The Job Description of a Security Analyst

Thinking on few things that can help people out there to begin or advance in a career in IT Security or Cybersecurity. I had to get some information about this from a Job description of what companies are looking for in candidates, just because, yeah Andres had to find out, and help the now growing audience of CyberSecEngineer

Disclaimer

I may not be the right person for specific career advise on Cyber Security, however, I will/should/could be able to provide a high-level overview of how things work from a career point of view, if you are interested in such thing, make sure you ask me using the comments section, and I will do my best to reply ** I hope the comments section work 🙂

What are the technical skills?

I went like a crazy person and copied a job description from Indeed.com and found the following information, I hope I’m not breaking any rules.

  • System and Data protection
  • Active Directory, Firewalls
  • VPN Access
  • IDS/IPS devices
  • Web Application Firewalls
  • web filtering
  • SIEM log management and analysis

What about things they want you to be doing?

And again, like a crazy person I took the same job entry and copied this section.

  • Collect data to analyze and evaluate existing or proposed systems for effectiveness, reporting to the organization and return on investment.
  • Strong analytical and diagnostic skills. Research, plan, install, configure, troubleshoot, maintain and upgrade systems, hardware and software interfaces with the operating system.
  • Conduct technical Vulnerability Assessments including systems and network vulnerability assessments, web application assessments, social engineering assessments, physical security assessments, wireless security assessments and implementing secure infrastructure solutions.
  • Proactively assist with detection and mitigation of security incidents.
  • Adds all hashes and URLs required to mitigate the breach.
  • Maintain the integrity of process and approach, as well as controls, for the whole incident management process including the ability to coordinate and manage major/highly sensitive investigations with potential or business-wide impact/reputational damage.
  • Be able to understand and forensically show how attacks from the Internet occur.
  • Respond to and mitigate such attacks.
  • Ability to work with current SIEM software platform to create AI rules.
  • Monitor and detect threats. Research, plan, install, configure, troubleshoot, maintain and upgrade security systems, hardware and software interfaces with the operating system.
  • Prepare detailed flow charts and diagrams outlining systems capabilities and processes.
  • Research and recommend security software purchase and implementation.
  • Select among authorized procedures and seek assistance when guidelines are inadequate, significant deviations are proposed, or when unanticipated problems arise. Work as team member with other technical staff to ensure connectivity and compatibility between systems.
  • Write and maintain system documentation. Conduct technical research on system upgrades to determine feasibility, cost, the time required, and compatibility with the current system.
  • Maintain confidentiality with regard to the information processed, stored or accessed by the network.
  • Document system problems and resolutions for future reference. Perform typical system administration within the security environment under the direction of enterprise security, storage, and planning lead. Respond to end-user concerns, answering questions and working under the supervision of senior staff to problem solve with vendors, documenting application setup and configuration.
  • Administer and maintain user access as related to security.
  • Resolves user production problems as related to security. Contacts vendors to report and resolve issues.
  • Assist with administration of enterprise-wide software to modify application configuration files, administering and maintaining user access to ensure system availability.
  • Respond quickly and appropriately to urgent requests from a wide variety of sources.
  • Assist with development and delivery of both technical documentation and end-user training material.

Final Thoughts?

I think that the Security landscape will continue moving, and moving in a direction that will offer many different opportunities and possibilities for people that want to make a presence in the Security world.
Also, I think that there are many things that need to be done to be prepared and take on a job description like this.

And last but not least, please don’t be intimidated, there are many things that are not set in stone and others that can be learned in the job, but remember that this may play with the compensation piece of the negotiation when applying for such job

About the Author:

Andres Sarmiento, CCIE # 53520 (Collaboration)
With more than a few years of experience, Andres is specialized in the Unified Communications and Collaboration technologies. Consulted for several companies in South Florida, also Financial Institutions on behalf of Cisco Systems. Andres has been involved in high-profile implementations including Cisco technologies; such as Data Center, UC & Collaboration, Contact Center Express, Routing & Switching, Security and Hosted IPT Service provider infrastructures.

“I’m all over the place, I’m literally involved in anything that I can get involved into. I have a day job as a Network, UC and Collaboration Architect for a Cisco Partner, I co-own an e-Learning company called Collaboration Technologies USA based in South Florida, and I’m the guy that is always writing about multiple things technology at  Collaboration Engineer blog, which started as I was getting started on Cisco Collaboration, and now you see me again but this time pretending to know and learn about Security and CyberSecurity”

You can follow Andres using Twitter, LinkedIn or Facebook

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.