Information Security Analyst is that aspect of security analysis in which the analysts protect the organization’s information and data from falling into the wrong hands. The main job of a Security Analyst is to protect and analyze the security measures of the organization and to check how effective they are. They also give online or office training to the organization’s staff on the technical knowhow for implementing the required security measures. A Security Analyst has to work with both the business administrators as well as the IT professionals for communicating any flaws regarding the security systems concerned with the organization. Recommendation on any changes in the organization’s information security and documentation in case of security breaches are also a major part of the job in a Security Analyst’s Career.
Due to the overall rise and sophistication of cyber attacks, identity thefts and phishing activities, more and more organizations are employing IT professionals who are experts in cyber security.
IT service providers, financial and banking services, health care companies and government agencies are few of the common employers of Information Security Analysts.
Role of Security Analyst
The main job of an Information Security Analyst is to research new and effective security measures so that the organization’s information, data and network are safe. The Information Security Analyst must keep themselves up-to-date in the latest phishing trends and make sure that the hackers are not able to infiltrate the security system of the organization. In case of a breach in the security the information Security Analysts primary duty is to hand out a Disaster recovery Plan to the fellow IT employees. All the information and data of the organization is usually copied and transferred to an offsite location which helps the organization to function even after a major security disaster.
In a typical organization, an Information Security Analysts does the following duties:
- The Information Security Analyst investigates any breaches or violations in the organizations information security systems.
- Firewalls and data encryption programs are installed and used by the Security Analysts to protect any sensitive information from leaking out.
- Any kind of security breach inside the organization is documented by the Security Analyst.
- Security Analysts simulate hacking attacks also known as penetration tests to check for any vulnerabilities in the security system.
- Keep themselves up-to-date with the latest security trends in the market.
- Any kind of security planning for the organization is carried out and planned by the Security Analyst.
- The Security Analysts set the benchmark for standard security system of the organization.
- All kinds of security enhancements are reported to the senior IT staff or Management by the Security Analysts in the Organization.
- Security Analysts also help the Computer users learn and install newly introduced security products and standard procedures in the Security System inside the organization.
The Security Analysts have to work directly with the Upper management in an organization as they have to report critical security breaches. In order to design new security for the organization or to manage an existing disaster recovery system the Security Analysts have to work with the Organization’s Computer and Information System Manager or Chief Technology Officer (CTO)
Becoming an Information Security Analyst
Cyber attacks being ubiquitous there is an increasing demand for Information Security Analysts. A typical Security Analyst must have a bachelor’s Degree in Computer Science from an accredited university in order to qualify for the job. He also must have considerable years of experience in a related field. Master of Administration (MBA) in information systems is being preferred by many organizations in current times.
Requirements
Some of the important qualities that Security Analyst has to posses are:
- Analytical skills: Analytical skills are very essential for investigating in detail the irregularities in case of a security breach.
- Problem solving skills: One of the primary jobs of a Security Analyst is to fix any kind of flaws in the Security system.
- Detail Oriented: A detail oriented study is necessary to detect any kind of minor changes in performance.
- Ingenuity: A Security Analyst must be always ahead of cyber attackers and hackers and must invent newer methods to avoid phishing and leakage of the company’s sensitive data and information.
Certifications
As already mentioned a bachelor’s degree in computer science or an MBA in Information Systems is the most preferred certifications for an Information Security Analyst. There are a few other specialized certification courses which require a minimum years of experience. Some such courses are listed below:
- A CompTIA Security+
- Certified Ethical Hacker (CEH)
- CISSP
- mile2 CPTC
- CPTE
- Certified Information Security Manager
- Cyber Security Forensic Analyst
- Certified Confidentiality Officer
- Certified Internet Web Professionals
- Certified Computer Crime Investigator
Work Environment
As per the 2012 census, Information Security Analyst hold more than 75,100 jobs in the US economy. Security Analysts mainly work for computer companies, consulting firms, business and financial companies and the military.The Information System Analyst’s job is a fulltime job where they have to work with the other members of the IT Department. They primarily work with the Computer System Analysts or the Network Administrators. A few of them are also self employed. Security Analysts job is a full time job which may ask for extra additional hours of work in case of an emergency. The Security Analysts need to attend cyber security conferences to get a first hand experience of other professionals who have already experienced cyber attacks.
The percentage of System Analysts working in various industries are as listed below:
Sector |
Percentage (%) |
Computer Services |
27 |
Finance and Insurance |
19 |
Information Technology |
10 |
Management Companies |
8 |
Career Path and Job Growth
As mentioned earlier Information Security Analysts have a lucrative career with various job opportunities. Some of them may also be promoted to information security manager or chief information security officer with experience or additional or advanced qualifications.
According to the Bureau of Labor Statistics (BLS), 27,400 additional Security Analysts would be created by the year 2022 which is a 37% increase from the current job rate. With the increasing risk of cyber attacks the demand for Security Analyst’s job is very high with the federal government trying to increase the use of information security to protect the country’s IT systems.
Information Security Analyst Salary
According to the Bureau of Labor Statistics, the average annual salary for a Security Analyst has been estimated to be around $86,170 as in May 2012. The top four industries employing Security Analysts with their average salary has been listed below:
Sector |
Salary (in dollars) |
Insurance and Finance |
$92080 |
Information Technology |
$91440 |
Computer Services |
$88270 |
Management Companies |
$81130 |