WHAT DOES AN INFORMATION SECURITY ADMINISTRATOR DO?

Published: Sep 3, 2025 - The Information Security Administrator safeguards data by encrypting transmissions, managing firewalls, regulating access, and updating virus protection systems. This role conducts risk assessments, security evaluations, and business impact analyses to ensure the resilience and integrity of information systems. The administrator also enforces security policies, addresses violations, and develops plans for disaster recovery and business continuity.

A Review of Professional Skills and Functions for Information Security Administrator

1. Global Information Security Administrator Duties

  • Security Monitoring: Monitor and maintain a centralized and distributed security infrastructure, applications, and related configurations to ensure the availability and optimal functionality of all security solutions
  • Standard Development: Develop and implement standard work supporting the Global Information Security Operations
  • Technical Support: Provide technical support and escalation path for resolving issues, working with the Global Information Security Administrators
  • Operational Support: Provide second-level operational support and troubleshooting for all centralized and distributed information security infrastructure and applications
  • Business Partnership: Partner with business units to ensure optimal operations and configuration of centralized and decentralized security solutions and operations
  • Issue Resolution: Work with business units and solution providers to troubleshoot and resolve all issues to closure
  • System Upgrades: Work with solution providers to evaluate, identify, plan, and implement upgrades, patches and feature enhancements
  • Policy Documentation: Develop, maintain and enhance related policies, documentation and procedures
  • Incident Response: Assist in the identification, response, investigation, and remediation of security events and incidents
  • Performance Reporting: Maintain and develop SLAs and monthly operational reporting and metrics on the effectiveness of security tools and processes
  • Security Training: Commitment to security training and earning corresponding certifications
  • Best Practices: Ensure security best practices are identified and integrated into all approaches and methodologies
  • Security Planning: Provide input into the evaluation, planning, configuration, and implementation of both new and existing security initiatives

2. Information Security Administrator Details

  • Profitability Solutions: Drive business profitability in the context of cost management through Information technology solutions
  • Efficiency Improvement: Increase operational efficiency and suggest solutions to enhance cost effectiveness
  • Customer Service: Deliver exceptional service that exceeds customers’ expectations through proactive, innovative and appropriate solutions
  • Stakeholder Consulting: Cultivate and manage objective working relationships with a variety of stakeholders, including end-users, SME’s, project managers and senior staff members by providing expert advice and consulting on all aspects of IT security
  • Risk Awareness: Support IT Security leaders to participate in the FirstRand Bank Information Risk awareness program
  • Staff Education: Ensure that FNB staff are aware of information security risks
  • Performance Standards: Ensure that operating objectives and standards of performance are not only understood but owned by management and employees and ensure that appropriate standards of conduct are established and complied with
  • Governance Compliance: Comply, understand and implement all steps for the IT Information Security Processes and Procedures and meet governance in terms of legislative and audit requirements
  • Policy Definition: Assist in identifying, defining and maintaining the information security policy and baseline standards for FNB
  • Control Implementation: Assist and administer the implementation of control mechanisms, which enable Information Security Services to have a view of the status of information security within FNB
  • Security Reporting: Ensure all Information Security analysis and research are captured, recorded and reported on to ensure correct actions are implemented are executed
  • Conduct Compliance: Ensure that appropriate standards of conduct are established and complied with
  • Competency Development: Manage own development to increase own competencies
  • Technology Awareness: Maintain current knowledge of the Information Systems security industry's emerging technologies

3. Information Security Administrator Responsibilities

  • Security Maintenance: Maintain a diverse array of security applications and tools
  • Audit Remediation: Perform internal audit and vulnerability analysis and remediation
  • User Training: Administer enterprise end-user training/cyber training exercises
  • IT Support: Support IT Operations and manage a small number of daily tickets
  • Regulatory Checks: Daily, weekly, quarterly and annual checks and audits aligned with NIST, CIS, PCI and HIPAA
  • Project Execution: Do project research, provide recommendations, implement the solution and create documentation for any related support information and/or relevant procedures
  • Client Confidentiality: Adheres to the highest degree of professional standards and strict client confidentiality
  • Solution Evaluation: Aids in the evaluation of existing technical solutions and risk areas of Vendavo, Inc. and Vendavo, Inc. customers
  • Risk Expertise: Provides technical expertise regarding security risks and risk mitigation practices
  • Technical Guidance: Responsible for maintaining and delivering technical guidance related to enhancing Vendavo’s security posture and the deployment and maintenance of cybersecurity solutions
  • Threat Monitoring: Addresses changes in the threat landscape that can impact Vendavo customers
  • Control Design: Facilitates the development of the design and implementation of security architecture controls
  • Security Assessment: Aids in the execution of routine cybersecurity assessments, reviews and monitoring, including penetration testing of network infrastructure
  • Report Preparation: Assists in the preparation of assessment reports and other reports of findings
  • Security Liaison: Acts as the liaison between technical and non-technical people within Vendavo and Vendavo customers

4. Information Security Administrator Job Summary

  • Platform Administration: Install, configure, and administer various security platforms
  • Access Control: Create network policies, access control lists (ACL), and authorization rules to support the business and to defend against unauthorized access
  • Patch Management: Update security platforms with the latest software and security patches
  • Incident Response: Perform incident response for operational and cybersecurity-related issues
  • Project Collaboration: Work on cross-functional teams on network and security projects
  • Tier Support: Respond to tier 3 level support requests that are related to security technologies
  • Afterhours Support: Respond to out-of-hours operational issues and security incidents on a rotating team schedule
  • Regulatory Compliance: Ensure security-related systems meet all regulatory and compliance requirements
  • Incident Handling: Acts as an incident handler, incident response, and reporting point of contact
  • Risk Register: Advises on and maintains the UK BU Information Security Risk Register
  • Audit Assistance: Helps conduct or assist with Internal Audits
  • Policy Writing: Assists in the writing of policy, procedure, and standards documentation
  • Data Guidance: Using the provided tools, instruct the business on issues relating to unstructured data
  • Security Representation: Represents Information Security on the Change Advisory Board
  • Alert Monitoring: Carries out IS monitoring, e.g., following up on alert messages and looking for anomalies
  • Security Awareness: Developing and maintaining information security awareness within the business

5. Information Security Administrator Accountabilities

  • Security Officer: Serves as Information Systems Security Officer, encrypts data transmissions and erects firewalls to conceal confidential information as it is being transmitted and to keep out tainted digital transfers
  • Data Protection: Develop plans to safeguard computer files against accidental or unauthorized modification, destruction, or disclosure and to meet emergency data processing needs
  • Violation Review: Review violations of computer security procedures and discuss procedures with violators to ensure violations are not repeated
  • Policy Enforcement: Address infringements of information security program policies and educate offenders, in addition to reviewing and modifying policies and procedures periodically
  • Access Monitoring: Monitor the use of data files and regulate access to safeguard information in computer files
  • Virus Updates: Monitor current reports of computer viruses to determine when to update virus protection systems
  • File Modification: Modify computer security files to incorporate new software, correct errors, or change individual access status
  • Risk Testing: Perform risk assessments and execute tests of data processing systems to ensure the functioning of data processing activities and security measures
  • Security Evaluation: Perform security evaluations on new and existing software, information systems, and vendors
  • Impact Analysis: Conduct business impact analysis and assist with disaster recovery and business continuity planning
  • User Consultation: Confer with users to discuss issues such as computer data access needs, security violations, and programming changes
  • Security Training: Train users and promote security awareness to ensure system security and to improve server and network efficiency
  • Plan Coordination: Coordinate the implementation of computer system plans with establishment personnel and outside vendors
  • Admin Role: Serves in Administrator role in the following areas: OpenDNS, ProofPoint, PKI, Cisco ASA, and Firewall (Fortinet) as well as SIEM, DLP, EDR and AV solutions
  • Email Policies: Creates and customizes policies for email for PHI, PII, PCI, and GLB
  • Microsoft Hardening: Assists with management and hardening of Microsoft solutions, including Windows 10/11, Office 365, Exchange, Exchange Online, Active Directory, and SharePoint Online
  • IT Support: Provides second-level support for IT-related issues
Relevant Information
What Does An Information Security Do?
What Does An Information Security Architect Do?
What Does An Information Security Consultant Do?
What Does An Information Security Analyst Do?