what does a security analyst do?

  • job profiles
  • September 03, 2020

Today’s security analysts are like gatekeepers, auditors, detectives, bodyguards and sentinels all rolled into one (and with high-level tech savvy, to boot). As a rule, in fact, they tend to be lifelong learners. And that’s because these data security and incident response experts must stay up to date on the latest trends and developments impacting their field, since that’s the only way to thwart malicious actors, guard sensitive data — and generally keep organizations safe from digital threats.

This important work is becoming mission-critical for organizations: With the proliferation of always-connected smartphones and the growth of IoT, it seems like everything is a potential target. No surprise then, that opportunities in this space are expected to increase by 31 percent in the coming years, according to the latest forecast from the U.S. Bureau of Labor Statistics.

Taking a 30,000-foot view, the key responsibilities of today’s top security analysts (sometimes called “Information Security Analysts” or “IT Security Analysts” on job boards) include:

  • monitoring and probing networks to proactively prevent cybersecurity breaches
  • investigating known violations and making changes to add greater protection going forward
  • collaborating with software developers and network administrators on cybersecurity measures
  • researching, recommending and installing best-in-class security software and encryption tools to help protect sensitive information
  • reporting security breaches and documenting the extent of the damage for senior-level leadership
  • partnering with cybersecurity analysts, systems analysts and other stakeholders on security measures
  • carrying out penetration testing in order to eliminate system vulnerabilities before attackers can exploit them
  • monitoring the latest trends and tools in information technology (IT)
  • staying up to date with local, state, federal and international regulations around data security and privacy

Moving to a more granular level, tasks that are commonly assigned to these security professionals include:

  • recommending security standards and instituting security best practices
  • identifying key security enhancements and sharing them with cross-functional stakeholders
  • monitoring and reporting on emerging security threats on an ongoing basis
  • leading front-line efforts to recover following violations or breaches
  • educating colleagues across the organization on any potential vulnerabilities, and helping them become more knowledgeable about cyber risks and various threat vectors
  • installing or updating security-related applications and software

how do you become a security analyst?

Are you an aspiring security analyst eager to land the ideal opportunity? If so, we recommend:

  • checking out the latest openings on job boards
  • signing up with a staffing firm that can proactively identify relevant positions based on your interests and experience — and if you want, these hiring pros will even email new opportunities directly to your inbox the minute they become available

Finally, if you want to add new security skills to your wheelhouse, the good news is that there are plenty of great resources that you can take advantage of right now. Check out all of the cybersecurity resources on Udemy, our learning partner, if you aren’t sure of where or how to get started.

what are the key skills of a security analyst?

Success as a security analyst depends on having a lot of hard skills, to be sure: penetration testing, risk modeling and more. A bachelor’s degree in computer science may be required for the role, as well.

But that doesn’t mean you can afford to overlook the role that soft skills play in the day-to-day duties of most security analysts. Take communication and reporting, for example, which are two key responsibilities for security analysts — and both obviously draw on soft skills as well as hard.

With that in mind, as you put your resume together and begin to apply for jobs, be sure to highlight soft skills like:

  • analytical thinking
  • teamwork
  • leadership capabilities
  • the ability to effectively partner with cross-functional stakeholders
  • attentiveness to detail
  • written and verbal communication skills
  • time management and organizational aptitudes
  • emotional intelligence

how much does a security analyst make?

Compensation can vary considerably, so the following is based on a combination of sources. Actual compensation will likely depend on your location, market, responsibilities, background and relative level of expertise.

  • low $96,745
  • mid $124,892
  • high $147,282

Plus, if you’re keen to get even more detailed information about compensation in your location or market, you should take advantage of our free salary comparison tool. It’ll give you all the inside intelligence about compensation you could possibly need.

key takeaways

We've covered all of the ins and outs of daily work for your average security analyst in some detail at this point. Hopefully, you have a pretty clear idea of what to expect in the role, as well as the next steps to pursue if you're looking to break out in this field.

A quick recap of what we've covered:

  • what security analysts do
  • training, experience and core requirements frequently associated with the role
  • essential skills for success
  • salary expectations for security analysts
  • … and a whole lot more!

What happens next is up to you, of course, but if you feel like you’re ready to make the next step in your career, why not start searching for security analyst jobs?