CYBERSECURITY ANALYST SKILLS, EXPERIENCE, AND JOB REQUIREMENTS

Published: September 30, 2024 - The Cybersecurity Analyst role involves managing IT security administration and solution delivery, including the research, design, and deployment of security measures. This position requires technical expertise in security architectures and access management, as well as familiarity with networking infrastructure concepts and vulnerability management. Responsibilities also include responding to security incidents, executing process improvements, and utilizing tools such as Tenable/Nessus for effective vulnerability management.

Essential Hard and Soft Skills for a Standout Cybersecurity Analyst Resume
  • Network Security
  • Vulnerability Assessment
  • Incident Response
  • SIEM Tools
  • Malware Analysis
  • Penetration Testing
  • Encryption
  • Active Directory
  • Security Policies
  • Scripting
  • Problem-Solving
  • Attention to Detail
  • Communication
  • Team Collaboration
  • Adaptability
  • Critical Thinking
  • Time Management
  • Continuous Learning
  • Leadership
  • Interpersonal Skills

Summary of Cybersecurity Analyst Knowledge and Qualifications on Resume

1. BS in Network Security with 3 years of Experience

  • Knowledge of Defense Readiness Reporting System-Navy (DRRS-N)
  • Knowledge of Enterprise Mission Assurance Support System (eMASS)
  • Knowledge of Navy Vulnerability Remediation Asset Manager (VRAM)
  • Knowledge of Risk Management Framework (RMF)
  • Knowledge of Security Technical Implementation Guides (STIGS)
  • Experience with identifying patterns in historical cybersecurity inspection data
  • Knowledge of Vulnerability Assessments
  • Knowledge of a Responsible, Accountable, Consulted, and Informed (RACI) Matrix
  • Experience with network monitoring in a SOC environment

2. BS in Computer Engineering with 2 years of Experience

  • Experience with working in a team environment
  • Experience with using Microsoft Office Suite
  • Ability to interface with internal and external cyber operations stakeholders to define cross-functional business processes and relationships
  • Experience in extracurricular activities, including school-related IT security clubs, National Collegiate Cyber Defense Competition, or other activities that demonstrate an interest in hands-on practice
  • Ability to navigate through issues on a daily basis and come up with solutions
  • Ability to learn from others while sharing expertise across the team
  • Ability to participate within the Security community through social media interaction, meet-ups, and conferences
  • Possession of excellent verbal and written communication skills

3. BS in Cybersecurity with 5 years of Experience

  • Demonstrated proficiency developing and updating Cybersecurity policies, standards and procedures
  • Ability to facilitate risk assessment and documentation for enterprise policy exceptions
  • Experience with complex an alysis to drive solutions for remediation of risks
  • Experience with developing cybersecurity controls based on a thorough understanding of industry standards and regulations to protect the company from external and internal threats
  • Experience with internal and external audit to drive remediation items to completion
  • Ability to initiate, facilitate and promote Cybersecurity within the organization and collaborate with business partners to manage Cybersecurity needs
  • Ability and desire to monitor changes in the industry and proactively identify the need for changes to existing controls based on the security risk landscape
  • Well-versed in various information security frameworks and standards, cybersecurity regulations and industry compliance requirements
  • Possess a broad base of knowledge across a variety of compliance and control frameworks
  • Demonstrated experience managing competing priorities in a highly dynamic environment
  • Ability to build relationships across functions and inspire trust and confidence through effective communication and interpersonal skills
  • Ability to conform with all corporate policies and procedures

4. BS in Computer Science with 3 years of Experience

  • Strong experience with one or more of the following programming languages: Python, C#, Java, JavaScript, Objective-C, C, C++ - Objective-C, Java and Swift 
  • Deep understanding of OWASP Top 10 and CWE 25 with proven track record and experience in implementing and integrating remediation strategies.
  • Understanding of the basics of a mobile application and platform security concepts
  • Deep understanding of those platforms, and advanced concepts related to SDKs and mobile wallets.
  • Excellent penetration testing, application risk assessment and risk categorization skills, including but not limited to, reverse-engineering, network interception and manipulation, offensive and defensive attacks, as well as database and cross-site scripting injection attacks.
  • Understanding of web applications, development frameworks and web protocols
  • Familiar with the agile development process and have experience integrating secure development practices into the model efficiently.
  • Highly effective communicator and able to write with proper grammar.
  • Solid problem solving and analytical skills, able to quickly digest any issue/problem encountered and recommend an appropriate solution.
  • Self-motivated and able to work independently.

5. BS in Information Technology with 2 years of Experience

  • Experience working in cybersecurity as an analyst or incident responder, preferably in a SOC or CSIRT
  • Excellent understanding of malware families, attack vectors, vulnerabilities, OWASP, MITRE ATT&CK tactics and techniques, threat and outbreak containment, incident response, etc.
  • Experience with EDR solutions (Cisco AMP, Microsoft Defender ATP, Tanium) and with scripting tools and programming languages such as PowerShell. 
  • Familiarity with monitoring cloud-based environments (in particular O365 and Microsoft Azure). 
  • Knowledge of Linux practical forensic analysis
  • Certifications (SANS, ISACA, ISC2, etc.) 
  • Demonstrated leadership qualities, flexibility, adaptability to changes in roles and responsibility 
  • Excellent operational skills, quality and results oriented.
  • Able to negotiate and bring consensus to diverse priorities of product development and solution teams.

6. BS in Information Systems with 4 years of Experience

  • Hands-on SIEM management experience (Splunk/Exabeam)
  • Thorough understanding of the latest technologies, security principles, and protocols
  • Exceptional problem-solving skills
  • Ability to work in a fast-paced environment that requires proactively defining and managing various tasks and priorities concurrently
  • Experience in developing, documenting, and maintaining security policies and procedures
  • Experience with common Information Security management frameworks, such as: HIPAA, GDPR, SOX, ISO 27001/2, and NIST frameworks
  • Strong team skills with ability to listen and build consensus and collaborate with business, IT and Cybersecurity groups
  • Ability to multi-task, and the ability to coordinate and manage vulnerability management activities.
  • Working knowledge of network/malware analysis 
  • Experience with identifying key assets within IT infrastructures

7. BS in Software Engineering with 3 years of Experience

  • Experience working in Security Engineering, Threat Response, Security Operations, IT Operations, IT
  • Understanding of the basic principles of Identity and Access Management processes and advantages of automation
  • Ability to gather business requirements and drive solutions and improvement to end user experience
  • Strong communication skills, both verbal and written with internal stakeholders.
  • Knowledge of industry recognized analysis frameworks (Kill Chain, Diamond Model, MITRE ATT&CK, NIST Incident Response, etc.)
  • Scripting experience with any of the following: C+, Python, PowerShell, Bash, or Java
  • Thorough understanding of fundamental security and network concepts (Operating systems, intrusion/detection, TCP/IP, ports, etc.)
  • Experience in various cloud security solution Guard Duty, Sentinel, Prisma and Security Command Center
  • Experience and knowledge conducting cyber threat analysis originating from phishing emails
  • Previous experience working with network tools and technologies such as firewall (FW), proxies, IPS/IDS devices, full packet capture (FPC), and email platforms
  • Efficient triage and documentation during incident response to effectively brief teammates, shift lead and supervisory levels

8. BS in Electrical Engineering with 1 year of Experience

  • Prior work or comparable experience in IT security administration and solution delivery (research, design, build, deploy, operation and support) practices
  • Technical experience in the security architectures that protect networks from threats and vulnerabilities
  • Fundamental engineering technical skills with Microsoft active directory and authentication technologies
  • Familiarization with engineering concepts and support of access management, Network firewall architecture, vulnerability management and end point security architecture controls
  • Fundamental understanding of networking infrastructure concepts, technologies, protocols, and solutions.
  • Experience in implementing and supporting engineering projects from inception to implementation.
  • Ability to identify, develop and document processes and procedures
  • Demonstrated personal skills to effectively cooperate and communicate with business partners
  • Ability to respond to identified security incidents and risks and execute consistent improvements in processes to identify, detect and prevent threats to the environment
  • Basic understanding of Tenable/Nessus vulnerability management platform
  • Ability to understand, create, and modify Powershell scripts used to process vulnerability management data.

9. BS in Mathematics with 2 years of Experience

  • Experience with network engineering, incident-response, security engineering or intrusion detection on an operational network
  • Possess a current Department of Defense (DoD) Directive 8570 / 8140 IAT Level II Certification.
  • Familiarity with Cybersecurity policies, practice and Basic knowledge of Cybersecurity technical assessments, standards, tools, and processes.
  • Understanding of Linux and Windows Operating systems, in physical and virtual environments
  • Ability to conduct validation testing using automated assessment tools and communicate results.
  • Experience with the RMF 6-Step process as part of DoD programs
  • Experience with Nessus, SCAP, WebInspect, or similar tools for vulnerability detection and remediation.
  • Familiarity with domain structures, user authentication, and digital signatures
  • Understanding of DHS/DoD policies and procedures, including FIPS 199, FIPS 200, NIST 800-53, DHS 4300A SSH and other applicable policies