Security AnalystJob Description, Salary, Career Path, and Trends
Protecting sensitive information is a significant concern for every company, and organizations need security analysts to determine best how to secure their data and make sure that data stays secure. A security analyst protects computer networks from cyber attacks, creates cybersecurity policies and practices for the entire organization, and documents security breaches.
Security testing is also a big part of a security analyst’s job. Security analysts work with an IT security team to test their networks and look for any weaknesses in their security measures. The security analyst then develops a plan to account for that weakness. A security analyst needs to stay adaptable. Cybersecurity is ever-changing and keeping up on the latest trends in cyber attacks and security measures is critical for every security analyst.
Security analysts also take part in creating an organization’s disaster recovery plan for the company to follow in an emergency. That often includes planning how data is stored and backed up as well as how the organization can restore its network to proper function after a disaster or emergency.
Sample job description #1
Operational support for information security tool alerts, triaging, and maintenance
Operational support for information security tool alerts, triaging, and maintenance
Execute on information security activities such as vulnerability management, application development security, business continuity, networking, risk management, etc.
Perform first level incidence response and computer forensics activities
Assess security controls and evaluate security posture of organizational internal controls
Evaluate third party relationships for compliance to organization security standards
Collaborate with IT department and Business colleagues to develop security programs as an SME
Researches security trends, new methods, and techniques used in order to preemptively eliminate the possibility of system breach
Serve as Subject Matter Expert (SME) on information security related projects and initiatives assigned
Maintain confidentiality on all sensitive security matters
Excellent time management and communication skills
Strong ability to research technical challenges and learn quickly to provide security guidance
Familiarity with compliance regulations (e.g. FERPA, HIPAA)
Demonstrated ability of analytical expertise, close attention to details, critical thinking, logic, and solution oriented
Minimum three years experience directly related to Information Security
Have an undergraduate degree from an accredited institution in an IT related field (preferred)
Certificates, licenses and registrations
Must have industry recognized certifications in CISSP, GIAC, or similar (or achieve within one year of employment)
Must be able to travel 0-10% of time
Must be able to lift 20 lbs.
Typical office setting
Mobility within the office including movement from floor to floor
Travel via plane, car, and metro may be required to perform this job
Must be able to work more than 40 hours per week when business needs warrant
Access information using a computer
Effectively communicate, both up and down the management chain
Effectively cope with stressful situations
Strong mental acuity
Regular, dependable attendance and punctuality are essential functions of this job
Sample job description #2
ABC Company is currently seeking an Information Security Analyst to join our client’s team in (State). This is a fully remote, contract-to-hire position. Must live in (State).
Monitor events and triage alerts across various security platforms
Identify and resolve false positive findings reported by information security tools
Monitor email and ticketing systems for security related issues and follow through until resolution
Stay up-to-date with adversary tactics, techniques and procedures (TTPs) and IT news
Knowledge of Information Security Concepts
Experience with log analysis and familiarity with various SIEM tools (Splunk, Elastic, ArcSight, QRadar, etc.)
Experience with various scripting languages (Bash/PowerShell/Python)
Familiarity with functionality of Windows, Mac OS X, and Linux operating systems
General Information Technology and Computer Networking knowledge preferred
Sample job description #3
As a GCP Cloud Security Analyst, you will be at the front lines with our clients supporting them with their cloud security needs to securely navigate their journey to the cloud on the leading cloud platforms, by supporting the implementation of industry-leading practices around cyber risks and cloud security for clients. You will execute on cloud security engagements during different phases of the lifecycle – assessment, design, implementation, and post-implementation reviews, particularly you will:
Have foundational knowledge of cloud cyber risk for Google Cloud Platform
Assist in guiding clients on their transition from on-premise security technologies to cloud-native options and assist clients with the deployment of cloud-native and third-party technologies to secure cloud platforms
Support cloud security assessments and provide recommendations on required configurations for client’s google cloud platforms and environments based on ABC Company’s Cloud Cyber Risk Framework
Design, develop, and implement cloud platform-specific security policies, standards, and procedures
Troubleshoot problems with cloud infrastructure (e.g., domain name service, virtual network peering, dedicated cloud connectivity services – Google Cloud Dedicated Interconnect) and resources (e.g., virtual machines, virtual networks, cloud databases) in a multi-cloud vendor environment and document technical platform issues, analysis, client communication, and resolution as part of cyber risk mitigation steps
Assist in the design, implementation, management, and automation of DevSecOps capabilities in cloud offerings (e.g., Google Functions, Python, JSON, Terraform)
Support the team on proposals, whitepapers, proof of concepts, technical eminence materials, and firm initiatives
BA/BS Degree is required. Ideally in Computer Science, Cyber Security, Information Security, Engineering, Information Technology
Ability to work independently and manage multiple projects/assignments/responsibilities in a fast-paced environment
Demonstrated leadership and strong verbal and written communication skills
Demonstrated problem solving and critical thinking skills
Ability to travel up to 50% (While up to 50% travel is a requirement of the role, due to COVID-19, non-essential travel has been suspended until further notice)
Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future.
Strong academic track record (GPA of 3.2 preferred)
Relevant work experience or work experience in a professional environment (e.g. internships, summer positions, school jobs)
Foundational knowledge of cloud computing and/or cybersecurity
Full stack development experience
Experience with JSON, Python, XML, and the ability to write automation scripts
Experience with Terraform or other IaC tools
Foundational knowledge of security and privacy-related industry standards and frameworks (e.g., ISO 27001/2, NIST 800-53, NIST CSF, CSA CCM) is a plus
Knowledge of IP networking, VPNs, DNS, load balancing, and firewalling concepts
Average salary and compensation
The average salary for a security analyst is $140,000 in the United States. Position salary will vary based on experience, education, company size, industry, and market.
Los Angeles, California
Minneapolis-St. Paul, Minnesota
New York City, New York
Sample interview questions
Where do you see yourself in five years? In ten?
What makes you a good fit for this company?
What sparked your interest in information security?
What makes you a great security analyst?
Describe three ways to authenticate someone.
Explain how to secure a network. What factors would you take into consideration?
What would you do if someone with more authority than you demands that you break protocol?
We match top professionals with great employers across the country. Your next career move or star employee is just around the corner. Review our career content and advice, browse our latest job openings, or email us your resume. We look forward to connecting with you soon!