Typical duties and responsibilities
Key duties and responsibilities depend on the size and security level of the organization you will work for. However, core duties and responsibilities include:
- Investigating security breaches and other cyber security incidents in the organizations system
- Working with security teams to perform tests and uncover network vulnerabilities
- Monitoring computer networks to assess security issues
- Installing security measures and operating software (e.g., firewalls and data encryption programs) to protect systems and information infrastructure
- Documenting and reporting security breaches and assessing the damage that they have caused
- Fixing detected vulnerabilities to maintain a high-security standard
- Following and keeping up to date with IT security trends, technology trends and security standards
- Helping with the installation of security software
- Researching and making recommendations to management on security enhancements
Like most cybersecurity roles, employers typically look for a degree in Computer Science, or another science related field.
However, Cybrary offer a range of online courses to aid you in your journey to becoming a security analyst. They offer level one, level two and level three courses which all provide you with the skills and resources to eventually earn the CompTIA CASP+ certificate.
A level one course requires little experience and they recommend that you have a basic understanding of IT and network fundamentals. They do, however, recommend that you should have 10 years of experience in IT administration, including experience in hands-on information security technical experience to complete your level three course.
Skills and work experience
Many employers will seek relevant work experience. Relevant work experience includes experience in computer network penetration testing and techniques. You will also need to have an understanding of firewalls, proxies, SIEM, antivirus and IDPS concepts.
It is also advantageous to have experience and knowledge of hacking, intrusion prevention, incident response, computer forensics and reverse engineering.
You also need to be able to demonstrate excellent attention to detail and that you have an analytical mindset as security analysts tend to work with scenarios, which means pouring over thousands and thousands of pages of data to look for anomalies.
Finally, demonstrating creativity is an added bonus as you will always have to be thinking one step ahead to prevent the organizations network from experiencing security attacks.
You can expect to be working full-time in normal business hours (Monday to Friday, 9am to 5pm). However, sometimes you will need to be on call and work outside of normal working hours in case of an emergency or to roll out a major update.
According to PayScale, the average salary for a security analyst is $68,000 annually.
The Bureau of Labour Statistics also estimates a 32% growth in hiring for Cybersecurity analyst role between 2018 and 2028.
Typically, analysts work for smaller organization and control their whole network. However, there are options to work for bigger business and many progression opportunities. Many analysts end up advancing into more specialized roles in engineering, compliance or penetration testing, making it a desirable role to start off in for cyber security.