Skip to main content
2 answers
2
Asked 897 views

What does a day in the life of a cyber security analyst look like?

I wonder how they work with computer science?

+25 Karma if successful
From: You
To: Friend
Subject: Career question for you

2

2 answers


0
Updated
Share a link to this answer
Share a link to this answer

Justin’s Answer

Hi Delaney,

A day in the life of a cybersecurity analyst involves various tasks focused on protecting an organization’s systems, networks, and data from cyber threats. Here’s an outline of their daily responsibilities and how computer science knowledge plays a role:

1. Monitoring Security Systems:

• Task: Cybersecurity analysts start their day by reviewing security alerts, log files, and monitoring tools to detect unusual activity or threats in the system.
• Computer Science Role: This requires familiarity with network architecture, system administration, and often programming languages like Python or scripting for automation, as they may need to write code to analyze logs or automate repetitive monitoring tasks.

2. Analyzing and Investigating Threats:

• Task: When potential security incidents are detected, analysts investigate them to understand the nature of the threat, its origin, and its possible impact.
• Computer Science Role: Strong analytical and problem-solving skills are essential, alongside knowledge of malware behavior, data structures, and algorithms to reverse-engineer malware or understand how attacks exploit system vulnerabilities.

3. Implementing Security Protocols:

• Task: Cybersecurity analysts enforce security policies, such as access controls and firewall rules, to prevent unauthorized access.
• Computer Science Role: Understanding operating systems, networking protocols, and encryption techniques is vital, as they need to know how data flows through networks and how it can be securely transmitted and stored.

4. Performing Vulnerability Assessments and Penetration Testing:

• Task: Analysts use tools to scan for vulnerabilities and simulate attacks on their own systems to identify and fix weaknesses before hackers can exploit them.
• Computer Science Role: Knowledge of programming, ethical hacking, and cybersecurity frameworks (like NIST or ISO) helps analysts conduct assessments and interpret results accurately.

5. Collaborating with IT and Development Teams:

• Task: Cybersecurity analysts often work with IT and development teams to ensure new systems or applications are secure from the start.
• Computer Science Role: This collaboration requires software development knowledge, including secure coding practices, as they review code for vulnerabilities and guide developers on secure design practices.

6. Training and Educating Employees:

• Task: Educating employees about cybersecurity best practices, such as avoiding phishing scams, helps reduce human-related vulnerabilities.
• Computer Science Role: While this task is less technical, a solid foundation in cybersecurity concepts enables analysts to explain complex issues in simpler terms to non-technical employees.

7. Staying Up-to-Date with Cyber Threats:

• Task: Cybersecurity analysts constantly learn about new vulnerabilities, tools, and techniques, as the cybersecurity landscape changes rapidly.
• Computer Science Role: Keeping up with computer science fundamentals and new technology developments allows them to understand new threats and innovate better solutions.

In summary, a cybersecurity analyst’s role is deeply rooted in computer science principles like networking, programming, data analysis, and system architecture. This knowledge helps them create defenses, analyze threats, and collaborate effectively to secure an organization’s digital assets.
0
0
Updated
Share a link to this answer
Share a link to this answer

Biplab’s Answer

Hi Delaney,

Though I myself am not a cybersecurity analyst, many people on my team are, so I can help answer this question for you.

A day in the life usually involves:
a. Logging on and going through a shift turnover where important information from coworkers' previous shifts are relayed to the analysts working the upcoming shift.
b. Monitoring dashboards for incoming incidents.
c. Analyze, triage, respond, and, if appropriate, escalate security incidents and document analysis. Actions taken may include cross-referencing incoming IPs against databases of known malicious threat actors, detonating unknown files in a sandbox environment to ascertain impact, and providing security recommendations to business users.
d. Updating runbooks as appropriate
e. Providing additional alert refinement and guidance to security engineering team and in some cases doing the detection editing on your own while seeking approval.
f. Providing notes and information in the end-of-shift turnover.

I hope this helps!
0