WHAT DOES A CYBER SECURITY DO?

Updated: Jun 26, 2025 - The Cyber Security Professional focuses on protecting IT infrastructure from evolving cyber attacks and vulnerabilities. It combines technical solutions and human awareness to prevent system exploitation. This role updates and monitors to help maintain a strong defense posture.

A Review of Professional Skills and Functions for Cyber Security

1. Cyber Security Analyst Duties

  • Teamwork Collaboration: Participate in a larger security team and focus on installing, configuring, investigating alerts, anomalies, errors, intrusions, malware, etc., to identify threats, sources, determine remediation, and recommend security improvements or actions.
  • Vulnerability Management: Configure and manage vulnerability scanning and patch management as part of proactive risk prevention.
  • Analytical Following: Follow precise analytical paths (playbooks) to determine the nature and extent of problems being reported by tools, e-mails, etc.
  • Reporting Compliance: Follow strict guidance on reporting requirements.
  • Management Communication: Keep management informed with precise, unvarnished information about security posture and events.
  • Workflow Promotion: Promote standards-based workflow.
  • Stakeholder Engagement: Engage with internal and external parties to get and share information to improve processes and security posture.
  • Documentation Production: Produce design documentation.
  • Threat Analysis: Lead analysis, investigation of anomalies, and threats.
  • Cross-functional: Work across business lines, especially with IT on the integration of products/services and DevOps and the cloud environment.
  • Report Creation: Create management-friendly reporting from tools.
  • User Support: Work with end-users to investigate threats.

2. Cyber Security Analyst Details

  • Ticket Analysis: Analyze and approve security requests in Tier 1 ticket queues.
  • System Maintenance: Requisition, install, and maintain new and existing servers and systems.
  • Root Cause: Perform root cause analysis when investigating suspicious trends, outages, or disruptions.
  • Patch Management: Identify and apply necessary updates and patches.
  • Product Tuning: Configure and tune security products to eliminate false positive alerts and increase and maintain deployment coverage.
  • Task Execution: Execute tasks under the direction of cybersecurity architects.
  • Documentation Management: Create and maintain system documentation and procedures.
  • Security Knowledge: Familiar with security best practices.
  • Networking Knowledge: Familiar with networking and TCP/IP protocol.
  • OS Management: Install, manage, and maintain Windows and Linux operating systems.
  • Security Frameworks: Familiar with various security architectures and methodologies (Defense in Depth, Kill-Chain, NIST, Critical Controls, OWASP, etc.).

3. Cyber Security Architect Responsibilities

  • Cloud Architecture: Assist with the design and execution of a holistic cybersecurity architecture for SSHS cloud infrastructure.
  • Tool Oversight: Oversight and support of the security tools used to protect, detect, and respond to security threats in the cloud.
  • Solution Leadership: Lead the testing, launch, and continuous improvement of SSH’s cloud cybersecurity solutions.
  • Expertise Provision: Provide subject matter expertise in Cloud technologies (AWS, Microsoft Office 365, ERP) and support security documentation by providing subject matter expert input into policy, standards, and guidelines.
  • Automation Knowledge: Know cloud automation and deployment frameworks with regard to use in highly available environments (Azure Resource Manager/Azure Functions).
  • BYOD Awareness: Familiar with BYOD strategies to ensure the protection of data.
  • Process Consistency: Ensure excellent consistency, documentation, and process across all programs.
  • Security Advising: Proactively advise the business on how to maintain its security posture.
  • Compliance Collaboration: Work with the compliance team to ensure policies and procedures are embedded into systems (data retention, access policies, etc.).
  • IT Collaboration: Work with IT to automate dynamic access provisioning for employees into systems.
  • System Design: Provide enterprise systems design, technical project leadership, system implementation, ongoing operational support, proactive analysis, and capacity planning.
  • Case Documentation: Accurately document and maintain case information including case notes, issue/problem resolution, root cause information, and knowledge base/support articles.

4. Cyber Security Consultant Job Summary

  • Security Consulting: Provide security advisory and consulting services to key stakeholders for procuring and implementing technology solutions and/or services.
  • Stakeholder Collaboration: Work with various stakeholders and project teams to ensure the effective implementation of security architecture, policy and standard requirements to mitigate security risk.
  • Risk Treatment: Provide cost-effective and efficient risk treatment strategies.
  • Risk Understanding: Exercise a good understanding of risk-based approaches, balancing business needs against potential security risks.
  • Practice Development: Develop security practices and procedures such as Threat Risk Assessments (TRA), to sustain the continuous assessment of changes to the Ontario Power Generation (OPG) business and technical environment, and evidence associated with the performance of security assessments.
  • TRA Execution: Perform thorough TRAs on Applications, Systems and Cloud services.
  • Technical Review: Review and approve technical changes, and support the Chief Information Officer (CIO) functions as the Security Subject Matter Expert in this regard.
  • SPOC Role: Act as the cybersecurity single point of contact (SPOC) for projects initiated by the Office of the Chief Information Security Officer to provide security requirements, direction and make decisions.
  • Creative Solutions: Contribute creative solutions to technical and process challenges.
  • Threat Awareness: Keep abreast of external threats, technology and business changes.
  • Relationship Building: Build and maintain key stakeholder relationships.
  • Stakeholder Education: Educate stakeholders on complex cybersecurity issues to obtain alignment and improve general awareness.

5. Cyber Security Engineer Functions

  • System Design: Design, implement and test information security systems and solutions.
  • Security Protection: Protect systems by applying information security best practices to the design, build and operational phases of the technology lifecycle.
  • Installation Oversight: Oversee the installation and configuration of information security solutions.
  • IT Oversight: Oversee the Information Technologies being installed within the organization and supporting customer-facing solutions.
  • Issue Troubleshooting: Troubleshoot information security-related issues.
  • Security Training: Serve as a security representative and conduct information security training.
  • Problem Recognition: Recognize problems by identifying abnormalities in the information management systems, reporting violations.
  • Security Improvement: Implement security improvements by assessing the current situation, evaluating trends, and anticipating requirements.
  • Audit Conducting: Determine security violations and inefficiencies by conducting periodic audits.
  • Network Monitoring: Monitor network activity to identify issues early and communicate them to IT teams.
  • Incident Response: Respond to alerts and resolve security-related incidents.
  • Collaboration Management: Collaborate with management, staff, department heads and external partners or regulators.

6. Cyber Security Engineer Job Description

  • Security Reviews: Participation in security reviews and assessments and decision-making in the deployment of security controls.
  • Tool Management: Manages, monitors and supports various IT security logging and auditing tools.
  • Incident Response: Responds to and acts on IT security intrusions, threats and attacks.
  • Strategic Recommendation: Understands business strategy and recommends appropriate cost-effective security controls.
  • Innovation Seeking: Seeks and provides innovative solutions to improve Information Security.
  • Security Training: Participates and provides Information Security Awareness training.
  • Policy Support: Assists with policy, procedure, and process review, editing, and writing.
  • Professional Development: Attend security forums, training, and/or conferences.

7. Senior Cyber Security Engineer Overview

  • Security Support: Support the Nuance Global Security operations, vulnerability management and shared security services teams.
  • Implementation Leadership: Lead the implementation of operational security objectives.
  • Independent Work: Work independently on deliverables.
  • Team Engagement: Engage and partner with systems teams on the implementation of standards-based security objectives.
  • Procedure Documentation: Document security operational procedures, standards as well as assessment reports.
  • Architecture Assessment: Conduct security architecture, design assessments.
  • Personnel Coaching: Coach and support junior personnel.
  • Test Assistance: Assist in the execution of segmentation tests.
  • Coordination Management: Coordinate with other Global Security Services teams to ensure that vulnerabilities are effectively reported and managed.

8. Cyber Security Manager Tasks

  • Requirement Analysis: Breakdown of project cyber-security requirements and tailoring with respect to the project in question.
  • Policy Implementation: Definition and implementation of project cybersecurity guidelines, policies and rules.
  • Project Support: Project-wide support for implementation of the corresponding cybersecurity measures (hardware, software, training).
  • Supervision Management: Supervision of the implementation of security measures.
  • Monitoring Advising: Constantly monitoring the cybersecurity measures, advising project team members regarding IT security questions.
  • Coordination Liaison: Coordination with the Corporate Security department, security administrators and IT administrators.
  • Documentation Reporting: Cyber-security documentation and reporting, both internally to management and externally towards the Customer, including formal cyber-security reports and audits.
  • Resource Management: Management of the project cyber-security resources (time, man-hours, budget, hardware, licenses).
  • Risk Management: Identification and analysis of cybersecurity vulnerabilities, risk assessment and mitigation.

9. Cyber Security Specialist Roles

  • Project Contribution: Contribute to cybersecurity, data protection and privacy-related projects.
  • Strategy Assistance: Assist in the implementation of the Cyber Security Strategy.
  • Environment Setup: Assist in Dev/Sec/Ops environment setup and contribute to its security aspect.
  • System Design: Design secure systems and applications, liaise with business divisions for cyber-related requirements analysis.
  • SME Role: Act as a Subject Matter Expert (SME) for Wind’s Cloud end-to-end secure architecture, including AWS and future providers.
  • Vulnerability Management: Manage the vulnerability assessment efforts including processes and technology, liaise with InfoSec on penetration tests and assurance activities, and have knowledge of VA tools operation.
  • Solution Leadership: Lead new solutions implementations, PoVs and manage new projects.
  • Industry Knowledge: Maintain current knowledge of the industry by keeping abreast with the latest technologies and threats.
  • Presentation Preparation: Prepare presentations and project updates for related projects.
  • Cybersecurity Advising: Act as an advisor for cybersecurity and accelerate the cybersecurity transformation.
  • Awareness Support: Assist and contribute to cybersecurity awareness activities.
Relevant Information
What Does A Cybersecurity Engineer Do?
What Does A Cybersecurity Manager Do?
What Does A Cybersecurity Architect Do?
What Does A Cybersecurity Director Do?