A Security Analyst helps to detect cyber threats to an organisation, and helps to prevent them by analysis of the threats and aiding in implementing of solutions for identified IT Security weaknesses.
They may also be involved in the design, build and implementation of an organisations IT Security infrastructure within their job role. If you are new to cyber security, becoming a junior security analyst is a great way of getting your foot into the cyber security sector, as it allows you to get a greater understanding of cyber attack patterns and what you can do to defend against them. Both senior security analyst and junior security analysts earn competitive pay and are on the front-line defending against the latest cyber attacks.
There may be involvement in IT Security analysis, implementation and testing of the organisations IT Security strategy. The analyst may need to liaise with other specialist staff, software and hardware vendors plus others supplying computer security related services.
Typical job duties for the role of Security Analyst include reactive fire fighting of new security threats and exploits, together with proactive installation of more robust security architecture. Duties will also likely include some vulnerability testing, risk analysis, network management, intrusion detection and prevention plus maintenance of IT Security.
A good understanding of the organisations IT systems will be necessary in order for the Security Analyst to be able to recommend and implement the best solution to identified issues.
Management of networks, including Virtual Private Networks (VPN), Local Area Networks (LAN) and Wide Area Networks (WAN) will likely be necessary.
More specific Security Analyst responsibilities may include:
1) Developing a good knowledge of the organisations IT, technology and Information Systems.
As Security Analyst you will work with existing skilled staff, applying your up to date understanding of relevant security standards, authentication protocols, and security related hardware and software in an analytical capacity.
2) IT Security – Day to day management and threat analysis
You will likely need to analyse and potentially help others to manage the LAN (Local Area Network), Public Key Infrastructure (PKI), the WAN (Wide Area Network), and VPN (Virtual Private Network). You will need to monitor and analyse all exploits and threats, identifying their root cause and providing suggested fixes to administrators or recommended upgrade paths. Security weaknesses can be further identified with regular vulnerability testing which you will likely need to oversee and report to senior IT management or administrators on.
3) On-going tasks – IT Security maintenance, training and support
Assistance with the on-going maintenance and management of the organisations IT Security may be required. This will depend on the size of the organisation and its specific requirements. As Security Analyst you may need to produce technical documentation and analytical support to the organisations IT Security team. Tasks such as the development of a new corporate security policy, or security awareness staff training may need your input.
4) Recommended IT security fixes, tools, countermeasures, testing and future upgrade paths
As IT Security Analyst, you will be responsible for recommending upgrade paths, bug fixes and workarounds for potential IT Security issues as part of your job role. You may be required to have input into testing and implementation methodologies to ensure that any recommended IT Security work meets with the organisations objectives in a cost-effective and timely manner. You will need to assess the IT security tools, threat countermeasures and other tactics threat will keep the organisational data as secure from threats and exploits as possible. The ability to analyse collected data, and extract meaningful information, to report to decision-makers such as senior managers and other stakeholders, will be necessary within this role at your organisation.
The job of Security Analyst is usually a daytime role, working an average 40 hours per week. Short-term IT Security Analyst Contractors and Consultants may be paid a day rate where any additional work is chargeable.
Many employees will desire a Bachelors degree in a related field such as Computer Science, IT or a Cyber-Security related field, but this is not a necessity.
What can you expect to earn as a Security Analyst? The position of Security Analyst (IT) is an important role with many responsibilities. Salaries will of course vary depending on your experience, qualifications, the organisation and sector plus whether you are employed on a full-time, short-term Contractor or Consultant basis.
According to Payscale* Salary expectations for the role of Security Analyst range from $41,695 – $101,639 or £32,073 – £78,183 at a conversion rate of 1.3 for USD/GBP.
Sources: * Payscale – http://www.payscale.com/research/US/Job=Security_Analyst/Salary