processes and procedures. These directors educate and oversee security specialists, managers, and other employees.

Experience and education are required to become a security director. By working in different security-related roles, aspiring security directors gain essential knowledge and skills to manage others.

What a Security Director Does

Whether overseeing cybersecurity, facility safety, or the physical safety of people and property — or perhaps all of those — security directors wear many hats. They develop and implement security practices, prepare budgets and monitor expenses, and train and supervise fellow security workers.

Security directors use various tools and technologies for information technology and cybersecurity management efforts. They monitor operations and infrastructure while looking for ways to optimize security practices.

Because security directors often report to chief information security officers or other executives, they prepare written reports and give verbal presentations about security matters. Training new hires also requires written and verbal skills.

Main Duties of Security Directors

  • Develop And Implement Security Strategies: Security directors oversee organization-wide compliance with cybersecurity standards and regulations. This consideration influences short-term and long-term strategies created by security directors to maintain overall safety and security.
  • Monitor Daily Operations: Security directors' daily tasks include examining how organizational personnel and infrastructure function. They receive reports and updates from managers and other security professionals, troubleshoot problems, and keep track of people and information across organizations.
  • Implement Software Dates And Hardware Maintenance: Security directors work with information technology managers and cybersecurity workers to implement software updates. They also oversee upgrades and new software usage as the needs of an organization change and grow. Hardware maintenance through repairs and introducing new technologies also fall under the scope of a security director's duties.
  • Conduct Risk Management Audits: To determine potential vulnerabilities within an organization, security directors carry out risk management audits. These professionals map out standards, identify objectives, prioritize controls, and test controls.
  • Recommend Changes To Policies And Procedures: Often influenced by risk assessment audits or changes to organizational safety, security directors research and recommend changes to policies and procedures. They may present their recommendations in written reports or verbal presentations to executives, colleagues, or other decision-makers.

Nonstandard Duties for Security Directors

    Security directors who work in niche organizations or oversee security at unique locations may take on additional responsibilities. Though security directors' daily tasks may not include those in the following list, they may still occasionally handle these duties.

  • Cryptography: Security directors who work directly with sensitive data may need to write ciphers to keep information safe. Cryptography requires knowledge of mathematical concepts and encryption techniques to secure data.
  • Visitor Safety: Many security directors work in public settings where people come and go regularly. To carry out security measures, security directors rely on video feeds and monitors, alarms, and updates from colleagues. This responsibility may apply to security directors at hotels, museums, or stadiums.
  • Work with Ethical Hackers: Some companies employ ethical hackers to identify security vulnerabilities. Security directors may have employees who test organizational cybersecurity, but hiring hackers specifically for the task may be necessary.

A Day in the Life of a Security Director

A day in the life of a security director typically begins with receiving updates and reports on security issues. They may handle the matters personally or delegate them to appropriate security specialists, analysts, or managers.

From there, a security director will check in on daily operations and any ongoing projects, including risk assessment audits, software upgrades, and hardware maintenance. Security directors document their findings to influence budget preparations, strategic goals, and potential areas for improvement.

Security directors attend meetings with fellow security workers and managers. They communicate with other departments, like human resources, to discuss recruiting, hiring, and training new employees.

The scope of a security director's work varies based on organization size. In smaller companies and businesses, security directors may need to handle some of the hands-on duties otherwise covered by security specialists, analysts, and managers in larger corporations.

Where Security Directors Work

Security directors work in many professional sectors. Their duties vary significantly depending on the industry and setting. For example, security directors in hotels split their time between physical, facility, and technical security. When working for a company that specializes in information technology, manufacturing, or finance, this will vary significantly.

While the Bureau of Labor Statistics (BLS) does not track data specifically for security directors, the agency's reporting on computer and information technology managers and facilities managers can offer some insight.

The BLS reports the highest employment levels for computer and information technology managers working in the computer systems design, company and enterprise management, software publishing, and scientific and technical consulting industries. Texas, California, and New York employed the most security directors as of May 2021.

Facilities managers, according to the BLS, also find the highest levels of employment in California, Texas, and New York. The top industries for facilities managers are local government, education, and company and enterprise management. BLS reporting also indicates that computer and information technology managers and facility managers find more job opportunities in metropolitan areas.

How to Prepare for a Career as a Security Director

To become a security director, individuals need at least a bachelor's degree in criminal justice and law enforcement, facility management, business, or information technology. Working as a cybersecurity director requires a bachelor's degree in cybersecurity or a related field.

Master's degrees offer the ideal level of education for aspiring security directors. A degree in management supplemented by a professional certification in cybersecurity provides one path to a career as a security director.

Some computer science, information technology, or cybersecurity master's degrees may also feature management concentrations. Additional options include enrolling in a cybersecurity bootcamp to enhance the knowledge and skills needed to become a security director.

Security directors usually start by working in entry-level security roles like security specialist or security analyst. Advancing to a position like security administrator, information technology manager, or security manager can help prospective security directors gain the managerial and technical skills for the role.

Professional Spotlight: Courtney Totten


What's a typical day like for you?

There really isn't a typical day, which makes this industry so exciting. A typical day could span many areas in cybersecurity. It may be dealing with vulnerabilities and prioritizing remediation activities to address those vulnerabilities. Sometimes, I may be investigating a potentially malicious cyberevent that requires jumping on an incident response call to review and determine the appropriate course of action.

As a managed service provider, we also have several customers, so I may be jumping on a call to review our cybersecurity offerings or answer their questions. I also manage the operational activities for my team, such as the financial budget, our people, and organizational goals, which are critical areas that take time each day to manage appropriately.

Everybody in the cybersecurity industry, regardless of their role, has a duty to invest their time and bring more people into the industry to secure our companies, government agencies, and customers.

What other teams do you work with on a regular basis?

As a cyberleader, I partner with my technical counterparts to make sure that technical leaders understand what needs to be done to minimize cybersecurity threats and risks to our organization.

I work with my governance, risk, and compliance (GRC) team, as well as our engineering teams, to assess security posture and mitigate potential security risks. When developing our team's roadmap, I partner with business leaders and customers to align strategies and prioritize activities.

In addition, I am always collaborating with cross-functional teams such as legal and human resources to make sure we are meeting regulatory and contractual requirements.

Is there a lot of collaboration in your role as a security director? Or is it mostly independent work?

Yes, there is a lot of collaboration. I rarely do anything on my own. Part of my role is making sure that people are aware of cybersecurity threats and respond appropriately. Partnering with technical peers, business leaders, and cross-functional teams in other departments is a critical aspect of my job.

Do you work in an office or from home (or a hybrid)?

I currently work remotely from home and travel as needed to our corporate office in Falls Church, Virginia, or to Bossier City, Louisiana, where a majority of my team is located. Most of our workforce is hybrid, with a few working remotely due to the recent pandemic.

What's your favorite part of being a security director? The most challenging part?

Cybersecurity cuts across several business disciplines, and my job is to monitor and protect systems for many federal, state, and local government agency customers. Our threat adversaries keep changing their tactics, and I am constantly thinking about how to stay one step ahead of them to be proactive and protect our customers' data. To me, that's the most exciting part.

The most challenging part is prioritization. There are many cyberrisks, and you must prioritize the most impactful risks to the company or customers and guide leadership to invest in those areas. This requires the ability to explain these complex cyberrisks in terms that leadership can understand and share the value-add from making the investments.

Any other insights about your day to day as a security director that may help people considering this career path?

Just 15-20 years ago, cybersecurity degrees weren't offered, and now we are seeing colleges invest in curriculums and degrees. As someone who has been in the industry for a long time and mentored people in college and post-graduate programs, I would encourage those who are building and expanding their careers in cybersecurity to take time to grow the pipeline behind them.

Everybody in the cybersecurity industry, regardless of their role, has a duty to invest their time and bring more people into the industry to secure our companies, government agencies, and customers.

For whom do you think this career is a good fit? Why?

Anyone who has an interest in cybersecurity should get involved. There are always opportunities for hands-on technical people, but there are different types of skill sets needed within cyber. It can be a project manager to run cyber-related projects; a lawyer to assist with regulatory understanding and regulatory or customer incident notifications; or someone in human resources to assist with insider threats.

Some of the best cybersecurity people I have hired were not super hands-on technical individuals. If you are the investigative type and you are curious about what our threat adversaries are doing, it might be a good fit for you. Cybersecurity is a great career to pursue as these roles offer competitive pay, growth opportunities, and the chance to make a difference.

Courtney Totten is the General Dynamics Information Technology Technology (GDIT) Shared Services CISO and senior director of cloud, infrastructure, and cybersolutions for federal, state, and local government agencies. Totten is a seasoned information technology and cybersecurity leader with 15+ years of experience in various roles across cloud, infrastructure, and cybersecurity.

She has supported the commercial industry at General Electric and Thomson Reuters, as well as the government with GDIT and Booz Allen Hamilton. Totten has a bachelor's degree in business management from Virginia Tech and resides in Richmond, Virginia, with her husband and two children.

Learn More About Security Directors

What Is a Security Director?

What Is a Security Director?

How to Become a Security Director

How to Become a Security Director

Salary and Career Outlook for Security Directors

Salary and Career Outlook for Security Directors

Certifications for Security Directors

Certifications for Security Directors

FAQ About the Day to Day of Security Directors


  • What does a security director do on a daily basis?

    The day to day of a security director includes overseeing the safety and security of people, facilities, and information within organizations.

  • Are the daily tasks of a cybersecurity director stressful?

    Generally, the daily tasks of a cybersecurity director are not stressful. When an issue arises, however, a cybersecurity director's day may create high-pressure scenarios. In the event of a security breach, the cybersecurity director is in charge of troubleshooting and resolving the problem.

  • What are the main skills required for security directors?

    Security directors must have technical skills and managerial abilities. Knowledge of cybersecurity fundamentals like risk assessment, compliance, network and security architectures, and threat modeling is required. Professionals with collaboration, communication, project management, and planning skills can thrive in this role.

  • Does a cybersecurity director work overtime?

    A cybersecurity director may work overtime, but it depends on the position, industry, and size of a company. When a cybersecurity issue arises or there is a need for the cybersecurity director to problem-solve, they may need to work overtime.

Recommended Reading

Take the next step toward your future.

Discover programs you’re interested in and take charge of your education.