4 answers
Asked
775 views
Whats Work like for Information Security Analysts.
I'm a Student enrolled at Job Corps going in for training in Computer Networking and Cyber Security. I am curious about the work environment of Information Security Analysts. I'm wondering about things like what are some of the daily tasks, is there variety in them, is the work schedule flexible, is there opportunity for travel, things like that. #information-technology #cyber-security
Login to comment
4 answers
Updated
Peter’s Answer
others already provide wonderful advice. please bear in mind to ask this question. why do you want to be a security analyst? is it the job/money or personal interest. never pursue something because of the earlier since the job will be stressful enough to burn people out. make sure you really want to go there and willing to prepare yourself to get what is needed.
Updated
Jessica’s Answer
Hi Robert!
The day to day of security analysts can vary based on the job descriptions but a SOC analyst in a security operations center tends to do a few things:
- Monitoring the SIEM (security incident event management tool) and looking for any alerts that come through
- Investigating the alerts to see if they are malicious activities or not
- Performing initial triage to try and fix the issue or contain it to the spot it's in so it doesn't do any more damage
- Some analysts will then do the incident response process to fully fix the issue and document what happened
The tasks will vary depending on the alerts that come through and how they need to be handled and depending on where you work as well.
Many companies will also run a 24/7/365 SOC which means that there would be shift work and potentially have you working overnight or a mid afternoon into night shift, depending on the need. As far as I've seen, many analysts don't travel much unless it is to conferences and such like DEFCON or Blackhat.
The day to day of security analysts can vary based on the job descriptions but a SOC analyst in a security operations center tends to do a few things:
- Monitoring the SIEM (security incident event management tool) and looking for any alerts that come through
- Investigating the alerts to see if they are malicious activities or not
- Performing initial triage to try and fix the issue or contain it to the spot it's in so it doesn't do any more damage
- Some analysts will then do the incident response process to fully fix the issue and document what happened
The tasks will vary depending on the alerts that come through and how they need to be handled and depending on where you work as well.
Many companies will also run a 24/7/365 SOC which means that there would be shift work and potentially have you working overnight or a mid afternoon into night shift, depending on the need. As far as I've seen, many analysts don't travel much unless it is to conferences and such like DEFCON or Blackhat.
Thank you, your answer was really helpful, I appreciate it.
Robert
Updated
Sumitra’s Answer
Hi there! Cybersecurity is a domain that offers various opportunities and as you mentioned about information security analyst, the job can have diverse responsibilities. Besides monitoring SIEM tools and SOC, analysts also contribute towards threat modeling and assessing risks given customer requirements and project specifications.
Work schedule can be flexible as well with the nature of responsibilities being handled and ofcourse one can get a chance to provide on-site services for instance, set-up and testing of security analysis infrastructures. That again depends on customer requirements.
Hope it helps! 😊
Work schedule can be flexible as well with the nature of responsibilities being handled and ofcourse one can get a chance to provide on-site services for instance, set-up and testing of security analysis infrastructures. That again depends on customer requirements.
Hope it helps! 😊
Thank you, it helped a lot.
Robert
Updated
Eric’s Answer
Cyber security analysts perform a number of roles as the title is used generically. When many folks think of analysts we consider individuals that work in or with security operations centers. These analysts identify threats, determine if they are real or a false positive and escalate as necessary. Most security analysts are the "tip of the spear" in that they see incidents before almost anyone else. These folks work 24x7x365 and may handle some very stressful situations.
Analysts usually work one of three shifts and rarely travel. I would only envision travel for educational purposes (training). As analysts advance and become more involved with remediation there may be opportunity to travel to explain incidents/breaches and/or triage incidents at a customer site. Analysts may work for a firm or as contractors or consultants at an MSSP (managed security services provider) where they monitor, manage, and maintain security operations for multiple customers. This type of environment provides a more dynamic experience and exposes individuals to a broader subset of security tools.
I recommend checking out my podcast, Cyber Security Grey Beard as I focus specifically on students, early professionals and retrainees in the cyber security field. I have a number of episodes you may find of interest. Just search for Cyber Security Grey Beard on your Podcast application of choice or go to https://cybergreyberad.buzzsprout.com. Good luck and email me at cybergreybeard via gmail if you have other questions or want follow up data.
Analysts usually work one of three shifts and rarely travel. I would only envision travel for educational purposes (training). As analysts advance and become more involved with remediation there may be opportunity to travel to explain incidents/breaches and/or triage incidents at a customer site. Analysts may work for a firm or as contractors or consultants at an MSSP (managed security services provider) where they monitor, manage, and maintain security operations for multiple customers. This type of environment provides a more dynamic experience and exposes individuals to a broader subset of security tools.
I recommend checking out my podcast, Cyber Security Grey Beard as I focus specifically on students, early professionals and retrainees in the cyber security field. I have a number of episodes you may find of interest. Just search for Cyber Security Grey Beard on your Podcast application of choice or go to https://cybergreyberad.buzzsprout.com. Good luck and email me at cybergreybeard via gmail if you have other questions or want follow up data.