Information security analysts plan and carry out security measures to protect an organization’s computer networks and systems. Sometimes this area is called “cybersecurity.” With the number of cyberattacks increasing, their responsibilities are continually expanding. Often this position is part of an organization’s information technology (IT) function but sometimes it is handled by third party contractors on a consulting basis.
Typical Duties for Cyber Security
Typical duties for information security analysts include the following:
- Monitor their organization’s networks and workstation for security breaches and investigate when one occurs
- Install and maintain software and hardware, such as firewalls and data encryption programs, to protect sensitive information
- Document reports for security breaches and determine the extent of the damage caused by the breaches
- Conduct penetration testing, by simulating attacks to look for vulnerabilities in their systems before they can be exploited
- Research the current information technology security trends
- Help plan and implement an organization’s way of handling security
- Develop security standards and best practices for their organization
- Recommend security enhancements to management and senior IT staff
- Help computer users when they need to install or learn about new security products and procedures
The most important requirement for information security analysts is diligence. They continually must prepare and adapt to stay ahead of cyberattackers, who are changing methods and exploiting new vulnerabilities. Continuous study is needed to stay up to date on the latest methods used by attackers to infiltrate computer systems. As software and hardware changes or needs updating, analysts research new security technology to decide how best to protect their organization. This often involves attending cybersecurity conferences to hear firsthand accounts of other professionals who have experienced new types of attacks.
Although protecting against possible attacks is always the primary focus, IT security analysts need to be part of creating their organization’s disaster recovery plan. This is the procedure that IT employees follow in case of emergency, when an attack does happen. Having this plan will include having ways of continuing business operations, after an attack happened and to reduce additional damage. This includes preventative measures such as regularly copying and transferring data to an offsite location, and testing backup procedures.
Because information security is important, information security analysts usually report directly to upper management. Often these employees work with the IT systems manager or chief technology officer (CTO) to design security and to implement disaster recovery systems.