WHAT DOES A CYBERSECURITY ANALYST DO?

Published: September 30, 2024 - The Cybersecurity Analyst is responsible for communicating and supporting security recommendations to align with business objectives while ensuring effective client engagement. This role provides guidance over control testing activities, ensuring adherence to regulatory and cybersecurity requirements, and collaborates with the compliance team for proper integration of controls and compliance metrics. Additionally, the analyst tracks cybersecurity issues and risks, monitors remediation actions, and interacts with other teams to enforce security requirements effectively.

A Review of Professional Skills and Functions for Cybersecurity Analyst

1. Cybersecurity Analyst Duties

  • SOC Support: Support daily SOC activities to monitor for and respond to security events 24x7x365.
  • Incident Response: Support and/or lead regular incident response and lessons learned exercises.
  • Event Investigation: Support security event investigations and partner with other departments.
  • Tool Improvement: Partner with the security engineering team to improve tool usage and workflow, as well as with the advanced threats and assessment team to enhance monitoring and response capabilities.
  • Proactive Participation: Participate as part of the incident response team in both a proactive and reactive capacity.
  • Security Integration: Work with various teams to assist in building security into the selection of technologies and processes.
  • Program Management: Interface with and assist in managing the Information Security, Risk Management, Vulnerability Management, Incident Management, and Compliance Management programs.
  • Operations Management: Play a key role in managing the security operations center.
  • Cloud Security: Support cloud security capabilities including but not limited to IPS/IDS, WAF, Cloud AV, SIEM, and IAM/Zero Trust.
  • Performance Monitoring: Continuously monitor and improve security system performance.

2. Cybersecurity Analyst Details

  • Security Improvement: Implement ongoing security improvements across all systems and endpoints (e.g., servers, platforms, laptops, website, etc.) by actively assessing the company infrastructure, trends, and use cases.
  • Compliance Monitoring: Provide first-level compliance monitoring and investigations, recognizing problems by identifying abnormalities and reporting violations.
  • Third-Party Assessment: Complete assessments of third parties that the company wishes to engage with and respond to assessments from third parties that wish to engage with us.
  • Security Coordination: Coordinate security tasks falling within the company IT calendar, such as penetration tests, access audits, vulnerability assessments, and more.
  • Project Support: Assist the IT team in delivering a wide range of IT projects, driving hardening within projects, upholding Change Control processes, and conducting project appraisals.
  • Incident Management: Record, track, and remediate Information Security incidents.
  • Standards Compliance: Assist the company in reaching globally recognized standards, such as Cyber Essentials and ISO 27001.
  • Threat Research: Actively research the current landscape to stay abreast of current threats or improvements in the world of Cyber Security and use this to anticipate future security requirements in line with company growth plans.
  • Documentation Management: Create and maintain IT-related documentation, including company policies.
  • User Training: Provide training to end users on the company’s IT systems and security measures.
  • Data Protection Support: Work closely with the Data Protection team to optimize data protection and privacy for the company.
  • IT Administration: Support the IT administration team.

3. CyberSecurity Analyst Responsibilities

  • IAM Expertise: Act in a strategic capacity as a technical expert for all Identity & Access Management (IAM) technologies, tools, and processes across the organization for both on-premise and cloud-based solutions.
  • Access Design: Design and configure access management solutions based on industry best practices.
  • Roadmap Input: Provide input to the IAM capability roadmap and strategy.
  • Activity Alignment: Align all Access Management, Privileged Access, and Identity Management (PAM/PIM), and Directory Service activities.
  • SME Support: Serve as a Subject Matter Expert (SME) for application security access provisioning solutions.
  • On-Call Support: Participate in management On-Call support on a rotational basis.
  • Vulnerability Enforcement: Enforce vulnerability management processes.
  • Communication Skills: Demonstrate written and oral communication.
  • Policy Development: Assist in the development of policies and procedures.
  • Leadership Direction: Provide input for direction to company leadership.
  • Training Provision: Provide direction and training to all Cybersecurity Compliance personnel.
  • Risk Reporting: Report operational and security risk information to company leadership.

4. CyberSecurity Analyst Job Summary

  • GRC Support: Provide assistance in maintaining, supporting, and operating the CN Cybersecurity GRC framework, including IS classification, risk management processes, security-related policies, as well as their dissemination and constant evolution to adapt to business realities.
  • Security Communication: Communicate and support security recommendations to meet business objectives in a proactive and pragmatic manner, ensuring an appropriate level of engagement with clients to ensure success.
  • Control Testing: Provide support and guidance over control testing activities and ensure adherence to regulatory and Cybersecurity requirements.
  • Security Documentation: Ensure adequate and effective security controls are documented and followed.
  • Compliance Collaboration: Collaborate with the compliance team to ensure proper integration of controls and compliance metrics.
  • Issue Follow-Up: Follow up on Cybersecurity issues and risks and their relationship with business impacts.
  • Remediation Tracking: Track and follow up on remediation actions following risk assessment and/or security testing activities.
  • Compliance Guidance: Provide guidance during the assessment and/or review of new IT solutions and/or new and existing technology to maintain compliance with regulatory requirements (e.g., Sarbanes-Oxley, PCI, SWIFT, etc.) and security requirements.
  • Security Interaction: Interact with other cybersecurity teams and various I&T entities as necessary to understand, apply, and enforce security requirements.

5. Cybersecurity Analyst Accountabilities

  • Ticket Coordination: Coordinate tickets between multiple teams to ensure completion.
  • Service Pre-Processing: Pre-process service requests as they arrive through email, manual entry, or direct business input.
  • Vulnerability Scheduling: Schedule internal Vulnerability Scans through SIEM & EVM tools.
  • Request Monitoring: Monitor service requests to ensure prompt action and completion.
  • CISO Communication: Communicate with the CISO as required, keeping informed of incident progress and notifying of impending changes or agreed outages.
  • IDS Analysis: Perform IDS monitoring and analysis, analyze network traffic, log analysis, and prioritize and differentiate between potential intrusion attempts and false alarms.
  • Investigation Tracking: Create and track investigations to resolution.
  • Alert Notifications: Compose security alert notifications.
  • Incident Advising: Advise incident responders on the steps to take to investigate and resolve computer security incidents.
  • Incident Detection: Detect, monitor, analyze, and resolve security incidents.
  • Incident Participation: Participate in security incident handling efforts in response to a detected incident.
  • Regulatory Awareness: Maintain awareness of trends in security regulatory, technology, and operational requirements.