What Does a Security Analyst Do?
What is a Security Analyst?
A Security Analyst detects and prevents cyber threats to an organization. That means your job will involve ferreting out weaknesses in your infrastructure (software, hardware and networks) and finding creative ways to protect your company. In the morning, you might be researching the effectiveness of new security measures. In the afternoon, you might be dealing with an active security threat. In a small organization, you could also be handling Security Administrator tasks.
It can be quite an active & engaging role. Security Analysts often acquire a dizzying array of technical skills and gain plenty of experience in pen testing, intrusion detecting, auditing, and more. Some choose to stay in the job for most of their careers, while others use it as a stepping stone to higher-level opportunities, including top management positions (e.g. CISO).
Security Analyst Job Responsibilities
In any given week, you may be required to:
- Plan, implement and upgrade security measures and controls
- Establish plans and protocols to protect digital files and information systems against unauthorized access, modification and/or destruction
- Maintain data and monitor security access
- Perform vulnerability testing, risk analyses and security assessments
- Conduct internal and external security audits
- Anticipate security alerts, incidents and disasters and reduce their likelihood
- Manage network, intrusion detection and prevention systems
- Analyze security breaches to determine their root cause
- Recommend and install appropriate tools and countermeasures
- Define, implement and maintain corporate security policies
- Train fellow employees in security awareness and procedures
- Coordinate security plans with outside vendors
Security Analyst Careers
Security Analyst Career Paths
The next logical career steps for a Security Analyst include:
From there, you can work your way towards becoming a:
Security Analyst vs. Security Administrator
Confused about the difference between a Security Analyst and a Security Administrator? Analysts and Administrators are peers, but they do not have the same job responsibilities.
- Security Analysts are responsible for analyzing data and recommending changes to higher ups. But they are usually not the ones responsible for authorizing and implementing changes. Their main job is keeping attackers out.
- Security Administrators ensure that systems are working as designed. Unlike analysts, they make changes, apply patches and set up new admin users. Their main job is keeping systems up.
In both cases, the immediate supervisor is usually a Security Manager.
The role of “Security Analyst” encompasses job titles such as:
- Data Security Analyst
- Information System Security Analyst
- IT Security Analyst
Security Analyst Salaries
According to Payscale, the median salary for a Security Analyst is $66,981 per year (2019 figures). Overall, you can expect to take home a total pay of $42,782 – $100,755. This includes your base annual salary, bonuses, profit sharing, tips, commissions, overtime pay and other forms of cash earnings, as applicable.
Security Analyst Job Requirements
As you start to browse through Security Analyst job openings, pay attention to your search terms. Specify your field of interest (e.g. healthcare, finance, government, etc.) and your geographic location. This will give you a much better sense of what employers are hungry for. Many companies are looking for at least 1 year of work experience, but you may be able to persuade the hiring committee to consider internships and summer/online bootcamps. A BS in Cyber Security is an excellent qualification, but it’s not the only one you can have, especially if you’re already technically savvy.
You might also want to think about starting small. If you’re not qualified for some of the high-flying jobs, consider working for a well-regarded company as a security analyst/administrator for a couple of years. While you’re there, you can start leading security defense initiatives, conferring with executives, and making a name for yourself. That way you’ll have outstanding references and all sorts of relevant skills when you choose to move on.
This will depend on the complexity of your organization’s security needs. The majority of job postings ask for 1-5 years of experience. Many folks with 5+ years of experience don’t want the stress of working as an Incident Responder and will opt for a lifelong career as an analyst instead. Employers are usually happy to accept them.
There is no firm and fast degree requirement for Security Analysts. Nevertheless, most employers are going to be looking for a bachelor’s degree in Computer Science, Cyber Security or a related field.
Having said that, there are a lot of current analysts who have gone through weird and wonderful routes. If you don’t have a comp sci or security degree, you may be able to impress hiring agencies with experience, training and certifications.
Consider honing your technical skills in:
- IDS/IPS, penetration and vulnerability testing
- DLP, anti-virus and anti-malware
- TCP/IP, computer networking, routing and switching
- Firewall and intrusion detection/prevention protocols
- Windows, UNIX and Linux operating systems
- Network protocols and packet analysis tools
- C, C++, C#, Java or PHP programming languages
- Cloud computing
- SaaS models
- Security Information and Event Management (SIEM)
Soft skills like writing, teaching and public speaking are equally important. As part of your job, you’ll be expected to draft policies, talk over issues with upper management and explain how your security plans fit into the larger corporate picture.
Overall, analysts are expected to be curious, creative thinkers who are deeply interested in the latest security developments and tools.
Certifications for Security Analysts
Security certifications look good on résumés, but they’re not always necessary for certain positions – check the job requirements. In addition, some of these certifications (e.g. CISSP) require a number of years of experience:
- CEH: Certified Ethical Hacker
- ECSA: EC-Council Certified Security Analyst
- GSEC / GCIH / GCIA: GIAC Security Certifications
- CISSP: Certified Information Systems Security Professional