Guide to Careers in System Security Administration and Management
Computer and network system administrators are generally responsible for maintaining the daily operations of many of the vital components of information technology (IT) infrastructures, while ensuring that these systems are functioning properly and securely. This typically involves installing, configuring, and updating computer hardware and software systems, adding and removing user accounts, and working to ensure the integrity and security of enterprise systems based on technical guidelines, industry standards, and organizational policies. Indeed, working in the field of systems administration and management has an inherent cybersecurity function, as security concerns are integral to the proper maintenance and oversight of IT infrastructures.
The close ties between system administration and system security are reflected in the fact that many jobs in this field fall under the general heading of system security administration and management. Indeed, as systems management inherently requires oversight of system security, professionals who wish to work in IT systems management more broadly will typically benefit from dedicated training in cybersecurity practices and policies at the systems level.
Employment Opportunities in System Security Administration and Management
As with other vital infrastructures, the computers, IT systems, and digital communication networks that comprise cyber infrastructures require regular maintenance by trained and knowledgeable professionals. Administering and managing computer systems and ensuring that these systems are updated, accessible to users, operating optimally, and secured against unauthorized intrusions and outright attack is a necessary function for any enterprise that relies on modern IT technologies.
This is especially true for large organizations that have significant computing and data systems, including government agencies, research universities, businesses, and organizations and companies in areas like banking, finance, healthcare, manufacturing, technology, and service industries. However, many smaller and mid-size enterprises also have pressing IT management and data security needs, which means there are opportunities for system security administration and management professionals throughout the economy.
Many larger enterprises have dedicated IT administration and management departments that employ teams of professionals with a range of complementary skills, including skills in the area of cybersecurity. In addition, there are companies and consultancies that provide IT system security administration and management services to enterprises and individuals on a contract basis and thus employ professionals who are trained in this field.
Among the job titles for these professionals are the following:
- Cyber Systems Administrator
- IT Security Manager
- System Administrator
- Systems Security Analyst
Knowledge, Skills, and Abilities (KSAs) for System Security Administrators and Managers
In-depth knowledge of computer science, the components of IT systems, and enterprise operating systems, software suites, and applications is foundational to the work of computer system administration and management, as are the principles, practices, policies, and tools associated with effective information and system security. System security administrators must have the technical knowhow to conduct routine hardware maintenance and software installs, monitor system performance, diagnose and address system anomalies and failures, and manage operating systems and directory services.
In addition, system administrators are tasked with ensuring data recovery procedures are in place, and that firewalls, antivirus software, and other systems security solutions are configured, up-to-date, and functioning properly. Proficiency with a broad range of proactive cyber defense measures, such as penetration testing and vulnerability scanning protocols and cryptographic key management, can also be helpful in the field of system security administration and management.
In addition to technical knowledge, system security administration and management requires interpersonal communication skills and the ability to work with other IT professionals and with non-technical staff. System security administrators, managers, analysts, and consultants commonly work in tandem with engineers, information security officers, and other cybersecurity specialists to deliver system performance and security reports and recommendations to executives and other stakeholders, and they provide guidance and support to those who rely on enterprise IT systems to perform various functions.
The National Initiative for Cybersecurity Education (NICE), which operates under the auspices of the National Institute of Standards and Technology (NIST), maintains a Cybersecurity Workforce Framework that delineates specialty areas in the field of cybersecurity and details dozens of Knowledge, Skills, and Abilities (KSAs) for 52 distinct cybersecurity work roles, including System Administrator and System Security Analyst. The sections below draw on the NICE Cybersecurity Workforce Framework and on actual job listings for work in the field of system security administration and management in order to provide an overview of the field’s key KSAs.
General Technical Knowledge
- Common server and client operating systems
- Computer network security concepts and protocols
- Cryptographic key management and encryption concepts
- Operating system command-line tools
- Operating system and network hardening techniques
- Security system access controls
- Software-based computer protection tools, such as software firewalls, antivirus software, and anti-spyware
- System and server backup and recovery tools and methods
- Systems performance and security testing and evaluation methods
- Virtual Private Networks (VPNs)
- Vulnerability scanning tools and techniques
System Security Administration and Management Knowledge and Skills
- Coding in a currently supported programming language, such as Java or C++
- Common cyber threats and vulnerabilities, including malware, viruses, and distributed denial of service (DDoS) attacks
- Common server, appliance, and network device maintenance procedures
- Computer network diagnostic utilities and command-line tools, such as traceroute/TRACERT, ping, and nslookup
- Cloud and virtual machine technologies, such as Microsoft Hyper-V/ Viridian, VMWare’s vSphere, Citrix Workspace, and Amazon Elastic Compute Cloud
- Database systems
- Directory service tools, such as Microsoft Active Directory and Lightweight Directory Access Protocol (LDAP)
- Distributed and parallel computing concepts
- Internet and digital communication system protocols, such as Transmission Control Protocol (TCP/IP) and the Open System Interconnection (OSI) model
- Local area networking (LAN) and wide area networking (WAN) bandwidth management protocols
- Network protocols such as TCP/IP, Dynamic Host Configuration, and Domain Name System (DNS)
- User credential management software
- Transmission Control Protocol (TCP) and Internet Protocol (IP), Open System Interconnection Model (OSI), Information Technology Infrastructure Library, current version (ITIL)
- Ability to communicate in technical and non-technical language
- Familiarity with cybersecurity and privacy laws, regulations, policies, and ethics
- Interpersonal communication skills
Training and Credentials in System Security Administration and Management
Computer system administrators and managers typically study computer science, learn about IT system components, and receive training in computer programming, an educational process that can begin in high school and typically continues into college and beyond. In addition to this potential pathway, which may include an undergraduate degree in computer science or a related field and on-the-job training in an IT department, individuals interested in system administration KSAs can cultivate cybersecurity proficiencies through master’s programs, graduate certificate programs, and bootcamps and professional certification training programs.
Bachelor’s, Master’s, and Graduate Certificate Programs in System Security Administration and Management
There are bachelor’s programs that offer a major in cybersecurity, and there are bachelor’s programs in computer science and related fields with specializations in cybersecurity. Students in these programs take courses in computer science, IT systems, and coding, as well as courses that cover topics in cybersecurity. As a result, bachelor’s in cybersecurity programs have become a common means for students who are interested in system security administration and management to prepare for careers in the field.
Formal academic training in cybersecurity is also available at the graduate level. There are master’s in cybersecurity programs that offer advanced coursework in system security administration, information security governance, computer programming, cryptography, and other topics integral to the practice of cybersecurity and system security management. Students in these programs learn about malware and other modes of cyber incursion, firewalls, penetration testing, and data privacy and security protocols. There are also master’s in information systems and IT management programs that provide training in many of the KSAs required for work in systems security administration and adjacent fields, some of which allow students to take elective courses in cybersecurity topics.
For students who hold a bachelor’s degree but do not want to enroll in a full master’s program, there are graduate certificate programs in cybersecurity, information security, and cybersecurity management that provide career-oriented training in specific cybersecurity KSAs and that can typically be completed in less time than it takes to earn a master’s degree.
Professional Credentials and Certifications in System Security Administration and Management
Another option available to those interested in pursuing a career in system security administration and management consists of the numerous programs, courses, and intensive bootcamps offered by non-academic vendors, professional organizations, and private for-profit and non-profit companies that specialize in IT and cybersecurity training and certification. Microsoft’s Certified Solutions Expert (MCSE), Oracle’s Linux Foundation Certified System Administrator (LFCS), and Red Hat’s Certified Engineer (RHCE) credentials are examples of IT system administration certification programs.
The System Security Certified Practitioner (SSCP) offered by the International Information System Security Certification Consortium (ISC²) is one example of a certification program that focuses on cybersecurity aspects of system administration. Another example of this type of certification is the GIAC Certified Windows Security Administrator (GCWN) program administered by the SANS Institute’s Global Information Assurance Certification (GIAC) program. These credentials and several others that can be useful in the field of system security administration and management are listed below:
- Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), and Certified Information Security Manager (CISM), offered by ISACA (formerly the Information Systems Audit and Control Association)
- CompTIA Security+, offered by CompTIA
- GIAC Certified Windows Security Administrator (GCWN), and GIAC Certified Web Application Defender (GWEB), offered by the SANS Institute
- System Security Certified Practitioner (SSCP), offered by International Information System Security Certification Consortium (ISC²)
Examples of Jobs in System Security Administration and Management
The examples in the section below represent composites of actual job listings for professionals in the field of system security administration and management. They are meant to provide a representative overview of the types of jobs that are available in this field and some of the requirements and attributes that employers commonly seek in the hiring process.
Cyber System Administrator
- Primary Responsibilities: Interface regularly with senior information system security managers, engineers, and IT staff; review and analyze of Department of Defense (DoD) Assured Compliance Assessment Solution (ACAS) scans; perform network/system security scans; install vulnerability patches; update software/firmware on servers and workstations; and collaborate with developers and/or vendors in server and workstation performance and security issues.
- Education: Bachelor’s degree required.
- Experience: Five or more years in system security administration.
- Credentials: None specified.
- Technical Proficiencies: Experience with common cyber management tools, including ArcSight and Splunk; knowledge of multifactor authentication (MFA) for systems and applications; experience with automation using Microsoft’s PowerShell and Red Hat’s Ansible; and in-depth knowledge of Linux and Windows system administration, server setup, and maintenance.
- Other Attributes: Eligibility for DoD security clearance; and familiarity with information assurance/risk management frameworks.
Cyber Systems Analyst
- Primary Responsibilities: Log collection, event identification, cyber defense tool maintenance, and deployment of cyber defense tools to include performing vulnerability scans using Nessus and security monitoring using Splunk.
- Education: Bachelor’s degree preferred but not required.
- Experience: Up to four years in IT security preferred but only required for candidates without a bachelor’s degree.
- Credentials: Information security/cybersecurity industry certification preferred for candidates without a bachelor’s degree.
- Technical Proficiencies: Knowledge of computer coding and software design; ability to analyze business and engineering data, solve data processing problems, and improve data processing capabilities of computer systems; and familiarity with the foundational principles of information assurance, best practices in information security, and cybersecurity protocols.
- Other Attributes: Interpersonal communication skills; research skills; and willingness to work as part of a team.
Junior Cyber Systems Administrator
- Primary Responsibilities: Conduct cybersecurity research as directed; perform security checks for on-site computer hardware and software systems; and analyze security scan data.
- Education: Bachelor’s degree in computer science preferred.
- Experience: None required for candidates who hold a Bachelor of Science (BS) in Computer Science, Computer Engineering, or a related technical field.
- Credentials: CompTIA Security+ preferred.
- Technical Proficiencies: Knowledge of cyber operational awareness, security frameworks, and computer network defense practices; experience with enterprise data science analytics, data mining, database systems; ability to perform analytics functions using Python; and in-depth knowledge of cyber systems, including network components and associated technologies.
- Other Attributes: Ability to support management of customer needs in an operational environment and balance those needs with software deployments; and verbal and written communication skills with experience giving technical briefings.
System Security Administrator
- Primary Responsibilities: Administer the security of systems and applications with a focus on maintaining stability and ensuring operational readiness; proactively pursue threat and vulnerability detection; manage and improve system security, including cloud system security; scan, analyze, and address system vulnerabilities; document system security vulnerability and remediation efforts; harden operating systems, web servers, and database servers; manage third party access to cloud systems; and upgrade, manage, and maintain datacenter equipment.
- Education: Bachelor of Science (BS) or master’s degree in Information Technology (IT) or related field preferred.
- Experience: Ten or more years in system administration and cyber security preferred.
- Credentials: Certified Information Systems Security Professional (CISSP) preferred.
- Technical Proficiencies: Knowledge of security systems, including web-filtering, workstation/server antivirus software, encryption protocols, and end-point protection technologies; knowledge of cyber threats and vulnerabilities to systems, applications, and the network environment; experience with patching and securing Windows environments; knowledge of server operating systems; and the ability to use structured query language (SQL) and PowerShell.
- Other Attributes: Strong interpersonal and written communication skills; the ability to coordinate with other cybersecurity professionals as well as non-technical staff; and strong team leadership skills.