Career roadmap

Security Manager

The first true leadership rung in cybersecurity. You move from doing the work to multiplying the team that does it — runbooks, on-call health, hiring bar, performance, and translating executive direction into delivery.

Year-by-year milestones

  1. Run a tight on-call rotation
  2. Own a hiring loop end-to-end
  3. Survive one performance case
  4. Ship a process improvement
  5. Brief your director monthly
## What the role is really about A Security Manager owns a 5-10 person function (most commonly a SOC, AppSec, or GRC team). The hardest transition is psychological: stop being the best individual contributor on the team, start making the team better than you. Your day shifts from triaging incidents and shipping detections to 1:1s, hiring loops, runbook reviews, vendor escalations, and quarterly OKR planning. Engineering instinct still matters — you must be able to call out a bad detection or a flimsy threat model — but you no longer ship. ## What you're measured on - **Team output**: tickets closed, MTTD/MTTR, detection coverage, audit findings closed - **Team health**: attrition, on-call burnout signals, hiring velocity, internal promotion rate - **Operational maturity**: runbook coverage, post-incident review cadence, on-call rotation fairness - **Cross-functional**: SLAs with IT, engineering, legal, GRC ## The leadership readiness lens When CyberActive grades you for this rung, we look at five dimensions: 1. **Team leverage** — can you describe a system you built that made the team faster? 2. **Operational maturity** — do you measure what matters, not what is easy? 3. **Hiring judgment** — can you articulate your bar, your loop, and your last bad hire? 4. **Conflict handling** — have you managed an underperformer through to either improvement or exit? 5. **Comms clarity** — can you brief your director in 3 bullets, not 30?

Frequently asked questions

Do I need an MBA?

No. SANS LDR512 (Security Leadership Essentials) or a CISM is more credible at this rung. MBA matters more at Head of Security / CISO.

How long should I spend as a manager before going for Head of?

Typical UK path is 2-4 years. The hard signal is having promoted two of your reports and run one external hiring loop end-to-end.

Can I stay technical?

You should — at least 1 day a week in code or queries. Lose touch entirely and you stop being able to call BS on your team's designs.

Map your own roadmap

Get a personal gap report, AI Career Twin and practice keyed to your target band.

Start free
// related