3 answers
Asked
657 views
What does your typical day look like as an information security analyst?
I understand that information security analysts are responsible for preventing cyber-attacks for companies and organizations. I would just like to know the details of your average day at work.
Login to comment
3 answers
Updated
Casey’s Answer
As has been mentioned, Information Security Analyst or Security Engineer or CyberSecurity Specialist or (insert your bland Security-role-name) are very overgeneralized terms and don't give you a good indication of what your day to day looks like.
There's a couple really good answers that provide you some examples of roles, but ultimately, I've found there's ALWAYS areas to improve, automate, and collaberate in whatever the job looks like. Additionally every company / job is different, so even if you get an idea from one job, only about 15% transfers to the next!
Over time, as you get experience, you'll learn the nuance / differences between roles and decide what you like doing (Defense, Offense, Architecture Reviews, Compliance, Forensics, etc.) and will be able to look at job postings with a better eye of responsibilities to determine if it's a good fit for what you are looking for.
Another key aspect that doesn't get talked about a lot is that security impacts EVERYONE in a company. Therefore, much of our job as security persons is relationship building, and collaboration. Understanding how people work, how to interact, how they think....it's probably the most important part of most security jobs (especially as you get into higher roles). Do not underestimate the power of connecting with other teams outside security. It will pay itself back 10-fold.
That said, in my day to day (more Sr. Security Role):
- I spend a lot of time collaberating with Engineering teams to ensure our security measures aren't going to be overly burdensome + actually fix problems
- I spend a lot of time designing/documenting security solutions for implementation
- I spend a lot of time mentoring and ensuring projects aren't blocked by anything
- I spend some time coding (mostly proof of concept, data gathering)
- I spend some time consulting with security design reviews / threat modeling
- I spend a moderate amount of time engaging with compliance to ensure our technical controls are also compliant
Hope this helps!
There's a couple really good answers that provide you some examples of roles, but ultimately, I've found there's ALWAYS areas to improve, automate, and collaberate in whatever the job looks like. Additionally every company / job is different, so even if you get an idea from one job, only about 15% transfers to the next!
Over time, as you get experience, you'll learn the nuance / differences between roles and decide what you like doing (Defense, Offense, Architecture Reviews, Compliance, Forensics, etc.) and will be able to look at job postings with a better eye of responsibilities to determine if it's a good fit for what you are looking for.
Another key aspect that doesn't get talked about a lot is that security impacts EVERYONE in a company. Therefore, much of our job as security persons is relationship building, and collaboration. Understanding how people work, how to interact, how they think....it's probably the most important part of most security jobs (especially as you get into higher roles). Do not underestimate the power of connecting with other teams outside security. It will pay itself back 10-fold.
That said, in my day to day (more Sr. Security Role):
- I spend a lot of time collaberating with Engineering teams to ensure our security measures aren't going to be overly burdensome + actually fix problems
- I spend a lot of time designing/documenting security solutions for implementation
- I spend a lot of time mentoring and ensuring projects aren't blocked by anything
- I spend some time coding (mostly proof of concept, data gathering)
- I spend some time consulting with security design reviews / threat modeling
- I spend a moderate amount of time engaging with compliance to ensure our technical controls are also compliant
Hope this helps!
Updated
Roberto’s Answer
That is a great question ! and by the way Information Security is one of the fastest growing disciplines in the Information Technology fields.
There are many different things Information Security analysts can do. The most frequent activities may include:
1- Designing, reviewing and/or firewall policy changes
2- Using specialized tools and experience to assess proper levels of hardening on applications and systems
3- Using specialized tools and experience to conduct scans and penetration tests (very exciting LOL)
4- Watching for events and alerts then poring over information in order to spot patterns of malicious activity
5- Pouring over massive amounts of collected data in order to perform forensic analysis after incidents (I call this the Infosec CSI and it is very fun)
6- Advising teams on what is acceptable or not regarding certain changes (telling people what then cannot do because is not secure)
This is just a very small list of tasks that are easy to understand for the "uninitiated" but the truth is that the depth in this field is tremendous and it just continues to get better. Overtime you would have made all of those things and more and depending on what your role is and your experience there could be really busy days when you have to do all of the above (and more) during a single day. You will never get bored !
Good Luck !
There are many different things Information Security analysts can do. The most frequent activities may include:
1- Designing, reviewing and/or firewall policy changes
2- Using specialized tools and experience to assess proper levels of hardening on applications and systems
3- Using specialized tools and experience to conduct scans and penetration tests (very exciting LOL)
4- Watching for events and alerts then poring over information in order to spot patterns of malicious activity
5- Pouring over massive amounts of collected data in order to perform forensic analysis after incidents (I call this the Infosec CSI and it is very fun)
6- Advising teams on what is acceptable or not regarding certain changes (telling people what then cannot do because is not secure)
This is just a very small list of tasks that are easy to understand for the "uninitiated" but the truth is that the depth in this field is tremendous and it just continues to get better. Overtime you would have made all of those things and more and depending on what your role is and your experience there could be really busy days when you have to do all of the above (and more) during a single day. You will never get bored !
Good Luck !
Updated
Wilson’s Answer
For me, my work is more client facing than directly from companies or security team so hopefully this would be helpful.
My typical day would be that my team and I would be asking the client and their application stakeholders on what issues they have and what they want to protect/control. We would note them and analyze possible recommendations for them.
Once we have enough information, we start looking at solutions that would help them. Then, we would provide a Proof of Concept (PoC) to them and the client will pick which solution path they want to go for.
Once they pick a solution path, we will work with that and try to test the solutions. Then, we will show the client the results. If they seem fit with it, their team will implement it themselves.
My typical day would be that my team and I would be asking the client and their application stakeholders on what issues they have and what they want to protect/control. We would note them and analyze possible recommendations for them.
Once we have enough information, we start looking at solutions that would help them. Then, we would provide a Proof of Concept (PoC) to them and the client will pick which solution path they want to go for.
Once they pick a solution path, we will work with that and try to test the solutions. Then, we will show the client the results. If they seem fit with it, their team will implement it themselves.