Network Security Administrators are charged with the responsibility of ensuring the security of an organization’s network from threats originating from inside and outside the organization. In addition to writing network security policies, the Security Administrator has to do frequent audits and ensure that the security policies are up-to-date and are being followed. In addition, he or she must take corrective steps where there are breaches.
While a Network Administrator (or system administrator) is employed to oversee and ensure the effective and smooth running of all computer systems, a Network Security Administrator has more refined responsibilities that may include the following:
- Write and implement the policies to govern an organization’s network environment and the systems that are connected to it.
- Add, remove, or update user account information, reset passwords, etc.
- Find security gaps by performing routine audits of hardware and software entities on the network and closing those gaps.
- Apply operating system updates, patches and make configuration changes to tighten security.
- Protect the network from malicious entities such as hackers, viruses and spyware.
- Ensure the security of traffic that passes through the network.
- Ensure that network equipment is physically secure.
- Maintain an inventory of computers, servers, terminals, modems and other access devices that are attached to the Network.
- Manage, assign, and maintain the list of network addresses.
- Upgrade, manage, and maintain VPN concentrators, routers, and other Network equipment.
In large organizations, where there is less constraint on human resources, some of responsibilities of the Network Security Administrator may be shared among several individuals. For example, someone may be specifically assigned to apply security patches and software updates or administrate user account information. Regardless, even in large organizations, a security administrator may be called upon to perform some routine tasks that may not seem to be security related but nonetheless has some bearing on the security of the network or organization’s assets.
However, the lines between a Network Security Administration and other technical roles may not be as well defined in smaller organizations. In small organizations, the Security Administrator may be called upon to perform system administration functions, including doing installations and data backups. In essence the administrator may be the guy you call when something or anything goes wrong.
Training and Qualifications
A good Network Security Administrator must have a good understanding of standards, conventions and new developments in the industry. It also helps if the administrator has a good blend of technical skills, to ensure that he or she can meet the challenges of the job.
Typically a Network Security Administrator will hold at least an undergraduate degree in Information System Management, Computer Science, Computer Engineering or information Technology. However, more specialized training makes for a more competent Security Administrator. Network Security Specialists are expected to possess industry certifications such as: the Global Information Assurance Certification (GIAC), MCSE, Novell CNA, CNE, Cisco CCNA, Sun Certified SCNA, to name a few.
While security administrators are not programmers or system engineers they must have a good grasp of programming and scripting languages as well as a good understanding of generally accepted concepts and conventions. This skill-set will allow them to recognize security gaps as well as advise developers on potential problems area and the measures that can be taken to strengthen security.