What are the responsibilities of a Security Analyst?
A Security Analyst basically has to detect and prevent cyber threats within a company.
You will have to find the weaknesses in your infrastructure consisting of hardware, network and software on a daily basis and then find creative and effective ways to protect them.
You will be tasked to take on the following responsibilities:
- Create effective protocols and plans to protect company’s digital files and information from unauthorized access, destruction and modification.
- Maintenance of data
- Monitoring security acess
- Conduct external and internal security audits
- Manage intrusion detection, network and prevention system of the company
- Install or recommend appropriate software for countermeasures
- Help colleagues learn about security procedures and threats
- Work with outside vendors on security plans
- Implement and upgrade different security controls and measures
- Perform risk analysis, security assessments and vulnerability tests
- Anticipate any incoming security alerts, disasters and incidents then help with reducing the threat
- Conduct analysis on security breaches and find out the root causes
- Maintain, define and implement corporate security policies
What is the difference between a Security Analyst and Security Administrator?
A lot of people confuse Security Administrator with Security Analysts because they sound the same, but in reality they are different. Analysts and Administrators have different responsibilities respectively.
- Security Analysts are solely responsible for commencing data analysis and recommending the changes to seniors. They are not responsible for implementing or authorizing the changes themselves. They only have to keep the cyber criminals out.
- Security Administrators have to make sure that the systems in a given organization are working as intended. Unlike analysts, they have the authority to make changes, apply upgrades and even set up administrative rights for different users. Basically, they are the ones responsible for keeping systems up and running.
Both of these job positions can lead to a Security Manager position later in the career.
As a Security Analyst, you can move forward to the following positions within your career path:
From these high end positions, you can move to
Security Analysts are sometimes also known as:
- Information System Security Analyst
- Data Security Analyst
- IT security Analyst
The average salary of a System Analyst is $71, 023 per year. Basic salary can start anywhere at $49,000 per year and can go up to $105,000 per year (2016 figures)
You do not need to have a degree if you wish to join as a Security Analyst in a company. However, a lot of employers still prefer at least a bachelor’s degree in Cyber security, Computer science or related subjects.
If you do not have a technical degree, you can still impress your interviewers with training, work experience and different acquired certifications. For a full list of recommended certifications, scroll down.
This completely depends on the level of your employer. If your employer is a large organization, expect to have at least 1-5 years of experience. Many big organizations are demanding more than 5 years of work experience. Analysts have to work as incident responders before they can move up the ladder, but with adequate experience, a handful of certifications and a combination of good hard and soft skills, you can move in without performing duties of an incident responder.
You will need to have a good understanding of public speaking, teaching and writing skills. As a security analyst, you will be expected to talk over issues with senior colleagues or managers and as well as draft policies. You should have convincing power to translate your plans to upper management.
You should work on the following technical skills if you intend to find work within a big organization:
- DLP, anti malware and antivirus
- Firewall intrusion and detection protocols
- Linux, UNIX and Windows operating systems
- Network protocols
- Packet analysis tools
- Cloud Computing
- Security Information and Event Management (SIEM)
- IDS/IPS, vulnerability testing and penetration testing
- TCP/IP, routing and switching, general computer networking
- C, C++, C#, PHP, JAVA and similar programming languages
- SaaS models
Consider achieving these security certifications to make your resume look good. These are not necessary to find a job position as a security analyst but they are definitely worth doing if you want to beat the competition.
ECSA: EC-Council Certified Security Analyst
CEH: Certified Ethical Hacker
CISSP: Certified Information Systems Security Professional
Latest posts by Jake Ciber (see all)
- USA Muni market is slowly paying attention to cyber risks - June 15, 2017
- The cybersecurity industry will face massive worker shortfall by 2022 - June 8, 2017
- Is cybersecurity a threat to our interconnected future? - May 22, 2017