INFORMATION SECURITY ANALYST SKILLS, EXPERIENCES, AND JOB REQUIREMENTS

Published: Aug 28, 2025 - The Information Security Analyst demonstrates expertise in both technical and non-technical aspects of information security, including investigation, risk assessment, and evaluation of technologies. This role requires a strong understanding of network protocols, security tools, and industry standards to maintain robust system protection and regulatory compliance. The analyst also collaborates effectively across teams, communicates at all organizational levels, and stays current with emerging security trends and technologies.

Essential Hard and Soft Skills for an Information Security Analyst Resume
  • Application Security
  • Policy Development
  • Network Monitoring
  • Incident Response
  • Penetration Testing
  • Risk Assessment
  • Vulnerability Testing
  • Firewall Management
  • Cloud Monitoring
  • Threat Detection
  • Problem Solving
  • Communication
  • Analytical Thinking
  • Team Collaboration
  • Cross-Functional Collaboration
  • Client Engagement
  • Security Awareness
  • Stakeholder Collaboration
  • Process Improvement
  • Training Delivery

Summary of Information Security Analyst Knowledge and Qualifications on Resume

1. BS in Computer Engineering with 7 years of Experience

  • IT administration experience with a focus on information security responsibilities such as patch management, provisioning, system hardening, and permissions management
  • Additional work experience and/or trade school or applicable certifications
  • Previous NCCI experience and have demonstrated the technical competencies and in-depth understanding of the current technologies
  • Basic knowledge of at least one computing platform, including Windows, macOS, or Linux
  • Experience managing security tools
  • Working knowledge of information security concepts, principles and practices
  • Excellent written and verbal communication skills
  • Excellent time management skills
  • Proven learning agility and seeks to excel, be curious and adaptable
  • Ability to follow established procedures and identify areas for improvement
  • Ability to maintain a high level of professionalism and confidentiality
  • Ability to function in a dynamic work environment requiring cross-divisional coordination and communication
  • Ability to work well under pressure
  • Ability to be on-call and work outside of regular business hours

2. BS in Information Systems with 5 years of Experience

  • Significant knowledge and expertise in IT control functions, audits, Client IT/IS policies and standards, information security
  • Must be able to work collaboratively with Cyber Security Services teams and business partners, providing compliance guidance and administering the company’s compliance policies/procedures promptly
  • Excellent written and verbal communication skills
  • Strong knowledge of Microsoft tools such as Excel, Word, SharePoint, Visio, and PowerPoint
  • Must have Certifications (CISSP, CISA, CRISC, ITIL)
  • Familiarity with Information Security, compliance or internal controls function, Customer service request processing such as help desk functions
  • Understanding of information technology concepts such as change management
  • Able to work both independently and as a team player 
  • Ability and desire to effectively meet challenges and influence and drive consensus within the team
  • Able to work independently and in large groups
  • Ability to learn new applications quickly

3. BA in Information Technology with 3 years of Experience

  • Proficiency in scripting and programming languages like JAVA, JavaScript, Python
  • Experience supporting REST and SOAP API web services calls
  • Strong understanding of enterprise network - DMZ, BIG IP, VIP, Firewalls, Proxy
  • Strong verbal and written communication skills
  • Good knowledge of Mobile Platforms (IOS, Android)
  • Experience with supporting one-time password technology using Voice, SMS, and Biometrics
  • Experience in the Biometrics (Voice/Face/fingerprinting, etc.) / Dyadic Authentication products/MongoDB
  • Must have ITIL / CISSP certification

4. BS in Network Engineering with 8 years of Experience

  • General understanding of cybersecurity topics such as vulnerability management, incident response, endpoint protection and email security
  • Proficient at technical writing and documenting procedures and processes
  • Ability to exhibit sound judgment and express verbal and written information effectively
  • Good written communication and presentation skills
  • Demonstrated ability to interact with people and translate complex concepts into easy-to-follow ideas and present to all levels of the organization
  • Strong analytical and project management skills
  • Ability to prioritize efficiently while multitasking, dealing with interruptions and working in a high-paced, energetic environment
  • Must be high-energy, detail-oriented, and proactive
  • Must have the ability to function under pressure in an independent environment
  • Must provide the necessary skills to have a high degree of initiative and self-motivation to drive results
  • Intermediate to strong skills in Information Security
  • Expert skills to troubleshoot, problem solve, and follow documented procedures
  • Strong strategic, thoughtful risk-taking experience
  • Strong technical background (Windows, AIX, Linux, UNIX, databases (Oracle, DB2), web applications), including basic network fundamentals

5. BS in Computer Science with 6 years of Experience

  • Experience in Operations Reporting, Client Communications, Project Management, or equivalent combination of education and work experience
  • Experience with Unix Systems, Java and .NET Enterprise Level Application development or relevant technical experience
  • Excellent written and verbal communication skills
  • Ability to create clear and concise client communications
  • Ability to communicate effectively with Senior Management and stakeholders of all levels
  • Must be able to work collaboratively with CS teams and business partners
  • Must have certifications (CISSP, CISA, CRISC, ITIL)
  • Foundational understanding of Information Security and/or Cyber Security Operations
  • Ability to multitask and deliver under tight timelines
  • Experience with Functional IDs, service accounts, password management and automation
  • Advanced proficiency with Microsoft Office tools and software

6. BA in Philosophy with 9 years of Experience

  • Experience in information technology
  • Experience in a healthcare environment
  • Ability to identify complex problems, involve key parties, gather pertinent data and consider various options in the decision-making process
  • Skilled at applying problem-solving skills in a logical, systematic way to resolve issues
  • Ability to manage time effectively to be productive in prioritizing, scheduling and planning work day to meet customer needs
  • Ability to juggle different work activities and shift attention from one task to another without losing sight of details and timelines
  • Ability to influence others to build consensus and gain cooperation
  • Ability to negotiate disagreements positively and constructively while considering the contributions of other team members to reach a mutually acceptable solution
  • Skilled at sharing information in an appropriate and timely manner, showing mutual respect and genuinely soliciting the feedback of others
  • Ability to effectively tailor communications to various audiences including peers, customers and leadership
  • Experience in incident coordination and preparedness
  • Ability to provide timely analysis and documentation for incident and exercise reporting
  • Understanding of TD’s organizational structure, infrastructure, products and services
  • Able to exercise judgment and to communicate complex issues in a clear, simple and/or understandable manner
  • Excellent organizational, analytical and problem-solving skills with a strong attention to detail
  • Excellent time-management and organizational skills to manage multiple deadlines and tasks with varying priority levels

7. BS in Information Assurance with 7 years of Experience

  • Expert knowledge in IT Security frameworks and solutions
  • Active participation in IT Security Forums inside/outside of the Legal Industry
  • Must be able to communicate effectively across the entire organization
  • Operating knowledge of security issues associated with one or more of the following network platforms and related Edge devices such as Cisco, Nexus, Checkpoint, Aruba, Riverbed
  • Strong security knowledge of O/S (desktop and server), such as Windows, Linux
  • Strong security knowledge of browser security issues (IE, Safari, Chrome)
  • Ability to learn new technologies and security features
  • Knowledge of Windows and Unix (Linux) operating systems
  • Excellent analytical, problem-solving and troubleshooting skills
  • Excellent organizational, interpersonal, communication and customer service skills
  • Knowledge of ITIL Service Management principles
  • Experience working in the capacity of an Information Security Analyst

8. BS in Mathematics with 4 years of Experience

  • Experiences in IS or compliance processes
  • Experience in project management or in business reporting
  • Good knowledge of Microsoft Office products, i.e., Word, Excel, PowerPoint, Outlook
  • Ability to work in a virtual team
  • Must have excellent written and verbal communication in English
  • Experience Governance Risk and Compliance program
  • Working experience in Information Security Control and risk assessments
  • Demonstrates an understanding of information security concepts
  • Ability to quickly learn, become competent in, and effectively apply new skills
  • Ability to prioritize and execute tasks in a complex

9. BS in Computer Networking with 5 years of Experience

  • Expert knowledge of IT security and risk disciplines and practices
  • Advanced knowledge of organization, technology controls, security and risk issues
  • Demonstrated ability to participate in complex, comprehensive or large projects and initiatives
  • Ability to serve as a lead expert resource in technology controls and information security for project teams, the business, organization and outside vendors
  • Strong written and verbal communication skills
  • Experience with penetration testing 
  • Must have Wireless, Network and TCP/IP skills along with Unix command, bash scripting, and/or Python coding
  • Good knowledge of adversarial activities in cyberspace with an understanding of intrusion set tactics, techniques, and procedures (TTP)
  • Ability to emulate these TTP to assess vulnerability and risk 
  • Familiarity with Advanced Persistent Threat (APT) activity
  • Must have an offensive attack hacker mindset 

10. BA in Law Enforcement with 8 years of Experience

  • Demonstrated experience in an IT Security / Governance, Risk and Compliance-based role
  • Demonstrated experience in information security management
  • Experience of working to, implementing and maintaining compliance with ISO/IEC-27001 and other relevant frameworks (e.g. Cyber Essentials, NIST)
  • Knowledge and experience of developing and conducting risk assessments/business impact assessments
  • Knowledge and experience of developing and performing information security due diligence assessments of third-party organisations based on IT control frameworks such as ISO 27001
  • Practical experience of developing and executing remediation plans to address vulnerabilities/security risks and to achieve compliance with Information Security standards/IT control frameworks such as ISO 27001
  • Experience in audit work to achieve compliance with Information Security standards
  • Experience in implementing and managing effective ISMS controls such as incident response and business continuity
  • Experience of working with external service providers within an Information Security role
  • Good knowledge of a broad range of IT platforms, products, and services
  • Stakeholder management experience at both a technical and non-technical level
  • Working experience in Business/customer-facing 
  • Proven track record of working both in a team and independently

11. BA in Sociology with 3 years of Experience

  • Solid knowledge of security on networking, cloud, infrastructure configuration, endpoint protection and SDLC
  • Knowledge of the standard ISO 27001/2
  • Good communication and social skills
  • Ability to confidently present findings to those with either a technical or non-technical background
  • Self-directed, resourceful, and a critical thinker with attention to detail and proactive problem-solving skills
  • Ability to self-organise and plan activities with commitment towards results
  • Experience in Security Risk Management, Information Security, Security controls or Security/IT Audit
  • Must have Information Security Certification (e.g., CISSP, CompTIA Sec, CISM, CRISC, etc.)

12. BA in Management Information Systems with 9 years of Experience

  • Familiarity with network-based services, client/server applications, mobile applications, enterprise systems and infrastructure, network architecture, and security infrastructure
  • Understanding of firewalls, proxies, SIEM, antivirus and IDPS concepts
  • Understanding of security controls, such as encryption, identity and access management, and vulnerability scanning
  • Experience in a security analyst role within security operations
  • Relevant industry certification such as CEH, Security+ or equivalent
  • Post-Secondary education in Information Security / Assurance, Computer Science, Information Technology, or a related discipline
  • Ability to take initiative and work independently
  • Strong verbal, written communications and task management skills
  • Ability to document and explain technical concepts and details clearly and concisely to a variety of audiences (e.g., technical, business, auditors, etc.)
  • Strong analytical thinking and problem resolution skills
  • Proven self-starter and willing to accept additional responsibilities as the position expands
  • Experience working with an outsourced environment and managing services to objectives and outcomes
  • Strong oral and written English skills

13. BA in Business Administration with 4 years of Experience

  • Deep knowledge of cloud computing and cloud networking concepts
  • Experience with scripting languages, regular expressions and APIs
  • Experience with web, cloud and virtual environments, including AWS and GCP
  • Ability to communicate effectively with all levels of staff
  • Strong support skills, especially when providing support and advice to people with varying technical skill levels
  • Clear understanding of the MITRE ATT&CK framework and how to apply this to incident monitoring, incident response, and threat hunting
  • Ability to document processes, produce lucid reports, evaluate, write procedures, and draft incident playbooks
  • Experience working with remote teams using remote collaboration tools
  • Experience working in a Security Operations Center 

14. BA in Information Technology with 3 years of Experience

  • Understanding of cyber threats, hazards, risks, controls, measures, and mitigations to protect the company's systems and people
  • Demonstrates a keen interest in information security and IT trends
  • Knowledge of ISO 27001 and Cyber Essentials
  • Demonstrated experience within an information systems environment
  • Knowledge of risk analyses, application and system software (including security software and hardware), related capabilities and performance characteristics
  • Understanding of technical security safeguards and principles, theories, techniques, practices, and policies and procedures of information security
  • Knowledge of data communications and the concepts, theories, and practices of advanced technologies
  • Strong written, oral, and presentation skills
  • Demonstrated analysis, problem-solving, and interpersonal skills

15. BS in Computer Engineering with 7 years of Experience

  • Work experience in Information Security, GRC or relevant Audit or Compliance roles
  • Experience with the operation of risk and control assessments to target different levels of information
  • Strong knowledge of common security risks, vulnerabilities, and threats and can escort these issues through triage/risk treatment conversations
  • Knowledge of information security and risk management methodologies and frameworks such as ISO 27002, SOX, COBIT, NIST, GDPR, PCI-DSS, SOC 2
  • Able to discuss issues at technical and business levels with audiences of various backgrounds
  • Strong working knowledge of security frameworks (e.g., NIST Cybersecurity Framework, CIS Critical Security Controls, CIS Benchmarks), and other security standards and methodologies (NIST, CIS, COBIT, ITIL, SOX or ISO27002)
  • Must have demonstrated working experience with security tools used for vulnerability assessment, endpoint protection, event monitoring and correlation
  • Demonstrated working experience in the areas of vulnerability assessment, security monitoring, access management, and Azure cloud security
  • Working knowledge of Tenable Nessus and Security Center, Lumin, Digital Guardian, McAfee, Tripwire, Netwrix, QRadar, Security Onion, F5 Big IP, Cisco Firepower, or OKTA
  • Working knowledge of Microsoft and Windows environments and platforms including Azure, Active Directory, Windows Desktop OS, Windows Server OS, SQL Server, and SharePoint, and Exchange (emphasis on security infrastructure)
  • Analytical skills and attention to detail to provide a quick and effective response to situations that compromise information system security
  • Must have Security certification(s) such as CISSP, SSCP, Security+, GSEC, MCSE
  • Demonstrates a commitment to diversity and inclusion

16. BA in Public Administration with 8 years of Experience

  • Ability to work cross-functionally across different teams to drive innovation
  • Understand and are comfortable with the technical and non-technical components of information security
  • Experience evaluating, selecting and advising on various technologies and service providers related to data security
  • Experience in conducting security violation investigations
  • Work experience or significant information security/IT/networking skills that balance security experience
  • Experience with technologies such as next-generation Firewalls, cloud platforms and cloud security, SIEM, and EDR 
  • Basic understanding of network infrastructure and security technologies, such as TCP/IP, Encryption, Firewalls, Active Directory, Anti-virus, and Vulnerability scanners
  • Familiar with security standards and frameworks, such as ISO, NIST, SANS, and CIS
  • Comfortable working with and learning new technologies
  • Experience using PowerShell 
  • Strong written and verbal communication skills
  • Comfortable interacting with individuals at all levels of the organization
  • Passion for technology and keeping up with the latest information security trends
  • Must have entry/intermediate-level information security certifications

17. BA in Security Management with 3 years of Experience

  • Experience in information security management principles or strong technical skills
  • Basic understanding of the business relevance of information security risks and the current trends and developments in information security
  • Ability to work on several tasks simultaneously
  • Must pay attention to sources of information from inside and outside one’s network within an organization
  • Ability to apply original and innovative thinking to produce new ideas
  • Excellent prioritization capabilities, with an aptitude for breaking down work into manageable parts, effectively assessing the priority and time to complete each part
  • Must have good judgment, a sense of urgency
  • Demonstrated commitment to high standards of ethics, regulatory compliance, customer service and business integrity
  • Strong team values, recognizes the value of a positive team environment and contributes to the creation of this
Relevant Information
Information Security Skills, Experiences, and Job Requirements
Information Security Architect Skills, Experiences, and Job Requirements