Page Content
Job profiles
IT security coordinator
Hours
35-40 per week
Starting salary
£25,000 + per year
WorkDesc
The work
IT security coordinators (also called information security analysts) plan and carry out security measures to protect clients' information and data from unauthorised access, deliberate attack, theft and corruption.
As a security coordinator, you would deal with a range of threats to electronic information, including:
- hacking
- viruses, worms, spyware and Trojans
- denial of service attacks – overloading systems with useless data to bring them to a standstill
- 'phishing' – luring users into leaving confidential details on spoof websites
- 'pharming' – redirecting users to fake websites by hijacking genuine website addresses
- abuse of permissions by authorised system users.
Your work would involve:
- assessing risks to systems, and developing plans to minimise potential threats
- designing new security systems or upgrading existing ones
- testing and evaluating security products
- planning for disaster recovery in the event of security breaches
- testing procedures by simulating breaches (known as penetration testing)
- investigating breaches and carrying out corrective actions
- testing systems for weak points (known as vulnerability scanning)
- making sure procedures meet national and international network security standards
- preparing reports and technical documentation for managers and users.
At senior level, you would also be responsible for supervising and training staff, and working with operations managers to develop the company's overall security strategy.
HoursDesc
Hours
You would normally work 35 to 40 hours a week, although you may be on a call-out rota to deal with problems outside of office hours.
You would be mainly office based, but if you worked for a consultancy or were self-employed, you may have to travel to visit clients.
IncomeDesc
Income
Rates of pay are often negotiable dependant on experience and length of contract.
Salaries can fall anywhere between £25,000 and £60,000 a year.
Figures are intended as a guideline only.
EntryRequirementsDesc
Entry requirements
You can get into IT security by completing qualifications at degree level or higher, or by gaining skills on the job. If you take the university route, you would need to complete a degree or postgraduate award in subjects such as network security, computer science (with security options) or forensic computing. These would allow you to start on a company's graduate training scheme.
Alternatively, you could use your work experience in related IT jobs to move into this career, for example as a systems analyst, database administrator or network engineer. See the related job profiles for more information about these roles.
Employers will usually look for experience as an IT professional, with some responsibility for network security.
Your experience should cover different operating systems like Windows, Unix and Linux, and security technologies and procedures, such as:
- firewalls and anti-virus software
- intrusion detection systems (IDS)
- encryption techniques, such as Public Key Infrastructure (PKI) and Secure Socket Layer (SSL)
- authentication (passwords, digital certificates and, more recently, biometrics)
- penetration testing and vulnerability scanning.
You should also be familiar with common security standards and regulations, including:
- international information security standard BS7799 and its successor – ISO/IEC 27001
- the Data Protection and Freedom of Information Acts
- the IT Infrastructure Library (ITIL) framework, detailing best practice.
For more details about these guidelines, see the British Standards Institute and ITIL websites.
For more details about careers, standards and trends in IT security, see the e-skills UK and British Computer Society (BCS) websites.
TrainingAndDevelopmentDesc
Training and development
In a fast-moving field like IT, it is important that you continue to develop your skills throughout your career. You could do this by taking further training and industry-recognised certifications.
The ISC 2 Systems Security Certified Practitioner (SSCP) / Certified Information Systems Security Professional (CISSP) – requires between one and four years' experience in this field.
Cisco Certified Network Associate Security Certification (CCNA Security) – validates associate level knowledge and skills required to secure Cisco networks. Cisco also offer a series of other security certifications.
Microsoft Certified Systems Engineer (MCSE) / Systems Administrator (MCSA) – both contain security options. It is recommended that you have 12 months' experience of administering and maintaining network security to do the MCSA. You should have 2 years' experience in design and planning security systems for the MCSE.
CompTIA Security+ Certification – you normally need two or more years' experience in IT security to do this. It is often a foundation stage for more advanced certification programmes.
ISACA Certified Information Security Manager (CISM) – requires five years' experience of managing security systems although this may be reduced if you have a university qualification and a certification award.
CESG Listed Adviser Scheme (CLAS) / Infosec Training Paths and Competencies (ITCP) – you may take these awards if you are working as a security consultant for government departments, approved contractors or public sector organisations like the police. They allow you to work with sensitive information.
The National Skills Academy for IT
The National Skills Academy for IT has been created by employers to promote excellence in IT learning and development.
Through the Skills Academy, you can:
- get the best access to high quality IT training and resources
- define and access new training to meet emerging needs
- gain professional recognition and accelerate career progression
The National Skills Academy for IT has over 1,000 online courses, including courses relating to IT security.
You can find further information about professional development options on the e-skills, BCS and Skills Framework for the Information Age (SFIA) websites.
SkillsAndKnowledgeDesc
Skills and knowledge
- an excellent knowledge of IT security systems, tools and procedures
- excellent communication skills
- strong problem solving skills
- good project management skills
- the ability to interpret and evaluate data accurately
- an understanding of confidentiality issues
- a commitment to keep up to date with emerging security threats, technologies and trends
- the ability to work under pressure and to deadlines
- a proactive approach and confidence to take decisions
- a knowledge of information security standards and legislation.
MoreInformationDesc
More information
Skills Framework for the Information Age (SFIA) 
www.sfia.org.uk
e-skills UK
1 Castle Lane
London
SW1E 6DR
0207 963 8920
www.e-skills.com
British Computer Society
Block D
North Star House
North Star Avenue
Swindon
Wiltshire
SN2 1FA
www.bcs.org.uk
National Skills Academy for IT
www.itskillsacademy.ac.uk
OpportunitiesDesc
Opportunities
You can work for public service organisations, local authorities, government departments, financial institutions and software manufacturers. You could also work for specialist IT security consultancies.
Recent surveys of the IT industry suggest that information security is a high priority for IT directors. The expansion of wireless networks (WiFi) and mobile technologies have also led to a corresponding rise in the nature of security threats.
Your promotion options include network management, IT project management and security consultancy. Eventually, you could work for the police, security services and specialist law firms to carry out forensic investigation of computer-based crimes.
You may find the following useful for job vacancies and general reading: (links open in a new window)
Job profiles are based on the latest information supplied to us by industry bodies, such as Sector Skills Councils. Please be aware that with the introduction of the Qualifications and Credit Framework there has been, and will continue to be, changes to vocational qualifications. For more information, please check with industry bodies directly.
We do not accept responsibility for the content of external sites.
LMIData
Related industry information
Industry summary
The IT industry includes people in IT companies, such as those offering IT services, technology‐orientated consulting, technology development, systems analysis, programming, systems testing and technology sales. It also includes IT professionals working in other sectors, such as people whose primary job role is IT orientated, which includes IT departments and IT support staff in companies. The IT industry together with Telecoms is represented by e‐skills UK Sector Skills Council.
A sector trend is the convergence of telecommunications, computing and networking and the move from hardware intensive to software intensive platforms. Embedded voice communications capability is already part of the internet, which also has to manage voice, data and video and location information.
The social, economic and market forces shaping UK IT skills are evolving as technology continues to progress from the back office to the board room. This is changing the market for IT skills, creating demand for both technology‐oriented business people and business‐oriented technologists – and blurring the lines between traditional business and IT disciplines.
Key facts:
- There is a total IT and Telecoms workforce of 1.5 million of which:
- 890,000 people are in IT and Telecoms products and services
- 600,000 IT and Telecoms professionals are working in organisations outside of the IT and Telecoms industries
- There are around 105,000 businesses in the UK offering IT and Telecoms products and services.
- IT‐intensive sectors represent 55% of the UK's total Gross Value Added.
- Less than 1% of those employed in IT and Telecoms occupations are under 18.
- 22% of companies who are trying to recruit IT and Telecoms professionals report difficulties in attracting applicants with the right skills.
- 58% of the workforce has a degree or higher education qualification.
- The IT industry is predicted to grow at a rate of 2.5% per year for the next ten years.
- There are 100,930 IT manufacturing and services establishments in the UK employing 600,000 people.
- The IT workforce accounts for 4% of the UK workforce.
Jobs in the IT industry include: Business analyst; Games developer; CAD/CAM Programmer/Trainer; IT trainer; Service technician; Software engineer/architect; Technology consultant; Web designer; Systems architect; Technical author.
National and regional data
Across the UK, there is an estimated IT and Telecoms workforce of 1.5 million who are predominately located in London and the South East. The IT workforce can be classified in IT manufacturing and IT services. The largest number of companies is located in:
- IT manufacturing
- South East
- London
- East of England
- IT services
- South East
- London
- East of England
Key regional facts:
- 39% of IT and Telecoms professionals are located in London and the South East
- the East of England has the third highest number of IT and Telecoms employees
- Northern Ireland, Wales and the North East combined comprise just 6% of the IT and Telecoms professionals
- 44% of all types of IT and Telecoms companies are located in London and the South East
- the highest median gross weekly earnings for IT and Telecoms staff are in London, the South East and the East of England, which are all above the UK median
[N.B. Data derived from Labour Force Survey (April‐June), 2009.]
Career paths
Further sources
View full Job market information
News
