3 answers
Asked
1415 views
How different is being a Computer Systems Analyst from being a Information Security Analyst?
I am interested in both careers but I am wondering which might be a better pick for me. I am interested in the IT field so either sounds good to me.
Login to comment
3 answers
Updated
Scott’s Answer
Security is a specialized area, so general SA training may not be focused enough. But does a security analyst need to know everything an SA knows? No, because many SA issues are not security related.
In summary, a security analyst lives and breathes security, but not, say, performance for example. An SA needs to think about everything at the 10K foot level, which includes security, but is not necessarily a security expert nor the last word in security.
In summary, a security analyst lives and breathes security, but not, say, performance for example. An SA needs to think about everything at the 10K foot level, which includes security, but is not necessarily a security expert nor the last word in security.
Edmond Momartin ☁️
Public Cloud Security & Compliance AT&T | MBA InfoSec | OWASP-LA Board
75
Answers
Los Angeles, California
Updated
Edmond’s Answer
A Computer Systems Analyst deals primarily with computer systems (both hardware and software), the architecture, how they interact w/ network and ancillary systems, etc.
On the other hand Information System Analysts job is primarily focused on the "information" that resides in those computer systems and are one level removed from them. Their job is to devise/design and maintain systems that protect an organization's data and the information they hold.
In my opinion, with proliferation of public cloud, i.e. AWS/Azure/GCP there is a skills shortage in information security than computer systems.
Definition:
AWS: Amazon Web Services
Azure: Microsoft's pubic cloud computing platform
GCP: Google Cloud Platform
On the other hand Information System Analysts job is primarily focused on the "information" that resides in those computer systems and are one level removed from them. Their job is to devise/design and maintain systems that protect an organization's data and the information they hold.
In my opinion, with proliferation of public cloud, i.e. AWS/Azure/GCP there is a skills shortage in information security than computer systems.
Definition:
AWS: Amazon Web Services
Azure: Microsoft's pubic cloud computing platform
GCP: Google Cloud Platform
Updated
RAVI’s Answer
I am in product marketing organization developing and delivering large scale services for global enterprise customers currently. But I also had 15 years of software development and systems analyst role prior to moving to business side. My suggestion is probably a bit more broader than the one ones above.
A security analyst focuses more on securing the data, privacy and network to make sure each and every transaction is designed and developed to ensure the data is secure at rest, it is secure during transit between applications, and is secure during transit through the network. All of this may or not be done by the same person. It may be a team of individuals depending on the size of the overall system, each working on specific aspect !
An information system analyst focuses on how to solve the business problems in the framework of locations, network, and systems, how to make them perform better, how to keep the user experience simple and quick etc. They have to define the architecture to make all this happen and also include security requirements as part of their overall solution. Again it could be one person or a team of individuals.
Both of these functions need a little bit of knowledge about each other to be successful in their respective jobs. I would say they are dependent on each other.
When I start a large development project I engage both systems analyst, security analyst and network analyst to work together to deliver the solution needed to meet the business requirements to deliver useful service securely, reliably, and perform well.
Hope this helps.
A security analyst focuses more on securing the data, privacy and network to make sure each and every transaction is designed and developed to ensure the data is secure at rest, it is secure during transit between applications, and is secure during transit through the network. All of this may or not be done by the same person. It may be a team of individuals depending on the size of the overall system, each working on specific aspect !
An information system analyst focuses on how to solve the business problems in the framework of locations, network, and systems, how to make them perform better, how to keep the user experience simple and quick etc. They have to define the architecture to make all this happen and also include security requirements as part of their overall solution. Again it could be one person or a team of individuals.
Both of these functions need a little bit of knowledge about each other to be successful in their respective jobs. I would say they are dependent on each other.
When I start a large development project I engage both systems analyst, security analyst and network analyst to work together to deliver the solution needed to meet the business requirements to deliver useful service securely, reliably, and perform well.
Hope this helps.