4 answers
Robert
Student
Brunswick, Maine
3
Questions
Asked
518 views
What Skills and Training are needed to be an Information Security Analyst.
I'm A Student enrolled in Job Corps going in for training in Computer Networking and Cyber Security. Information Security Analyst is an occupation that I've been looking into and I was wondering what training is necessary to be one.
#information-technology #computer-science
Login to comment
4 answers
Ram Palagani
Software Engineer
16
Answers
Cary, North Carolina
Updated
Ram’s Answer
When a person goes to secure a job as an information security analyst, there are several skills that should be outlined on a resume. It is also helpful to be aware of these skills when performing job searches. Based on my research, I find the below from https://www.thebalancecareers.com page.
Information Security Analyst Skills List:
Analytical ability
Administering Information Security Software and Controls
Analyzing Security System Logs, Security Tools, and Data
Communicating Up, Down, and Across All Levels of the Organization
Communication
Creating, Modifying, and Updating Intrusion Detection Systems (IDS)
Creating, Modifying, and Updating Security Information Event Management (SIEM)
Creativity
Experience With Intrusion Prevention Systems and Tools
Deep Understanding of Risk Management Frameworks
Defining Process for Managing Network Security
Detail Oriented
Discovering Vulnerabilities in Information Systems
Evaluating and Deconstructing Malware Software
Familiarity with Security Regulations and Standards
Implement and Maintain Security Frameworks for Existing and New Systems
Information Technology Knowledge
Improving Security Efficiency
Installing Firewall and Data Encryption Programs
Maintaining Security Records of Monitoring and Incident Response Activities
Monitoring Compliance with Information Security Policies and Procedures
Network and System Administration Experience
Remediating Security Issues
Responding to Requests for Specialized Cyber Threat Reports
Performing Cyber and Technical Threat Analyses
Performing Security Monitoring
Preventing Hacker Intrusion
Producing Situational and Incident-Related Reports
Problem-Solving
Providing Host-Based Forensics
Providing Timely and Relevant Security Reports
Responding to Security Events
Self-Motivation
Staying One Step Ahead of Cyber Attacks
Strong Technical Background in Data Loss Prevention
Supporting and Managing Security Services
Team Player
Training Organization on Security Measures
Up-To-Date on Relevant Technologies
Information Security Analyst Skills List:
Analytical ability
Administering Information Security Software and Controls
Analyzing Security System Logs, Security Tools, and Data
Communicating Up, Down, and Across All Levels of the Organization
Communication
Creating, Modifying, and Updating Intrusion Detection Systems (IDS)
Creating, Modifying, and Updating Security Information Event Management (SIEM)
Creativity
Experience With Intrusion Prevention Systems and Tools
Deep Understanding of Risk Management Frameworks
Defining Process for Managing Network Security
Detail Oriented
Discovering Vulnerabilities in Information Systems
Evaluating and Deconstructing Malware Software
Familiarity with Security Regulations and Standards
Implement and Maintain Security Frameworks for Existing and New Systems
Information Technology Knowledge
Improving Security Efficiency
Installing Firewall and Data Encryption Programs
Maintaining Security Records of Monitoring and Incident Response Activities
Monitoring Compliance with Information Security Policies and Procedures
Network and System Administration Experience
Remediating Security Issues
Responding to Requests for Specialized Cyber Threat Reports
Performing Cyber and Technical Threat Analyses
Performing Security Monitoring
Preventing Hacker Intrusion
Producing Situational and Incident-Related Reports
Problem-Solving
Providing Host-Based Forensics
Providing Timely and Relevant Security Reports
Responding to Security Events
Self-Motivation
Staying One Step Ahead of Cyber Attacks
Strong Technical Background in Data Loss Prevention
Supporting and Managing Security Services
Team Player
Training Organization on Security Measures
Up-To-Date on Relevant Technologies
Thank you for the answer it helps.
Robert
Steve Mejia
Cybersecurity
1
Answer
Irvine, California
Updated
Steve’s Answer
An Information Security Analyst is a wonderful occupation that is in high demand by most companies.
This role best fits someone that has these traits:
- Creative: You will need to look at problems from all angles. The bad guys use very creative techniques to attack an organization.
- Patient: It takes time to find vulnerabilities and indicators of compromise
- Inquisitive: Threats are evolving all the time so it is critical to keep learning about the latest techniques being used
This role requires, at a minimum, the following skills:
- Understanding data networks
- Understanding PCs and Servers
- Understanding application development
- Understanding Cloud computing
Some ways to develop skills needed to succeed include:
- Stay abreast of the latest security threats (free sources include: ThreatPost.com, Securityweek.com)
- Learn about Security Frameworks like ISO 27001 (search on Google) and NIST (nist.gov/cyberframework)
- Get certified. Some of the most common certifications (CISSP, CISA, CISM, etc.) require years of experience and are thus not practical for someone just getting into the field. However, some certifications do not have this requirement and are worth getting (e.g., CompTIA Security+, CompTIA's Network+) to build credibility.
Get certified in CompTIA Security+ or Comp TIA Network+
Visit ThreatPost.com and SecurityWeek.com and signup to get daily reports sent to your email
Go to the NIST site (https://www.ftc.gov/tips-advice/business-center/small-businesses/cybersecurity/nist-framework) to get free information about their framework. Use the links to training videos.
This role best fits someone that has these traits:
- Creative: You will need to look at problems from all angles. The bad guys use very creative techniques to attack an organization.
- Patient: It takes time to find vulnerabilities and indicators of compromise
- Inquisitive: Threats are evolving all the time so it is critical to keep learning about the latest techniques being used
This role requires, at a minimum, the following skills:
- Understanding data networks
- Understanding PCs and Servers
- Understanding application development
- Understanding Cloud computing
Some ways to develop skills needed to succeed include:
- Stay abreast of the latest security threats (free sources include: ThreatPost.com, Securityweek.com)
- Learn about Security Frameworks like ISO 27001 (search on Google) and NIST (nist.gov/cyberframework)
- Get certified. Some of the most common certifications (CISSP, CISA, CISM, etc.) require years of experience and are thus not practical for someone just getting into the field. However, some certifications do not have this requirement and are worth getting (e.g., CompTIA Security+, CompTIA's Network+) to build credibility.
Steve recommends the following next steps:
Satheesh K Jaganathan
CyberSecurity Analyst
3
Answers
Sterling, Virginia
Updated
Satheesh K’s Answer
Do ComptiA Security + certification, that will cover most of the stuff.
And then pick whether Network security, Identity management or Application Security which interests you most.
Pick tools relevant to one of the above and do some study. Learn about cloud. If you get an internship, then all these will be very easy..
And then pick whether Network security, Identity management or Application Security which interests you most.
Pick tools relevant to one of the above and do some study. Learn about cloud. If you get an internship, then all these will be very easy..
Ken Meier
Information Security Team Lead | Identity Access Management | MS Cybersecurity | CISSP-ISSMP
34
Answers
Pittsburgh, Pennsylvania
Updated
Ken’s Answer
Attention to detail, perseverance and communication are important skills need to be an information security analyst. You also need to be inquisitive and devoted to continuous improvement.
There isn't a single training path required, but there many ways to demonstrate your qualifications. Degrees in relevant areas like computer science or engineering can show your dedication to completing a multi-year program of study. Industry certifications like Security+ and ITIL can attest to your knowledge of key concepts that employers value.
There isn't a single training path required, but there many ways to demonstrate your qualifications. Degrees in relevant areas like computer science or engineering can show your dedication to completing a multi-year program of study. Industry certifications like Security+ and ITIL can attest to your knowledge of key concepts that employers value.