Security Architect

Security Analyst

What does a Cyber Security Analyst do?

Information security analyst is responsible for protecting all sensitive information within a company. With the rise in hackers and data breaches sweeping throughout companies and the government, there’s a greater need to keep personal and top-secret information safe from cyberattacks. Information security analysts help develop, implement, and ensure compliance of policies to protect an organization’s data from being inappropriately accessed or used, by erecting firewalls and encrypting data transmissions to secure confidential information as it is being received or transmitted. These attacks may come from inside or outside the company.

Information security analysts focus on three main areas:

  • Risk assessment - identifying problems an organization might face
  • Vulnerability assessment - determining an organization’s weaknesses
  • Defence planning - installing protections, such as firewalls and data encryption programs

Information security analysts promote security awareness in the company. This works with improving the security of its computer data and improving network and server efficiency. They document tests, security and emergency policies, and procedures. Information security legal requirements may change, therefore the analyst must stay abreast of regulatory requirements.

An information security analyst remains current on reports of computer viruses, decides if updated protection is needed, and shares this information with the company or customer. The security analyst also organizes and conducts training for all employees regarding company security and information safeguarding. They also maintain or modify computer security files to add or incorporate new software, change a person's access status, and correct errors.

Information security analysts create plans to prevent any malicious or inadvertent use of data, create plans for emergency use, train users on security measures, and monitor access to data. Along with these duties, they may also be tasked with going over information on viruses and ensuring virus protection is in place. They may be asked to take a look at risks of data exposure as well as make sure that security systems are in place and working as designed. They may also serve as experts on application development project teams to ensure the application complies with the organization’s information security standards.

The information security analyst may be included in planning for other threats to the organization's data, such as threats caused by severe weather, maintaining power to servers in case of a local outage, and planning for continuing operations at alternate sites in case the main operations site needs to be shut down.

Path to become an Analyst

When you choose the path toward a security analyst career, you will start in an entry level job as an applications system analyst, progress into a senior analyst position and then advance as a systems analyst specialist.

Your entry level job will ask for an undergraduate degree and possibly 1-to-2 years in an internship or other experience. Your part time IT job in college might just provide the sort of experience you need. You will work with the senior analysts to brainstorm solutions to security problems and work to synthesize the various business systems.


When you move into the senior analyst position, you might consider a graduate degree, or a graduate-level certificate in cyber security. Your duties will expand from your previous position to include coordinating the efforts of the business executives and the technical team to come up with synergistic tech strategies. When you are coordinating between non-technical people and the programmers, your writing skills will be tested in that you will need to convey highly technical information to those who may not be as familiar with that jargon.