In this video, Marc Menninger describes key roles and functions performed by IT security analysts. Discover which skills and certifications IT security analysts are expected to have. Learn how many years of experience and other requirements you'll need to qualify for this high-demand IT security job.
- [Narrator] IT security analysts are highly desired because they have a solid depth of experience that they can apply to many critical security functions. The IT security analyst role is very versatile, covering nearly every aspect of IT security, and as the title implies, this job is perfect for someone who loves digging into the details, whether they're technical or legal. In addition to security analyst, common job titles include vulnerability analyst, compliance analyst, incident response analyst, intrusion detection analyst, and audit analyst.
Penetration testers, experts at finding and exploiting security vulnerabilities are also a type of IT security analyst. And you can expect a wide range of opportunities as an IT security analyst based on your role and experience. You could be an IT security analyst for many years starting out as a junior analyst and graduating to a senior analyst. From there, it's up to you if you want to stay at the top of the analyst hill or move on to another IT security job. There are quite of few skills included in almost every IT security analyst job listing.
The most common is strong analytical skills. Alice may be considered geeky or wonky to non analysts, but that's because analysts want to understand how systems or rules work at a deeper level than everyone else. As an analyst, you will be responsible not only for figuring out what happened when a problem occurs, but being able to explain it to people who don't have the analytical skills you do. That's why it's common to see job listings looking for IT security analyst candidates with excellent verbal and written communication skills.
IT security analysts will be expected to handle most problems that fall into their area of responsibility, whether that means relying on personal experience handling similar problems in the past, or knowing which resource will be most likely to have a quick answer. Your job will be to figure out the solution. Processing large amounts of data, whether that's system log data or network traffic often goes hand in hand with IT security analysis. That's why it's not unusual for IT security analyst job listings to request that the candidate have experience in scripting languages such as Perl, Python, or Windows PowerShell.
IT security analyst positions aren't typically entry-level positions. Most job postings require a fair amount of experience. Almost every role will require a Bachelor's degree in a related field. This means an IT field such as a computer information systems degree. Other technical degrees may also be accepted. Many roles will also require five to nine years of experience involving work directly related to the position. You'll need to rely on your experience to solve the problems you'll encounter on the job.
You'll need knowledge of technical topics, such as TCP/IP networking, the OSI model, and routing, and switching. Finally, you'll likely need hands-on experience performing network traffic analysis, analysis of log files from a variety of sources, such as individual host logs, network traffic logs, firewall logs, or intrusion prevention logs, and intrusion analysis and detection. Frequently desired certifications for IT security analysts included CompTIA A+, Network+, and Security+, SANS GIAC certifications, GCIH, GCFE, GCFA, CISM, and CISSP.
The IT security analyst job is a great opportunity for anyone who wants to apply their security experience to help organizations tackle their toughest security challenges.
Looking for study partners?Join the CISSP Exam study group
Demand for information security professionals has never been higher—and it's only projected to grow. Interested in finding a job in this exciting new field? Or simply advancing to the next level? IT security expert Marc Menninger explains how to launch and develop a successful career in information security. Learn about the nine most common security jobs and the duties and qualifications for each role. Learn which security certifications appear in job listings and which ones will help you get the job you want. Follow example career paths to learn how others have progressed: from IT hobbyist to help-desk technician to analyst, systems architect, and more. Marc closes with career advice specific to information security, which will help you succeed in this dynamic and high-demand industry.
- IT security key concepts
- The job marketplace
- IT security success traits
- Career specializations
- IT security certifications
- Getting experience
- Marketing yourself