Information security analysts plan and carry out security measures to protect an organization's computer networks and systems. Their responsibilities are continually expanding as the number of cyberattacks increases.
Duties
Information security analysts typically do the following:
Monitor their organization's networks for security breaches and investigate a violation when one occurs
Install and use software, such as firewalls and data encryption programs, to protect sensitive information
Prepare reports that document security breaches and the extent of the damage caused by the breaches
Conduct penetration testing, which is when analysts simulate attacks to look for vulnerabilities in their systems before they can be exploited
Research the latest information technology (IT) security trends
Help plan and carry out an organization's way of handling security
Develop security standards and best practices for their organization
Recommend security enhancements to management or senior IT staff
Help computer users when they need to install or learn about new security products and procedures
Information security analysts must continually adapt to stay a step ahead of cyberattackers. They must stay up to date on the latest methods attackers are using to infiltrate computer systems and on IT security. Analysts need to research new security technology to decide what will most effectively protect their organization. This may involve attending cybersecurity conferences to hear firsthand accounts of other professionals who have experienced new types of attacks.
IT security analysts are heavily involved with creating their organization's disaster recovery plan, a procedure that IT employees follow in case of emergency. These plans allow for the continued operation of an organization's IT department. It includes preventive measures such as regularly copying and transferring data to an offsite location. It also involves plans to restore proper IT functioning after a disaster. Analysts continually test the steps in their recovery plans.
Because information security is important, these workers usually report directly to upper management. Many information security analysts work with an organization's computer and information systems manager or chief technology officer (CTO) to design security or disaster recovery systems.
With the Career Query Tool you can search our career profile database by setting specific criteria, such as salary, location and educational requirements!