Information Security Analyst Job Description
Information Security Analyst Duties & Responsibilities
To write an effective information security analyst job description, begin by listing detailed duties, responsibilities and expectations. We have included information security analyst job description templates that you can modify and use.
Sample responsibilities for this position include:
Information Security Analyst Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Information Security Analyst
List any licenses or certifications required by the position: CISSP, CEH, GSEC, GIAC, SSCP, OSCE, OSWP, OSCP, ISACA, ISSA
Education for Information Security Analyst
Typically a job would require a certain level of education.
Employers hiring for the information security analyst job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and University Degree in Computer Science, Information Security, Education, Technical, Information Technology, Information Systems, Business, Engineering, Management, Cyber Security
Skills for Information Security Analyst
Desired skills for information security analyst include:
Desired experience for information security analyst includes:
Information Security Analyst Examples
Information Security Analyst Job Description
- Assisting with the coordination and execution of IT security projects for the the organization under the guidance and oversight senior team members
- Implementation, support, and administration of vulnerability assessment, patching updates and compliance services and appliances
- Assisting in auditing to ensure security policy compliance
- Collaborate and build relationships with engineering, operations and build teams
- Develop and implement an information security and IT risk management program
- You will also be expected to work with the various business units and stakeholders with regards to IT Risk assessment and risk management processes
- Continuously maintaining an intimate knowledge of the rapidly changing cyber-security landscape by synthesizing information about cyber-security from various sources such as Homeland Security, CERT, media, vendors and research organizations
- Conducting data classification assessment and security audits and manage remediation plans as directed by Senior Security Personnel
- Assisting with coordination and execution of IT security projects for the university under the guidance and oversight senior team members
- Preparing IT documentation and Department and University Policies and procedures as needed
- Deep understanding of security operations, log analysis, intrusion detection
- Confident knowledge of network, application and host security technologies
- Bachelor’s degree required preferably in Information Technology, Business, Supply Chain or related field
- Timely provision of access to every application supported by the group based on the direction of the application owner, the hiring manager, and the user
- Timely deprovision of access when notified
- Six or more years in information security
Information Security Analyst Job Description
- Automate and integrate security tools and activities
- Optimizing information Securityprocedures and processes
- Managing identity and Access Management strategy and platform
- Performing Information Security Reporting and Metrics
- Proactively and iteratively searching through datasets to detect and respond to threats and anomalies
- Produce actionable threat analysis and remediation strategies in written and presentation form
- Remediation of potential risks associated with cyber threat trends and attack vectors
- Information Security project management leadership
- Maintain an up to date awareness of the information security industry, focusing on new or revised security solutions, improved security processes and the development of attacks and threats
- Record and undertake root cause analysis for security incidents, escalating reportable incidents to Senior Management as required and advising users on further actions
- Bachelor Degree in Engineering, Computer Science or Information System
- Good understanding of the commonly used concepts, practices, and procedures within the Information Security
- Must understand concepts and practical implementations infosec risk management
- Practical experience with deployment and/or operation of commonly used information security solutions
- Some Experience with conducting Threat and Risk assessments and Vulnerability Assessments of IT systems
- Minimum 2 years in a large corporate environment
Information Security Analyst Job Description
- Be a key member of a team of information security leaders, applying your expert knowledge of solution architecture to champion security best practices across cloud related projects
- Analyze infrastructure solutions and make recommendations to safeguard information assets as they move to the cloud
- Define detailed security requirements for deployment of applications and network infrastructure components
- Participate in focus groups to help define security requirements for new and emerging technologies
- Communicate with stakeholders to drive decisions and push tasks forward
- Provide information security expertise and support to assist in the achievement of both corporate and cloud compliance programs
- Oversee a continuous monitoring program to confirm Management may assert the control environment is operating effectively
- Conduct risk assessments in SSAE16 SOC 1 and SOC 2 environments and collect evidence in support of audits
- Assist external auditors conducting annual compliance audits by reviewing all evidence to confirm it satisfies the items included in the document request list
- Utilize industry experience and knowledge to provide expertise and support to ensure company’s security framework remains in compliance with applicable regulations including evolving data privacy regulations
- 5+ years of Progressive experience in Computing and Information systems, including experience in Internet Technology, Operating Systems and Security issues
- CISM, or CISA (Desirable)
- Familiarity with risk analysis methodologies, security standards
- 2+ years Information Security Analysis experience
- 2+ years Security Information and Event Management (SIEM) experience
- Possess a degree in Computer Science, Information Systems or related field, or the equivalent work experience
Information Security Analyst Job Description
- Creating and collecting metrics in regards to the various programs
- Analysis of controls and regulations
- Work with strategic vendors to implement single sign-on and user provisioning / certification processes
- Drive overall infrastructure support including server hardware and software in an enterprise level production environment
- Coordinate hardware replacements, troubleshooting storage, memory, and network performance/usage issues
- Identify and provide root cause analysis and problem resolution for all related system issues
- Deliver reports required to measure risk mitigation and identify areas requiring remediation
- Enable operational backup or support for other processes on the team as required
- Analyze, respond, and mitigate cyber security threats and vulnerabilities
- Support regulatory examinations and internal audits as needed
- Bachelor Degree in computer science, engineering, information security, mathematics or an equivalent combination of education, training, and experience
- A minimum of 3 years of work experience in Information Security, IT, IT Audit, or Compliance
- Strong experience in Windows and *nix environments
- Must demonstrate effective, decision making, results delivery, and the ability to stay current with relevant technologies and security practices
- Ability to work in an office environment and concentrate on complex tasks for extended periods of time
- Ability to lift and handle computer equipment and associated hardware
Information Security Analyst Job Description
- Working with IT to improve data quality in the bank’s recertification system
- Participating in UAT before main recertification cycles begin
- Performs access control and account administration of critical information resources using established guidelines
- Provide information security consulting, training, and support
- Monitor, audit, and test systems and networks for security risks and for compliance with applicable federal, state, university, and departmental policies
- Research, evaluate, and assess the security needs and requirements of ASIS supported departments
- Manage, advise and report on customer impacting IT Security Incidents
- Provide on-going support and assistance in conducting Information Security audits
- Conduct analysis and reviews of information protection technologies and processes to identify technical security weaknesses
- Monitor and record compliance with operational security standards and procedures
- Working knowledge of Windows, Linux server and desktop operating systems and related technologies and concepts
- Interact and communicate professionally and effectively with technical and non-technical clients, including communication of relevant risks and updates to end users
- Provide support in CAMS & TDI TS internal and external audits, general security assessments, and Enterprise IT Risk Programs
- Support the documentation, communication and execution of a First Line governance program, aligning CAMS and TDI TS risk activities with Enterprise programs and direction
- Support for and/or execution of risk assessments of IT assets and processes owned or supported by CAMS and TDI TS
- Document and report on risks and issues identified in the CAMS and TDI TS environment