Skip to Main Content

Home Explore Careers

Information Security Analysts

The Job

Data breaches at major U.S. retailers are frequently in the news today. Financial and personal information from tens of millions of consumers has been compromised, and it seems like each week brings a new hacking scandal at a major retailer. But that’s just one problem information security analysts must address as technology continues to make life easier for consumers and information seekers, but also increases opportunities for cybercriminals. “The United States faces real [cybersecurity] threats from criminals, terrorists, spies, and malicious cyber actors,” said FBI director James B. Comey at a recent security conference. “The cyber threat is different than the terrorist threat, of course, because we have not yet experienced a watershed event like the attacks of September 11th, but we all recognize that we are at risk and that we must act quickly.” Denial of service attacks, malware, viruses, threats from internal sources, and even attacks on computer systems that run critical infrastructure used in oil and gas pipelines and water supply, electric power distribution, and transportation systems, are just a few of the critical threats that information security analysts must identify and address.   

Duties for information security analysts vary by job title, type and size of employer, and other factors. The following are the main duties performed by analysts:

  • ensure that new or current information technology systems meet their organization’s information assurance and security requirements
  • install, configure, test, operate, maintain, and manage networks and their firewalls, including hardware and software that permit the sharing and transmission of data
  • install, configure, troubleshoot, and maintain firewalls and data encryption programs to protect sensitive information
  • manage user accounts, firewalls, and patches and oversee user access, passwords, and account creation and administration
  • test, operate, and maintain systems security
  • conduct assessments of threats and vulnerabilities to computer systems
  • identify, analyze, and report suspicious events and activities that occur or might occur within computer networks and other systems
  • respond to crises or urgent situations to mitigate immediate and potential threats
  • collect, analyze, and present computer-related evidence in support of network vulnerability mitigation, and/or fraud, criminal, law enforcement, counterintelligence investigations
  • engage in surveillance and counter surveillance methods and use surveillance detection strategies and interview and interrogation techniques to gather evidence of security breaches or related issues
  • analyze collected data to identify vulnerabilities and the potential for exploitation
  • identify and assess the capabilities and activities of foreign intelligence entities or cyber criminals and prepare status reports for their superiors
  • help organization employees install or use new security products and procedures
  • research the latest information technology security trends and threats
Related Professions