6 answers
1
Question
Updated
766 views
What do cyber security analyst actually do in the office?
I've met quite a few people who are cyber security analysts, but I have no idea what that means. A little help?
Login to comment
6 answers
Updated
Paul’s Answer
Hi, A cyber security analyst could fill many roles within an Information Security organization. When I think of analysts, those are entry-level security professionals. Some roles are executing vulnerability tests and analyses to see if there are any issues, monitoring security reporting and looking for abnormal trends, and call center operator handling security incidents. There are many more roles beyond these, but I hope this helps.
Updated
Joy’s Answer
Hello Lucas!
Cyber Security can involve:
Hardware (Networks/Firewalls)
Software (Pen Testing, Identifying server vulnerabilities using software scans)
There are also roles identifying fraudulent activity - check out ‘fraud analyst’ roles with retailers, insurance companies, banks, etc. You’ll typically be reviewing online transactions for risky behavior.
You can also look into AML (Anti-Money Laundering) areas also to help identify wrongdoing and mitigate risk.
All in all, several areas are covered under the Cyber Security term. I’d check for some of the roles I’ve listed and determine what interests you most and then review a few job descriptions online to see the qualifications and skills companies are looking for in order to find the best fit!
Cyber Security can involve:
Hardware (Networks/Firewalls)
Software (Pen Testing, Identifying server vulnerabilities using software scans)
There are also roles identifying fraudulent activity - check out ‘fraud analyst’ roles with retailers, insurance companies, banks, etc. You’ll typically be reviewing online transactions for risky behavior.
You can also look into AML (Anti-Money Laundering) areas also to help identify wrongdoing and mitigate risk.
All in all, several areas are covered under the Cyber Security term. I’d check for some of the roles I’ve listed and determine what interests you most and then review a few job descriptions online to see the qualifications and skills companies are looking for in order to find the best fit!
Updated
Michelle’s Answer
Hello, Lucas !
It's great to know you have an interest in cyber security because it is a great way to use your skills and it is still a profession that is in high demand.
Although your job will vary according to which company you end up working for, I will outline some of the duties that may be expected of a cybersecurity professional.
You would monitor your company's network traffic and protect it from any loss, theft or issues. If something of suspect happens, you will be expected to investigate it in real time. You would also compose an incident report about it. You'd have to install security software like firewalls and encryption. You would examine the system for weaknesses and fix them. You'd also have to know how to come up with solutions for the best protection of the company's network. You would also conduct research about security threats, do risk assessments and do penetration tests.
I imagine that your day to day work would vary based on the type of company you would work for. A non-profit organization would be very different from a bank. It may be an interesting experience to shadow people working in a few different companies to see how it goes.
I sure do hope this has helped a bit and that your pursuit in this field is a successful one !
It's great to know you have an interest in cyber security because it is a great way to use your skills and it is still a profession that is in high demand.
Although your job will vary according to which company you end up working for, I will outline some of the duties that may be expected of a cybersecurity professional.
You would monitor your company's network traffic and protect it from any loss, theft or issues. If something of suspect happens, you will be expected to investigate it in real time. You would also compose an incident report about it. You'd have to install security software like firewalls and encryption. You would examine the system for weaknesses and fix them. You'd also have to know how to come up with solutions for the best protection of the company's network. You would also conduct research about security threats, do risk assessments and do penetration tests.
I imagine that your day to day work would vary based on the type of company you would work for. A non-profit organization would be very different from a bank. It may be an interesting experience to shadow people working in a few different companies to see how it goes.
I sure do hope this has helped a bit and that your pursuit in this field is a successful one !
Updated
Brandon’s Answer
It really does depend on each company and where they are in their security program. Some are more advanced than others and thus have different responsibilities. Titles also don't always represent the role in which you're hired. For example, this very title at the company I work for also encompasses Governance and Risk Compliance. Which is actually an entire section of security work!
Updated
Jaime’s Answer
Chances are, you'll be teaming up with a seasoned pro or mentor who'll show you the ropes on a security enterprise tool. Think of it like an internal tool for spotting weaknesses. As a cyber security analyst, you could play a key role in gathering the data and sharing it with the various teams tasked with patching up these vulnerabilities.
James Constantine Frangos
Consultant Dietitian & Software Developer since 1972 => Nutrition Education => Health & Longevity.
3769
Answers
Updated
James Constantine’s Answer
Dear Lucas,
Unveiling the Work of Cyber Security Analysts
In the digital realm, cyber security analysts serve as the guardians of an organization's precious data and confidential information, shielding them from unauthorized access, use, disclosure, and alteration. Their main duty is to devise, apply, enhance, and supervise security protocols for the safeguarding of data, networks, and systems.
Here's a breakdown of the pivotal tasks and duties that cyber security analysts typically undertake in an office environment:
1. Threat Analysis and Risk Assessment: Cyber security analysts vigilantly oversee the organization's networks and systems to spot potential weak points and threats. They scrutinize network traffic, system logs, and other data sources to identify unusual activities or patterns that could signal a security breach or cyber attack. They also evaluate the possible impact of identified threats on the organization's operations, assets, and stakeholders.
2. Incident Response: When a security incident arises, cyber security analysts are on the front lines, responding swiftly and effectively to minimize the damage and lessen the impact. They delve into the root cause of the incident, gather and analyze evidence, and formulate a plan to fix the vulnerability or weakness that was exploited. They also collaborate with other teams, such as IT operations, legal, and public relations, to oversee the incident response process and communicate with stakeholders.
3. Security Policy Development and Implementation: Cyber security analysts craft and implement policies, procedures, and guidelines to ensure that the organization's information security practices are in line with industry standards, regulatory requirements, and best practices. They also make sure that all employees are knowledgeable about and comply with these policies and procedures.
4. Security Training and Awareness: Cyber security analysts conduct training and awareness programs to inform employees about information security risks, threats, and best practices. They may also carry out phishing simulations, social engineering tests, and other exercises to gauge the organization's susceptibility to human-related risks.
5. Compliance Monitoring: Cyber security analysts oversee the organization's adherence to various laws, regulations, and standards related to information security, such as HIPAA, PCI-DSS, GDPR, and NIST. They ensure that all necessary controls are in place and functioning properly to meet compliance requirements.
6. Vendor Management: Cyber security analysts assess the security stance of third-party vendors and service providers that have access to the organization's networks and systems. They ensure that these vendors abide by the organization's security policies and procedures and that they have adequate safeguards in place to protect sensitive data.
7. Technical Expertise: Cyber security analysts possess profound technical expertise in various areas of information security, such as network security, application security, cloud security, mobile security, identity and access management, encryption, firewalls, intrusion detection/prevention systems (IDS/IPS), Security Information and Event Management (SIEM) systems, vulnerability assessment tools, penetration testing tools, and forensic analysis tools.
8. Collaboration: Cyber security analysts work hand in hand with other teams within the organization, such as IT operations, development, quality assurance (QA), project management office (PMO), legal, public relations (PR), human resources (HR), physical security, audit, compliance, risk management, executive management, and board of directors (BOD).
9. Continuous Improvement: Cyber security analysts are always striving for improvement in their skills, knowledge, tools, processes, and practices. They stay abreast of the latest trends, threats, technologies, regulations, standards, best practices, research papers, case studies, whitepapers, webinars, conferences, training courses, certifications (e.g., CISSP), blogs/podcasts/videos/books/magazines/newsletters/forums/social media.
In a nutshell, cyber security analysts are the linchpins in protecting an organization's digital assets and sensitive information from cyber threats. They perform a variety of tasks related to threat analysis.
Stay Blessed!
James Constantine.
Unveiling the Work of Cyber Security Analysts
In the digital realm, cyber security analysts serve as the guardians of an organization's precious data and confidential information, shielding them from unauthorized access, use, disclosure, and alteration. Their main duty is to devise, apply, enhance, and supervise security protocols for the safeguarding of data, networks, and systems.
Here's a breakdown of the pivotal tasks and duties that cyber security analysts typically undertake in an office environment:
1. Threat Analysis and Risk Assessment: Cyber security analysts vigilantly oversee the organization's networks and systems to spot potential weak points and threats. They scrutinize network traffic, system logs, and other data sources to identify unusual activities or patterns that could signal a security breach or cyber attack. They also evaluate the possible impact of identified threats on the organization's operations, assets, and stakeholders.
2. Incident Response: When a security incident arises, cyber security analysts are on the front lines, responding swiftly and effectively to minimize the damage and lessen the impact. They delve into the root cause of the incident, gather and analyze evidence, and formulate a plan to fix the vulnerability or weakness that was exploited. They also collaborate with other teams, such as IT operations, legal, and public relations, to oversee the incident response process and communicate with stakeholders.
3. Security Policy Development and Implementation: Cyber security analysts craft and implement policies, procedures, and guidelines to ensure that the organization's information security practices are in line with industry standards, regulatory requirements, and best practices. They also make sure that all employees are knowledgeable about and comply with these policies and procedures.
4. Security Training and Awareness: Cyber security analysts conduct training and awareness programs to inform employees about information security risks, threats, and best practices. They may also carry out phishing simulations, social engineering tests, and other exercises to gauge the organization's susceptibility to human-related risks.
5. Compliance Monitoring: Cyber security analysts oversee the organization's adherence to various laws, regulations, and standards related to information security, such as HIPAA, PCI-DSS, GDPR, and NIST. They ensure that all necessary controls are in place and functioning properly to meet compliance requirements.
6. Vendor Management: Cyber security analysts assess the security stance of third-party vendors and service providers that have access to the organization's networks and systems. They ensure that these vendors abide by the organization's security policies and procedures and that they have adequate safeguards in place to protect sensitive data.
7. Technical Expertise: Cyber security analysts possess profound technical expertise in various areas of information security, such as network security, application security, cloud security, mobile security, identity and access management, encryption, firewalls, intrusion detection/prevention systems (IDS/IPS), Security Information and Event Management (SIEM) systems, vulnerability assessment tools, penetration testing tools, and forensic analysis tools.
8. Collaboration: Cyber security analysts work hand in hand with other teams within the organization, such as IT operations, development, quality assurance (QA), project management office (PMO), legal, public relations (PR), human resources (HR), physical security, audit, compliance, risk management, executive management, and board of directors (BOD).
9. Continuous Improvement: Cyber security analysts are always striving for improvement in their skills, knowledge, tools, processes, and practices. They stay abreast of the latest trends, threats, technologies, regulations, standards, best practices, research papers, case studies, whitepapers, webinars, conferences, training courses, certifications (e.g., CISSP), blogs/podcasts/videos/books/magazines/newsletters/forums/social media.
In a nutshell, cyber security analysts are the linchpins in protecting an organization's digital assets and sensitive information from cyber threats. They perform a variety of tasks related to threat analysis.
Stay Blessed!
James Constantine.