Education
Fact-checked

At WiseGEEK, we're committed to delivering accurate, trustworthy information. Our expert-authored content is rigorously fact-checked and sourced from credible authorities. Discover how we uphold the highest standards in providing you with reliable knowledge.

Learn more...

What Does an IT Security Specialist Do?

Gabriele Sturmer
Gabriele Sturmer

An information technology (IT) security specialist is responsible for the security of an organization's entire computer system and network and creates, implements and manages a thorough security plan. He or she performs various tests to locate vulnerabilities and threats that exist in the company's physical security, workstations and network devices and secures each threat using the appropriate tools. The specialist also is responsible for the company's disaster recovery plan and determines the best methods for backing up both physical and digital data. He or she also must educate users on important security processes.

Developing a security plan is an important aspect of an IT security specialist's job and involves reviewing industry security standards and applying them to the company's individual networking and computer systems. The process involves finding vulnerabilities through the use of penetration testing and vulnerability scanning and determining the impact each security breach could have on the company's infrastructure. After analyzing each risk, the IT security specialist can take action and fix any potential security breaches. He or she will then conduct regular audits and document findings to continuously improve the company's security.

An IT security specialist monitors networks and fixes vulnerabilities.
An IT security specialist monitors networks and fixes vulnerabilities.

IT security specialists use the security plan to improve network security, physical security, workstation security and server security. The process for securing networks may consist of implementing firewalls, manipulating existing firewall access rules, hardening the settings on network hardware devices, implementing Internet filters and installing devices that detect network intrusions. To improve physical security, the IT security specialist may implement surveillance cameras, alarms, door locks and guards to secure the building and physical hardware. Securing workstations and servers involves using encryption for storage devices; installing and managing virus protection, spam protection and spyware protection applications; installing updates and patches to operating systems and programs; and having a strong password policy.

An information technology (IT) security specialist is often responsible for ensuring that employees manage their passwords properly.
An information technology (IT) security specialist is often responsible for ensuring that employees manage their passwords properly.

Another important task of an IT security specialist is implementing a disaster prevention and recovery plan. The specialist's goal for disaster recovery is to be able to successfully restore data or complete systems in the least amount of time possible. Maintaining regular backups of individual systems to a central server, having a backup operational site and creating ghost copies of hard drives are three ways IT security specialists can help prepare for disasters. The specialist must test the backups and update them as needed, and backups may be stored offsite in case of a fire or flood. He or she also may write down system and networking settings or make copies of important paper documents to keep in an offsite location.

Discuss this Article

Post your comments
Login:
Forgot password?
Register:
    • An IT security specialist monitors networks and fixes vulnerabilities.
      By: Eimantas Buzas
      An IT security specialist monitors networks and fixes vulnerabilities.
    • An information technology (IT) security specialist is often responsible for ensuring that employees manage their passwords properly.
      By: diego cervo
      An information technology (IT) security specialist is often responsible for ensuring that employees manage their passwords properly.