What Does a Security Administrator Do?
What is a Security Administrator?
A Security Administrator is basically the point man/woman for cyber security systems. Although job descriptions vary widely, you will often be in charge of installing, administering and troubleshooting your organization’s security solutions. Plus, since it’s an entry-level position, it’s often the first career step for AS or BS graduates.
Responsibilities will depend on the size and scope of your job. The role of a Security Administrator in an international company is going to be very different from a 10-person operation. If you’re part of a small organization, you may find yourself taking on many of the same proactive security tasks as a Security Specialist or Security Analyst. If you’re in a big corporation, you may be using your technical skills to handle day-to-day tasks like monitoring, configuration, and assessments. Once you’ve got some experience under your belt, you can start exploring intermediate-level options.
Security Administrator Job Responsibilities
On any given day, you could be asked to:
- Defend systems against unauthorized access, modification and/or destruction
- Perform vulnerability and networking scanning assessments
- Monitor network traffic for unusual activity
- Configure and support security tools such as firewalls, anti-virus software, patch management systems, etc.
- Implement network security policies, application security, access control and corporate data safeguards
- Analyze and establish security requirements for your networks
- Train fellow employees in security awareness and procedures
- Develop and update business continuity and disaster recovery protocols
- Conduct security audits and make policy recommendations
- Provide technical security advice
Security Administrators typically report to a Security Manager.
Security Administrator Careers
Security Administrator Career Paths
Security Administrators often work their way up the ladder towards mid-level positions of responsibility, including:
From there, you can aim for leadership positions such as:
The role of “Security Administrator” encompasses job titles such as:
- Systems Security Administrator
- Network Security Administrator
- IT Security Administrator
Unsurprisingly, Network Security Administrators are primarily concerned with the security of a company’s networks.
Security Administrator Salaries
According to Payscale, the median salary for a Security Administrator is $65,048 per year (2019 figures). Overall, you can expect to take home a total pay of $42,852 – $97,609. This includes your base annual salary, bonuses, profit sharing, tips, commissions, overtime pay and other forms of cash earnings, as applicable.
Security Administrator Job Requirements
To get a sense of the field, start with current security administrator job postings. For example, we’ve seen one hospital in a small city that was happy to consider AS graduates with solid technical skills. But a well-known security firm in New York City was expecting administrator candidates to have a technical BS, 2 years of experience, and Microsoft certification. Look around—there’s a job out there for almost everyone.
The other thing you’ll want to consider is your long-term career goals. Most security folks progress out of this job within 1-3 years, so it pays to think ahead. Does the company/organization you’re interested in have a large security team? Does it offer continuing education & training opportunities to junior-level infosec employees? Can it help subsidize your professional certification costs? Can you work on security projects in multiple departments? Are there opportunities for you to lead a team? This is all going to help when you’re ready to move on.
Some employers will be happy to accept an associate’s degree and/or a lot of work experience; others will firmly require a bachelor’s degree in Computer Science, Cyber Security or a related field.
Don’t have a technical degree? Put your efforts into gaining work experience, training and certifications. If you have a bachelor’s in another field, you may also wish to assess whether a master’s degree with a concentration in IT security is worth the investment.
This will largely depend on the size of the company and your responsibility level. We’ve seen requirements range from 1-10 years of experience.
Bone up on security fundamentals. Employers are frequently looking for skills such as:
- Knowledge of common L4-L7 protocols such as SSL, HTTP, DNS, SMTP and IPSec
- Strong understanding of firewall technologies
- Packet Shaper, Load Balancer and Proxy Server knowledge
- Intermediate to expert IDS/IPS knowledge
But this is just the start. You’ll also need a deep understanding of:
- TCP/IP, computer networking, routing and switching
- Network protocols and packet analysis tools
- Windows, UNIX and Linux operating systems
- Firewall and intrusion detection/prevention protocols
As always, check with your professors, colleagues and employers to see what hard skills are “must haves.”
Work on honing soft skills such as teaching, writing and communication. Part of your job will involve drafting security policies and training less technically-savvy colleagues in security procedures. Clearer explanations = less pain and frustration.
Certifications for Security Administrators
Security certifications look good on résumés (especially Security+), but they’re not always necessary for entry-level positions – check the job requirements. In addition, some of these certifications (e.g. CISSP) require a number of years of experience:
- Security+: CompTIA’s popular base-level security certification
- CCNA: Cisco Certified Network Associate – Routing and Switching
- ECSA: EC-Council Certified Security Analyst
- CISSP: Certified Information Systems Security Professional
- CISM: Certified Information Security Manager