Security Analyst
What You Do
Security analysts coordinate planned security measures to protect information in computer files from accidental or unauthorized modification, destruction or disclosure. In addition, you may be responsible for designing and monitoring security systems.
Job stream: Security
Sample titles:
* Security Analyst
* System Programmer
* Systems Analyst
* Technical Analyst
* IT Security
Who You Do It For
Security analysts work for almost any company or organization concerned with data security. They are also employed by specialized consulting firms, doing this type of work on a contractual basis.
How You Do It
To perform your job as a security analyst you will need experience in technical areas such as:
* programming,
* systems analysis, and
* telecommunications.
In addition, you will need to understand an organization’s business in order to know what computerized functions they cannot afford to lose. To do this job, you will develop plans to meet emergency data processing needs and safeguard computer files against:
* accidental or unauthorized access (for private or confidential data),
* accidental or unauthorized modification,
* destruction, and
* disclosure.
Once the plans are developed, you will coordinate their implementation with inside personnel and outside vendors. This will include conducting tests to ensure the functions of data processing activities and security measures are operational.
If problems are identified, it is up to you to modify the security files to:
* incorporate new software,
* correct errors, and
* change an individual’s access status.
Throughout the course of your job, you will be required to write reports to document computer security and emergency measures, procedures and test results.
Challenges
As a security analyst, you need to have an up-to-date understanding of the security measures at all stages of the informatics systems life cycle, and a thorough understanding of:
* IT business management,
* quality management, and
* risk management.
The job can be high-stress, especially when tight deadlines or security infractions have been uncovered.
Skills
* gather and interpret relevant data and information,
* interact with computer technology to solve a variety of complex problems,
* interview and relate to people,
* recognize and diagnose problems,
* differentiate between fact and fiction,
* communicate clear and consistent information,
* think analytically and problem solve,
* make effective decisions under pressure,
* explain complex information simply and accurately,
* pay attention to detail and work effectively under pressure.
Working Conditions
Generally, security analysts work 40 hours per week in comfortable offices. In larger organizations, the security analyst is a separate position. However, in smaller organizations, you can expect to perform multiple jobs, with security analyst work being one of them. Expect extreme stress when the system is threatened by a potential or actual crisis.
Like other workers who spend their time in front of a computer terminal, security analysts are susceptible to eyestrain, back discomfort and hand and wrist problems.
What the Future Holds
With the proliferation of networks and more skilled hackers, security problems have intensified. With these factors, it is anticipated that demand for security analysts will continue to increase. Through consulting work there is also more of an opportunity to work on a contractual basis with a variety of organizations.
Skill Levels
Entry Level Security Analyst
Working under the supervision of a more senior informatics staff member, you could be required to do the following:
* perform routine operations of security arrangements in an organization,
* fully understand the implications of legislation, insurance and regulation of frameworks,
* ensure compliance to audit, quality and security standards,
* understand risk analysis, disaster recovery, planning and event simulation,
* participate in implementation of disaster contingency plans, and
* assist in staff training in security.
Full Working Security Analyst
You will be performing the job of security analyst without supervision and you may be responsible for the supervision of other staff on a project. In addition you may be responsible for small projects or portions of medium-large projects, and you may also be required to:
* proactively disclose and remedy actual or potential breaches and risks,
* apply expert knowledge to good security practices and planning,
* take responsibility for arrangements for physical and logical security policy,
* advise other professionals of necessity for security counter-measures,
* monitor budgets and advise senior management regarding security,
* maintain broad awareness of informatics and security trends, and
* formally evaluate security features of information products and systems.
Intermediate Security Analyst
As the intermediate security analyst, you will be expected to supervise staff. You may also be required to:
* carry out and evaluate investigative work regarding potential threats,
* take full responsibility for handling simulated and actual disaster scenarios,
* ensure training in security matters is provided to all levels of staff,
* command respect for competence and excellence in informatics security, and
* advise senior management on informatics security and devise policies.
Senior Security Analyst
As the senior security analyst you will most likely be involved in planning, conducting and supervising complex informatics assignments. You will also be involved in designing and applying new methods and procedures and supervising staff.
Your job could also be required to do some of the following:
* direct and apply control systems to prevent error, abuse, fraud, etc.,
* take full responsibility for minimizing disaster threat effects and for recovery,
* demonstrate wide informatics technical knowledge and practical expertise,
* present and communicate effectively,
* constantly review procedures for security failing and disaster recovery,
* take leading role in originating and maintaining security policies, and
* take leading part to ensure compliance with security plans and standards.
Salary Range
$50,750 - $96,750
Education and Training
Junior Security Analyst
Education requirements vary depending on an employer’s needs. However, it is advisable to take a combination of courses in computer programming, management information systems, business and systems design and analysis. In general, you need a university degree or college diploma with 0-2 years experience in the IT industry.
Full Working Security Analyst
This level requires 3-5 years experience in the IT industry and specific job experience in addition to a university degree or college diploma.
Intermediate Security Analyst
This level requires 3-5 years experience in the IT industry and specific job experience in addition to a university degree or college diploma.
Senior Security Analyst
This level requires 6-8 years experience in the IT industry and specific job experience as well as a university or college diploma.