Advice on How to Break Into Management in InfoSec?

qwerty1980qwerty1980 Registered Users Posts: 3 ■□□□□□□□□□

I have been viewing this excellent forum for years but now decided to post. I have been in IT Security for 10+ years, I have half-dozen of the "common" information security certifications, including the CISM (Security Manager) and PMP (Project Manager), and the rest are technical certifications.

I do have an undergrad degree in IT (from a brick-and-mortar university here in the United States, not an online degree) and doing a part-time MBA program (which will likely take forever actually to complete, one class at a time).

The problem is whenever I interview for management IT Security jobs I am told my skills are "too valuable" for management and they want to me join as an "individual contributor". These are typically well-known and large American companies, and typically offer to pay more than an "individual contributor" but less than a true "manager", so typically offering in the $120,000 - $140,000 range, and in many cases offering to give me the "manager" job title, even though I would have no direct reports.

I am considering getting more technical certifications (like an EnCE), but I am concerned that by getting even more technically certified I am putting myself down a "technical hole" and further away from true management. I feel my people skills are above average, so that's not an issue.

I would like to ask you folks what recommendations you have on how to break into real management within IT Security and grow my career.


Sign In or Register to comment.