What Does An Information Security Analyst Do?

WHAT DOES AN INFORMATION SECURITY ANALYST DO?

Published: Aug 28, 2025 - The Information Security Analyst supports IT compliance efforts by monitoring adherence to internal policies and external regulatory requirements at the federal, state, and local levels. This role maintains and analyzes compliance metrics, dashboards, and audit reports to ensure accurate visibility and actionable insights for stakeholders. The analyst also conducts control assessments, identifies deficiencies, and recommends improvements to enhance the effectiveness of IT processes and internal controls.

A Review of Professional Skills and Functions for Information Security Analyst

1. Information Security Analyst Duties

Security Monitoring: Monitor, triage and respond to SIEM, UEBA and EDR alerts for client security events
Incident Investigation: Investigate and resolve faults or abnormal behavioral scenarios on MSS products
Change Management: Research and implement customer-generated change requests for MSS products
Case Escalation: Generate incident cases and escalate to superordinate teams in accordance with time and severity-based SLAs
Infrastructure Maintenance: Perform tasks associated with the installation, turn-up and maintenance of CenturyLink security infrastructure
Skills Development: Participate in company-sponsored job-related activities plus training to further develop management and technical skills
Vendor Assessment: Reviewing and completion of vendor security assessments, data classification, and risk acceptance processes
Metric Reporting: Maintain established regular security metric reporting
Vulnerability Scanning: Maintain and improve established vulnerability scanning, static application security testing (SAST), and other software component analysis (SCA) tools and processes
Cloud Environment: Focus on a Linux-driven, JS/JVM environment on AWS cloud-based architecture

2. Information Security Analyst Details

On-call Support: Perform on-call duties for Fusion Watch response during off-hours as part of TD's incident and event management process
Information Sharing: Engage with information sharing teams to create non-technical communication materials
Stakeholder Notification: Inform critical stakeholders on emerging events that have or may have an impact on TD to ensure consistent information is gathered and shared with appropriate stakeholders
Audience Communication: Communicate to impacted teams and key stakeholders using appropriate language targeted to the audience
Incident Coordination: Facilitate timely engagement and coordinate incident response with core Fusion Centre partners during active information security events/incidents, by facilitating calls, taking minutes and tracking action items
Readiness Assessment: Engage key stakeholders to conduct a detailed internal assessment of TD's readiness against a scenario experienced by the external party
Playbook Management: Establish and maintain Fusion Watch communication and coordination playbooks (for internal incidents and external 'celebrity' events), and a comprehensive list of Fusion Centre partners required for response
Communication Products: Contribute to the development and delivery of Fusion communication products
Stakeholder Engagement: Build and maintain relationships with business units and key stakeholders
Policy Compliance: Adhere to policies, procedures, technology control standards and regulatory guidelines
Process Review: Contribute to internal activity and process review, flag windows for improvement
Issue Escalation: Assess, identify and escalate issues appropriately

3. Information Security Analyst Responsibilities

Tier 3 Support: Responsible for providing tier 3 support for security operations
Security Monitoring: Responsible for managing 24x7 security monitoring, investigation of incidents, process improvements and proactive threat hunting
Threat Investigation: Perform investigation and escalation for complex or high-severity security threats or incidents
Analyst Mentorship: Serve as an escalation resource and mentor for other analysts
Tool Administration: Administer security toolsets supporting Security Operations
SIEM Development: Work with SIEM Engineering and other security partners, developing and refining correlation rules
Task Coordination: Work on complex tasks assigned by leadership, which may involve coordination of effort among Level 1/2/3 analysts
Evidence Management: Coordinate evidence/data gathering and documentation and review of Security Incident reports
Report Development: Define and assist in the creation of operational and executive reports
Tool Requirements: Define tool requirements to improve SOC capabilities

4. Information Security Analyst Job Summary

Risk Identification: Participate and identify security risks companywide and ensure that appropriate data security procedures and products are implemented
Policy Awareness: Maintain an awareness of bank security policies and government regulations about information security
Security Review: Review the development, testing, and implementation of security plans, products, and control techniques
Standards Development: Develop and implement security standards, procedures, and guidelines for multiple platforms and diverse systems environments
Incident Investigation: Investigate and recommend appropriate corrective actions for data security incidents
Regulatory Monitoring: Identify regulatory changes that will affect information security policy, standards, procedures, and recommend appropriate changes
Security Consulting: Provide security consulting and project management services on highly complex information security projects and issues
Issue Resolution: Collaborate and consult with peers, colleagues, and managers to resolve issues and achieve goals
Customer Interaction: Interact with internal customers
Independent Judgment: Receive direction from leaders and exercise independent judgment while developing the knowledge to understand function, policies, procedures, and compliance requirements

5. Information Security Analyst Accountabilities

Security Auditing: Expand security auditing and ensure the proper ongoing operations of security tools
Internal Security: Provide internal information security for other business and IT projects
Secure Configuration: Identifying, documenting, and implementing secure configurations and architectures
Policy Implementation: Oversee information security processes and implementation of policies
Security Metrics: Responsible for security metrics every month to ensure the proper service levels are maintained
Critical Approvals: Provide additional coverage for approvals and notifications to other IT groups for critical time-sensitive operations including firewall changes, password reset approvals, and application vetting
Access Reviews: Ongoing reviews of access controls by investigating improper access, revoking access, reporting violations, monitoring requests, and recommending improvements
Incident Leadership: Provide technical leadership for incident response capabilities including malware analysis, breach investigation, and remediation efforts
Privacy Consulting: Provide internal consulting on Privacy matters including GDPR
Technology Assessment: Maintain awareness of industry trends and their advantages with the ability to make recommendations for improving technology used by the firm
Contract Negotiation: Assist in negotiations of software licensing and support agreements
Project Management: Participate in and/or manage cross-functional team projects to implement new or updated technology
IT Cross-Training: Cross-train other IT staff in the use or maintenance of technology
Knowledge Transfer: Provide information security knowledge transfer to other IT staff and business

6. Information Security Analyst Functions

Security Support: Provides support for security solutions during and after business hours
Standards Compliance: Adheres to and ensures methodologies follow technical standards
Process Documentation: Maintains security process documentation
Technical Engineering: Technical engineer for information security solutions
Cross-Functional Innovation: Work cross-functionally across security engineering to drive innovation
Metrics Monitoring: Track and monitor key metrics
Client Partnership: Develops partnerships with business clients
Subject Expertise: Maintains expertise to function as a subject matter expert in multiple security areas
Regional Contact: Be the Information Security single point of contact and representative in the ASML Chandler region for any Information / Customer security-related topics or issues
Risk Championing: Build excellent working relationships with ASML Business units, championing security risk management within the assigned region
Risk Mitigation: Assess and mitigate the risks associated with the ASML regional network, systems and processes to provide a safe and secure environment
Risk Register: Develop and maintain the Information Security Risk register
Regional Support: Assist the Sector Risk Managers (SRM) in understanding the regional security requirements and risks from regional offices, customers, and suppliers to obtain mutually agreed upon solutions
Security Awareness: Evangelize Information Security policies and raise Security awareness knowledge to foster an attitudinal change in Security knowledge, process, and requirements
Incident Response: Support ASML Cyber Defense Organization (CDO) activities and ensure 7/24/365 response on any major IT security incidents in the region

7. Information Security Analyst Job Description

Threat Identification: Work collaboratively with the BFS Business and Technology stakeholders to identify new and emerging threats facing the BFS business
Risk Analysis: Analyse the potential risk exposure and identify any potential gaps in current governance and control frameworks for remediation
Framework Alignment: Partner with key technology stakeholders to identify opportunities to leverage and/or augment centrally provided security governance and control frameworks
Governance Coordination: Coordinate periodic security governance requirements including senior management reporting, security control framework revisions, etc.
Third-Party Assessment: Assess the information security posture of potential and existing third-party partners and the subsequent risk to BFS
Security Reviews: Undertake and support detailed information security reviews of existing third-party partners
Risk Mitigation: Support the development and implementation of pragmatic risk mitigations to minimize residual security risks associated with third-party partners
Security Expertise: Provide subject matter expertise on security risks to vendor managers and the BFS Vendor Management Office
Assurance Review: Review vendor-supplied independent assurance documentation and support vendor managers to understand and minimise residual risk exposures
Risk Monitoring: Operationalize processes for monitoring and review of security risk monitoring via platforms such as SecurityScorecard and external information feeds
Client Relationship: Maintain strong relationships with internal clients and teams whilst driving acceptable risk outcomes for the organisation

8. Information Security Analyst Overview

Risk Assessment: Assess the information security risks in accordance with NISP and local regulations and collaborate with global CIS to drive remediation of vulnerabilities and risk gaps
Incident Analysis: Analyze cyber security events and incidents, then follow Nike processes to report, remediate, and recover
Vendor Compliance: Perform risk assessments on partners and vendor connections and enforce their compliance with Nike’s security requirements
Security Advocacy: Become an advocate of NIKE's Information security procedures, policies, processes, and standards as a mechanism to enable the business to operate effectively while managing risks appropriately
Risk Visibility: Identify, document, and elevate visibility of information security risks, where business direction creates potential for exposure to employee, athlete, and business-sensitive data streams
Program Alignment: Perform regular review of KISP against NISP and make relevant updates to ensure their alignment
User Training: Train users and promote security awareness across the board to help maintain a high level of system security and improve IT controls to protect Nike’s assets
Privacy Collaboration: Collaborate closely with Legal and Privacy to ensure that security measures are considered appropriately throughout the lifecycle of systems and solutions
Recovery Planning: Develop the territory-specific DR plan and support tech teams to evaluate its efficacy in liaison with CIS TRM team
Control Review: Perform regular security reviews on IT controls in place, e.g., PII data management, security settings in the systems, network, etc
TechOps Coordination: Work closely with the Korea TechOps team to ensure all IT systems and resources are well covered by global security solutions
ISMS Assessment: Liaise with CIS and global technology operation teams to perform the yearly assessment to maintain the Korea ISMS
Trend Monitoring: Stay current on information security technologies, trends, standards, and best practices

9. Junior Information Security Analyst Details and Accountabilities

User Management: Create, modify, and delete user profiles in various systems
Documentation Update: Create, modify documentation related to user profiles management (e.g., request processing, procedure update)
Customer Support: Provide customer service via phone, e-mail and various ticket management systems (Polish and English)
Team Cooperation: Cooperation with technology and other teams on requests and issues related to user profiles management
Project Execution: Complete simple projects end-to-end
Task Scheduling: Realize project tasks with the schedule
Problem Solving: Problem-solving and initiating corrective action plans
Meeting Participation: Active participation in project meetings
Team Communication: Ensure proper communication between team members
Stakeholder Engagement: Engage in special projects representing the Chief Information Security Office and work directly with Business/Technology and Operations stakeholders
Compliance Review: Periodic review of External data transfers and their compliance with Citi standards
Incident Response: Follow pre-defined actions to investigate security incidents or perform incident response actions, including escalating to other support groups
Task Management: Execute daily ad hoc tasks or lead projects
Call Coordination: Participate in or lead daily and ad-hoc conference calls
Process Documentation: Create, update or provide process documentation, or provide requested evidence for compliance and controls requests

10. Cyber Information Security Analyst Tasks

Security Operations: Conduct the full spectrum of operational security support, maintaining an in-depth cybersecurity posture, and providing security program implementation reports
Access Management: Process access requests, plan and manage user accounts, domain groups, accounts, alt tokens and other accounts used to access key system components
Access Review: Conduct periodic reviews of access lists, revoking access
Cryptography Compliance: Maintain awareness and comply with DoD and industry standards and technologies used for cryptography and maintain certificates and infrastructure used to secure system data
Incident Handling: Respond to security incidents and provide incident notification and handling via specific government-directed policies
Log Monitoring: Monitor systems, applications, and logs to identify potential unauthorized access attempts via specific government-directed policies
Vulnerability Assessment: Conduct vulnerability assessments and provide comprehensive scans and audits of complete security boundaries including all network and computer-related assets, policies, and processes, to maintain the required system security posture
Mitigation Strategy: Review, analyze, and develop vulnerability mitigation strategies for all IAVA, IAVB, and OPDirs and implement vulnerability corrections
Breach Response: Respond to major computer security breaches and viruses, with a focus on forensic analysis and understanding of recent intrusion events
Penetration Testing: Conduct offensive penetration, simulation of current adversaries’ tactics and tools and advise on how to ensure appropriate security controls are in place that will safeguard digital files and vital electronic infrastructure

11. Information Security Analyst Roles

Risk Assessment: Follow the Security Risk Assessment process to assess security risk within HL across multiple business processes, functional areas, and IT systems
Approval Oversight: Approve within delegated limits risk assessments and 3rd party due diligence assessments that have been carried out by junior analysts and apprentices
Security Research: Research and report on security-related topics such as threats and regulations
Team Supervision: Supervise the work of junior analysts and apprentices, and provide guidance
Secure Design: Help the Senior team members embed the principle of secure by design throughout the business
Project Engagement: Engage with the SDLC process and project teams and represent InfoSec
Security Training: Participate in a cybersecurity awareness and training program
Audit Support: Assist with ongoing compliance and third-party security audits such as pen tests and PCI-DSS
SIEM Operation: Design, implement and operate a SIEM/SOC/SOAR tool
Intrusion Detection: Intrusion detection systems configuration and monitoring
Incident Response: Identify, contain, remediate and recover from all cybersecurity incidents
Threat Intelligence: Proactive threat intelligence analysis
Data Protection: Data from accidental or unauthorized modification, destruction, or disclosure
Emergency Processing: Adheres to emergency data processing needs
Policy Violation: Reviews violations of security procedures
Violation Training: Provides training to ensure violations do not recur
Access Control: Monitors and restricts access to sensitive, confidential, or other high-security data

12. Information Security Analyst Additional Details

Vault Management: Employee Identity Access Management role supporting the HashiCorp Vault application
ITSM Management: Proactive management of ITSM activities to maximize customer experience and increase the overall value of supported applications/functionalities
Business Support: Provide business support for security applications for identity, authorization, and policy management in a multi-tiered infrastructure
Risk Assessment: Implement risk management procedures, perform security threat assessments
Access Control: Manage user identities and access, and drive compliance with security policies
Defect Resolution: Drive defect resolution through design and development of simple, reusable, service-enabled, maintainable, and scalable security solutions that meet business requirements and comply with information security policies
Team Partnership: Partner with peers and other internal identity access management teams
Governance Alignment: Ensure delivery of services aligns with governance controls and support requirements
Project Delivery: Interlock with cross-functional teams and deliver global projects, working with regional offices
On-call Support: Provide support off shift and be available for on-call support out of standard working hours
Security Research: Research new methodologies to improve security and development practices
Employee Coaching: Coach junior-level employees on application processes and security best practices

13. Information Security Analyst Essential Functions

Alert Response: Review and respond to alerts/logs generated by the security tools
Incident Tracking: Capture and track security incidents and ensure all threats are resolved in line with policies
Risk Communication: Communicating risk to both technical and business-oriented teams
Awareness Activities: Conduct and champion Security Awareness activities
Security Review: Perform Security reviews to detect anomalies and ensure compliance with security policies and procedures
Policy Management: Review and update security policies, procedures and forms
Application Risk: Assess the risks associated with the introduction of new applications, hardware, networks and other communication channels and propose necessary controls
Third-party Assessment: Perform a third-party risk assessment and define required security controls
Customer Assurance: Ensure fulfillment of customers' information security expectations
Data Protection: Coordinate all efforts related to personal data protection

14. Information Security Analyst Role Purpose

Network Monitoring: Operates and monitors network intrusion detection and prevention sensors and other information security monitoring infrastructure
Threat Intelligence: Collects, assesses, and reports upon relevant threat intelligence / actionable security information and appropriately modifies tactical operations
Alert Analysis: Performs analysis and response to Tier I and II security-relevant alerts and events
Traffic Assessment: Assesses network traffic patterns and session data for indicators of malicious activity with assistance
Incident Response: Plays a strong supporting role in prompt and effective response to information security incidents
Vulnerability Remediation: Performs operational assessment, prioritization, and remediation of enterprise vulnerabilities and exposures
Report Delivery: Generates, edits, and delivers reports derived from security tools and GSOC activities
Investigation Support: Support of forensic investigations and penetration testing activity
Cloud Security: Supports the automation and improvement of the overall cloud security posture at Asurion
Audit Remediation: Assists with executing remediation plans for any gaps reported in audits or recommended process improvements that affect core information security services
Knowledge Update: Updates job knowledge by tracking and understanding emerging security practices and standards
Professional Development: Participating in educational opportunities and reading professional publications
Network Engagement: Maintaining professional networks and participating in professional organizations

15. Information Security Analyst General Responsibilities

SSP Development: Develop and support maintenance of System Security Plans (SSP) and related security documentation for internal systems
Audit Preparation: Prepare for, participate in, and support security certification and NIST-800-53-based compliance audits (FISMA, FedRAMP, 800-171, CMMC, etc.)
Evidence Collection: Gather or coordinate the collection of necessary evidence
Assessment Execution: Conduct NIST SP 800-53A assessments on internal systems through personnel interviews and documentation review
Compliance Review: Determine compliance with policies and procedures, recommend corrective actions, and prepare findings reports
POA&M Tracking: Create POA&Ms and track associated mitigation
Vulnerability Review: Review and process monthly vulnerability scan results for assigned systems and work with the technical teams to ensure vulnerabilities are resolved on time
SLA Monitoring: Track SLAs on audit and continuous monitoring findings
Project Management: Self-manage assigned projects, report status, issues and recommendations for success
Incident Investigation: Investigate potential or actual information security violations and incidents and identify areas or issues requiring IT security-related research and development efforts
SOC Certification: Facilitate the process to conduct periodic re-certifications of all SOC tasks and process documentation
Issue Resolution: Resolve basic technical security issues to determine the root cause and implement corrective action with an appropriate level of assistance
Documentation Maintenance: Maintain up-to-date Incident Management Team technical documentation, procedures and workflows to assist in performing event and incident investigations
Tool Testing: Execute test cases on security administration tools used by SOC to perform security investigations
Process Improvement: Identify opportunities to improve the efficiency and effectiveness of SOC processes and procedures
Security Advising: Advise business unit managers, the IT team, and the user community of the security controls to be implemented, ensuring a balance between operational and information security needs
Contingency Assessment: Conduct security assessments, risk analyses and assess contingency plans for Vanguard computer facilities, telecommunications capabilities, and installations to verify the existence and effectiveness of safeguards, as a member of the information security team

16. Information Security Analyst Key Accountabilities

Cyber Transformation: Supporting global, regional and country-level cyber transformation projects, initiatives and ad-hoc activities to uplift, mature and align the APAC technology security control environment
BaU Management: Manage and support Technical Security BaU activities (Security tools, solutions and processes, Regional IT and Infrastructure function liaison and alignment)
Infrastructure Integration: Help ensure regional IT infrastructure integrates and complements global security solutions, ensuring global requirements are met
Global Alignment: Ensure global alignment and support structure in line with the Global CISO operating model for regions, e.g., Anti-Virus, Firewall, DLP, IPS, PAM, Web Proxy
Team Engagement: Ensure Technology teams are engaging and alignment with central teams and functions
Local Compliance: Support local tools and requirements where the need arises, ensuring compliance with Chubb policy and standards
Process Assessment: Conduct assessments of existing security operational processes and recommend changes to associated policies, standards, controls and procedures
Firewall Oversight: Support assurance review over IT-requested Firewall rule changes across the region, ensuring challenge and oversight
Vulnerability Management: Support regional Vulnerability management activities, ensuring globally aligned scanning and reporting services are embedded and consumed in the APAC region
Security Governance: Support Security governance through regular meetings with APAC IT teams to highlight and maintain focus on the regular resolution of infrastructure-related vulnerabilities

17. Information Security Analyst Roles and Details

VMS Reporting: Work with Vulnerability management tooling to extract and produce ad-hoc reporting
Report Customization: Customise and share VMS reports to the line of business in addition to base reporting
Threat Mitigation: Maintain awareness of emerging vulnerabilities and act to mitigate threats and remediate vulnerabilities
Security Testing: Support Security testing activities that may involve the APAC region (red teaming, purple teaming)
Penetration Support: Support and advise Technology teams from the Security perspective on penetration tests, and application scanning vulnerability findings
Remediation Review: Review suggested remediations to ensure appropriateness and issue resolution
Incident Response: Support the Regional and Global Information Security team to respond, analyse and support during a security incident and work closely with the local technology teams and IT system engineers, as well as the Chubb SOC, to resolve the incidents
Post-Incident Review: Participate in post-incident reporting and propose enhancements to the systems and IT infrastructure to close the security gaps
Process Testing: Coordinate periodic testing of information security-specific processes, such as incident response plans
Issue Tracking: Help the RISO team track and maintain a central view of technical security gaps and issues in the regional Issue register
Risk Remediation: Help ensure that risk remediation plans with relevant parties to achieve compliance with security requirements and mitigate identified risks to an acceptable level
Regulatory Support: Support the RISO in the assessment and response to technical cybersecurity-related aspects highlighted in notices, circulars and guidance arising from APAC regulators
Security Principles: Defines and documents relevant information security principles, practices and delivers timely reports on relevant information security metrics
Security Insights: Provide management with insights around the region in relation to Information Security matters

18. Information Security Analyst Responsibilities and Key Tasks

Security Architecture: Participate in the planning and design of enterprise security architecture under the direction of the Chief Information Security Officer
Governance Documentation: Participate in the creation of information security governance documents (policies, standards, baselines, guidelines and procedures) under the direction of the Chief Information Security Officer
BCP Planning: Participate in the planning and design of the Agency's Business Continuity Plan and Disaster Recovery Plan, under the direction of the Chief Information Security Officer
Industry Awareness: Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors
Security Research: Research and recommend additional security solutions or enhancements to existing security solutions to improve the overall security posture of the Agency
Solution Deployment: Perform the deployment, integration and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise's security documents specifically
Baseline Maintenance: Maintain up-to-date baselines for the secure configuration and operations of all in-place devices, when under direct control (i.e., security tools) or support when not (i.e., workstations, servers, network devices, etc.)
Configuration Management: Maintain operational configurations of all in-place security solutions as per the established baselines
Solution Monitoring: Monitor all in-place security solutions for efficient and appropriate operations
Log Review: Review logs and reports of all in-place devices, whether they be under direct control (i.e., security tools) or not (i.e., workstations, servers, network devices, etc.)
Activity Resolution: Interpret the implications of that activity and devise plans for appropriate resolution
Activity Investigation: Participate in investigations into problematic or suspicious activity
Security Testing: Participate in the design and execution of vulnerability assessments, penetration tests and security audits
On-call Support: Provide on-call support for Information Security Incident Response activities
Staff Training: Inform and train staff members on their responsibilities concerning information security procedures
Regulatory Compliance: Support the administrated processes to maintain compliance with regulatory obligations (e.g., PCI DSS)
Asset Compliance: Assist with ensuring that agency technology assets, systems, services, and facilities are compliant with information security procedures
Awareness Outreach: Participate in ongoing information security education, awareness and outreach activities
Threat Monitoring: Monitor threat intelligence and other available information to proactively enhance the Agency's security posture

19. Information Security Analyst Duties and Roles

SOW Management: Partners with IT and business units to create, document and monitor Managed Services statements of work
Control Implementation: Ensures detection and mitigation controls are implemented
Incident Response: Responds to violations following incident management processes and reports out to management
Architecture Design: Works with IT Platform, Application, System and Network teams to create Logical, Physical and Data architecture diagrams
Behavior Normalization: Normalizes endpoint behavior, data access and network traffic
Monitoring Procedures: Implements security monitoring and documents standard operating procedures for the Incident Management Team
Orchestration Support: Works closely with Cyber Security Operation teams to build and maintain security orchestration, playbooks and automation
Process Automation: Identifies opportunity areas to increase efficiency and automates manual processes
Procedure Updates: Creates and updates standard operating procedures and reports out to management on efficiency gains
Monitoring Configuration: Implements security monitoring rules, reports and dashboard while maintaining best practices to ensure maximum security tool efficiency
Event Analysis: Monitors security systems, analyzes events and investigates security-related incidents

20. Information Security Analyst Roles and Responsibilities

Threat Modeling: Creates Threat Hunting models for Endpoints and Network Traffic
Endpoint Analysis: Analyzes endpoint including logging, EDR, IPS and DLP tools
Network Analysis: Analyzes network monitoring including IPS, WAF, PCAP and Netflow tools
Incident Handling: Focuses on critical systems within the client’s network to detect, respond and handle incidents related to unauthorized activity, malware, and APTs
Progress Communication: Keeps management within the department informed by communicating progress, issues, concerns and opportunities
Security Notification: Assesses and immediately notifies manager of any potential information security breach and security issues that may hurt business operations
Process Improvement: Identifies opportunities to improve the quality, efficiency and effectiveness of the department as well as the processes that affect the divisions and the enterprise
Dashboard Awareness: Maintains an awareness of the department's dashboard and provides suggestions to improve performance
Intelligence Identification: Identifies Tactical Intelligence relevant to clients' systems
Response Coordination: Works with Incident Management and Threat management to follow incident response procedures to ensure proper detection, mitigation controls
Threat Escalation: Escalates internal threat issues to the Insider Threat Team

21. Information Security Analyst Duties

SIEM Expertise: Serve as a deeply skilled and knowledgeable resource for the corporate SIEM
Alert Response: Analyzing and responding to alerts generated by the SIEM, the analyst will be expected to tune the SIEM to reduce false positives
Rule Creation: Create custom rules in the SIEM, and advance the capabilities of the SIEM to make it a more effective enterprise security solution
Incident Documentation: Document and track security incidents and breaches using the corporate GRC platform
Dashboard Development: Develop dashboards and metrics to help track the current state of security tooling
Program Advancement: Use these artifacts to guide advancements to the corporate security program
Playbook Creation: Create playbooks that describe standard incident response procedures and the operation of security tooling
Tool Operations: Work with security engineering personnel to take over operational duties for new and existing security tools deployed to the environment
Process Automation: Recommend and implement ways to automate the incident response process through the corporate SIEM/SOAR platforms
Forensic Investigation: Conduct advanced computer and network forensic investigations relating to various forms of malware, computer intrusion, theft of information, denial of service, data breaches, etc.
Gap Remediation: Assist clients in identifying and remediating gaps as identified throughout the investigation
Client Guidance: Provide clients with guidance and advice regarding cyber incidents, forensics, and incident response
Report Writing: Document findings and create well-written reports
Operational Support: Perform operational support of information security technology
Project Delivery: Complete project tasks to enable the on-time, within budget and scope delivery of information security projects
Security Communication: Present new and existing information security information to the workforce and management
Process Development: Develop an incident response process and procedures

22. Information Security Analyst Details

Risk Assessment: Understand technical implementation details necessary to identify and assess security risks and recommend mitigating controls
Compliance Oversight: Participate in the development and oversight of required corrective action plans relating to security compliance issues
Audit Support: Support business relationships with the internal and external security auditors and regulators
Requirement Evaluation: Identify, research and evaluate new compliance requirements and ensure they are incorporated into SimplePractice’s security policy framework
Policy Communication: Support the communication of policies, procedures, and plans to internal stakeholders regarding security and compliance best practices around applicable laws, regulations and controls
Control Remediation: Support the identification, validation and remediation of information technology controls
Regulatory Compliance: Responsible for Data Security Standards (HITRUST and PCI), regulations governing personally identifiable information (PII) and other applicable regulatory compliance frameworks
Program Alignment: Partner with internal teams to ensure successful security programs that align with compliance requirements
Stakeholder Needs: Understand the security needs of internal and external stakeholders around external business partners and maintain a process that meets stakeholder needs
Program Management: Manage daily activities and functions of the external business partner management program
Assessment Coordination: Coordinate and drive business partner security assessment activities for both inbound and outbound relationships
Risk Mitigation: Lead assessments of business partner security risk, develop mitigation plans, and work with internal stakeholders to assign monitoring responsibility
Annual Assessment: Prepare and complete annual risk assessments and assist with regulatory and accreditation audit preparation
Partner Selection: Support business partner selection on significant sourcing decisions and reassess security risk for business partners before contract renewal

23. Information Security Analyst Responsibilities

Audit Execution: Perform audits and vulnerability assessments
Security Communication: Ensure communication and escalation of security activities to leadership, assist in the development process and operating procedures
Vulnerability Strategy: Help develop and implement a vulnerability identification and remediation strategy to limit compromise
Device Hardening: Assist in standard device hardening guidelines and policies
Vulnerability Resolution: Assist in troubleshooting, diagnosing and resolving vulnerabilities
Policy Enhancement: Review and enhance security policies that cover physical and logical access to systems and the management of private data
Risk Assessment: Perform IT risk assessments, incident investigations, root cause analyses, and forensics
Compliance Alignment: Partner with internal teams to ensure successful security and compliance programs that align with client and regulatory compliance requirements
Control Evaluation: Evaluate risks that the applicable vulnerabilities pose to the organization and understand the technical implementation details to assess and recommend security control improvements or identify mitigating controls
Deficiency Remediation: Assist with the remediation of control deficiencies identified during the audit process
Incident Response: Develop an incident response process that effectively prioritizes by the highest risk
Mitigation Solutions: Develop technical solutions to help mitigate security vulnerabilities
Security Engineering: Perform security engineering for complex, multi-platform systems, datacenters, GCP and multi-cloud environments
SIRT Participation: Participate in the Security Incident Response Team (SIRT) activities, helping SIRT to detect, respond, contain, eradicate and recover from security incidents promptly, within the Cloud Operations and Corporate IT environments

24. Information Security Analyst Job Summary

Alert Review: Using specialized tools, review alerts generated by intrusion detection systems as well as logs produced by multiple types of systems
Incident Tracking: Open and track incidents based on suspicious alerts and/or logs in accordance with the intervention protocol of each client
Vulnerability Tracking: Track vulnerabilities found on the infrastructure of clients using vulnerability detection systems
Scan Scheduling: Assist with the identification and recommendation of solutions related to the scheduling of the scans
Network Monitoring: Monitor the networks of clients using remote monitoring and intrusion detection infrastructure
Infrastructure Availability: Ensure the availability of said infrastructure and recommend solutions that would improve the security posture of the clients
Monthly Reporting: Produce the required monthly reports
Support Response: Answer and respond to calls for support
System Evaluation: Contribute to the evaluation of intrusion detection systems in the pre-production environment
Anomaly Detection: Identify and report anomalies and/or suggest improvements to the remote monitoring solution
Traffic Analysis: Reviews and analyzes network traffic and threat logs to identify and detect intrusions, anomalous conditions, scanning activities, and security violations within the company’s environment and at enterprise perimeters
Tool Proficiency: Research and maintain proficiency in open source and commercial exploitation tools
Automation Development: Develop and implement scripts, tools and techniques to automate exploit prevention, detection and response
Forensic Analysis: Performs event and Incident Investigations and Forensic Analysis to determine the root cause and identify Indicators of Compromise for threat intelligence additions
Threat Intelligence: Reviews new and ongoing threat intelligence reports for applicability within the environment and updates internal watch lists for monitoring and alerting within the SIEM
Scan Analysis: Analyze completed vulnerability and compliance scans, report any missing devices or network subnets with absent or incomplete scan results

25. Information Security Analyst Accountabilities

Escalation Support: Serve as an escalation resource for SOC analysts
Incident Response: Perform Incident Response for security threats or incidents
Correlation Development: Work with SIEM Engineers and other security partners, developing and refining correlation rules
Task Execution: Work on complex tasks assigned by the SOC management
Evidence Coordination: Coordinate evidence/data gathering and documentation for Security Incident reports
Procedure Improvement: Provide recommendations for improvements to incident playbooks, procedures, and monitoring
Emergency Response: Provide emergency response as a member of CSIRT or as an escalation as part of a 24/7 on-call rotation
Alert Support: Operational support for information security tool alerts, triaging, and maintenance
Security Operations: Execute on information security activities such as vulnerability management, application development security, business continuity, networking and risk management
Forensic Response: Perform first-level incident response and computer forensics activities
Control Assessment: Assess security controls and evaluate the security posture of the organization's internal controls
Third-party Evaluation: Evaluate third-party relationships for compliance with organization security standards
Program Development: Collaborate with the IT department and Business colleagues to develop security programs as an SME
Trend Research: Researches security trends, new methods, and techniques used to preemptively eliminate the possibility of system breach
Security Expertise: Serve as Subject Matter Expert (SME) on information security-related projects and initiatives assigned
Confidentiality Maintenance: Maintain confidentiality on all sensitive security matters

26. Information Security Analyst Functions

Event Monitoring: Monitor, analyze, and triage security events to ensure the maintenance of a strong security posture
Incident Support: Provide Incident Response support when actionable security incidents are identified
Tool Evaluation: Evaluate and leverage security-focused products (such as application security scanners, endpoint security, vulnerability management, data loss prevention, etc.)
Vendor Assessment: Assist with 3rd party security assessments for new and renewing vendors
Risk Review: Conduct security reviews to assess technical and business risk
Posture Improvement: Recommend ways to improve and update the security posture
Configuration Review: Work closely with the IT teams to review configurations, hardening, and controls in diverse environments
Threat Knowledge: Maintain strong knowledge of recent security vulnerabilities, attack vectors, attack methods, and remediation techniques
Standards Development: Develop security standards and best practices for the whole organization
Alert Investigation: Investigate alerts and respond to incidents
Security Inquiry: Respond to security inquiries from staff, customers, and third parties
System Maintenance: Help deploy and maintain security systems relating to vulnerability management, endpoint detection and response (EDR), intrusion detection and prevention
IAM Support: Identity and access management, e-mail security, cloud security, deception technologies, etc
Script Development: Develop scripts to quickly parse data or automate tasks
Web Scanning: Conduct web application vulnerability scans
Incident Liaison: Acting as a liaison between Information Security, Product Development, Legal, Human Resources, Managed Services, and other teams during security incidents
Audit Response: Respond to security assessments/audits from customers or business partners

27. Information Security Analyst Job Description

Regulatory Expertise: Provide subject matter expertise related to NIST CSF, NIST 800-53, ISO27001, PCI DSS, SOC 1, SOC 2, and other information security regulations
GRC Services: Establish, maintain, and mature GRC services as a primary or backup service owner (e.g., Risk Management, Policy Management, etc.)
Risk Process: Help establish a common risk management process including risk identification, analysis, decision-making, scoring, treatment planning, and tracking
Risk Reporting: Prepare risk management metrics and reporting
Risk Planning: Work with DriveTime technical and business professionals to determine appropriate risk treatment decisions and plans
Tool Identification: Identify governance, risk, and compliance (GRC) tools to manage a list of external authoritative sources, information technology controls, corporate policies and procedures, vendor management systems, and risk management workflows
Audit Preparation: Prepare internal and external audit evidence
Law Proficiency: Maintain proficiency with applicable laws, regulations, and standards
Meeting Facilitation: Conduct internal risk and compliance meetings as a subject matter expert
Document Maintenance: Draft and maintain compliance documents (e.g., policies, standards, procedures, etc.)
Best Practice Adoption: Coordinate the adoption of information security best practices throughout the enterprise

28. Information Security Analyst Overview

SIEM Monitoring: Monitor and analyze data using SIEM products and security dashboards
Risk Analysis: Interpret log data to identify potential risks
Mitigation Execution: Plan, facilitate, and perform mitigation activities
Alert Response: Investigate security alerts and notifications for potential threats
Risk Prioritization: Prioritize mitigation efforts based on risk assessment findings
Vulnerability Remediation: Prioritize and address remediation tasks from vulnerability scans
Remediation Planning: Plan, coordinate, and execute remediation efforts
Vulnerability Impact: Assess the impact of new vulnerabilities on the SOS environment
Control Assessment: Review existing security controls and identify potential gaps
PCI Compliance: Lead and oversee all PCI compliance activities
SAQ Responsibility: Manage the completion of the annual PCI Self-Assessment Questionnaire (SAQ)
Assessment Tracking: Track and manage quarterly PCI vulnerability assessments
Proactive Planning: Collaborate with leadership and technical teams to develop and implement proactive security strategies
Vendor Liaison: Serve as the primary point of contact with the firewall vendor on behalf of SOS

29. Information Security Analyst Details and Accountabilities

SIEM Analysis: Use a SIEM product/security dashboards to view and analyze data
Log Interpretation: Interpret log data to determine risk
Task Mitigation: Plan, facilitate, and perform mitigation tasks
Alert Investigation: Investigate security alerts and notifications
Risk Prioritization: Prioritize mitigation tasks identified in risk assessment reports
Scan Remediation: Prioritize remediation tasks identified in vulnerability scans
Task Remediation: Plan, facilitate, and perform remediation tasks
Vulnerability Awareness: Understand how new vulnerabilities may affect the SOS environment
Control Review: Review security controls and analyze possible gaps in the SOS environment
PCI Oversight: Lead oversight for PCI compliance
SAQ Management: Responsible for annual PCI SAQ
Assessment Tracking: Responsible for tracking quarterly PCI vulnerability assessments
Security Planning: Work with leadership, technical staff to plan and execute proactive security plans
Vendor Liaison: Point of contact for SOS in working with the firewall vendor

30. Information Security Analyst Tasks

SLA Monitoring: Meet service level agreements (SLAs) regarding response time and customer notifications
KPI Management: Assist with and define both team and service key performance indicators (KPIs)
Client Coordination: Work with clients and tools vendors to address all security-related issues
Investigation Coordination: Coordinate security investigations based on internal processes and procedures
Control Implementation: Assist customers or facilitate the implementation of protective and mitigating security controls
Tool Management: Perform manage, add, change, and delete operations within the security tools
Request Fulfillment: Handles the fulfillment of all security requests and calls from the user
Incident Resolution: Drives resolution as it relates to customer-facing incidents and change management
Security Contact: Provides a central contact point for implementation, architecture and problem management for managed security applications (Firewall, IDS, Encryption, SIEM, EIQ, Web filtering)
Vulnerability Scanning: Scan system devices for vulnerabilities according to compliance policies – Nessus
Incident Response: Initiate security incident response including tracking and recovery actions
Event Analysis: Analyze and validate the network and hosts based on Intrusion Detection System events
Change Management: Service and Change management knowledge and understanding
Response Coverage: Monitors SLAs for responsiveness and coverage
Service Reporting: Provide regular reports and statistics for service line management
On-call Support: Participate in an on-call rotation
Team Guidance: Provide oversight and guidance to junior team members as it relates to the Security realm
Process Improvement: Document and create process improvements when gaps are/have been identified
Emergency Support: Participate in an on-call rotation to provide emergency support

31. Information Security Analyst Roles

Security Strategy: Planning, implementing and measuring an effective and compliant Ciklum IT Security Strategy
ISO Compliance: Supporting compliance with the ISO 27001 Standard
Policy Development: Creating and continuously improving the policies and procedures
Standard Improvement: Develop and improve Ciklum security standards and blueprints
Risk Assessment: Conduct information security risk assessment and treatment planning
Control Implementation: Implementation and continuous improvement of security controls
Audit Coordination: Coordinating internal, certification and supervisory audits
Penetration Support: Supporting IT infrastructure vulnerability and penetration testing
Security Review: Regularly conduct a security review and audits of server and network equipment configurations, physical security measures
Event Monitoring: Security events monitoring, analytics and reporting
Access Audit: Audit of access matrix and controls
Patch Verification: Verify appropriate patch management across the IT Infrastructure
Endpoint Standards: Continuously develop endpoint security standards
Incident Management: Inform Security incident response, investigation, escalations and reporting
Security Awareness: Develop a security education and awareness programme

32. Information Security Analyst Additional Details

Incident Monitoring: Monitors and responds to potential security incidents, service requests and requests for information
System Administration: Performs basic administration of Information Security Systems
Awareness Program: Monitors and manages the Information Security Awareness program operations
Script Execution: Executes security systems test scripts under the direction of a Senior Analyst
Report Preparation: Prepares system security reports by collecting, analyzing and summarizing data and trends
Control Recommendation: Works with Senior Analysts to make recommendations for mitigating controls
Patch Monitoring: Monitors and analyzes Patch Management Systems activity reports
Knowledge Tracking: Updates job knowledge by tracking and understanding emerging security practices and standards
Professional Development: Participating in educational opportunities, reading professional publications, maintaining personal networks, and participating in professional organizations
BCP Documentation: Assists in the development, production and maintenance of BCP/DR materials and documentation (e.g., plans, emergency response procedures, call lists, test results, etc.)
Crisis Support: Works with the Senior Analyst to assist with crisis management in the event of a business interruption
Ownership Mentality: Enhances department and organization reputation by accepting ownership for accomplishing new and different requests
Team Contribution: Participates in and leads proactive team efforts to achieve departmental and company goals
Value Adoption: Adopts Fairway values in personal work behaviors, decision making, contributions and interpersonal interactions
Work Culture: Contributes to a positive work environment by demonstrating cultural expectations and influencing others to reward performance and value "can do" people, accountability, diversity and inclusion, flexibility, continuous improvement, collaboration, creativity and fun

33. Information Security Analyst Essential Functions

Privacy Development: Working with business-side privacy officials, develop and implement privacy policies and practices for new/emerging technologies
Law Analysis: Analyze privacy laws and regulations, maintain established privacy practices and revise and recommend safeguards or PII reduction methods to policy makers and personnel
Compliance Activities: Conduct regular privacy compliance activities in accordance with government laws and regulations
Breach Response: Respond to privacy data breaches from discovery to closure and recommend future mitigation techniques
Training Delivery: Develop and deliver annual privacy awareness training to employees
Policy Advisory: Analyze privacy laws, mandates, regulations, and policies
Impact Analysis: Advise on potential impacts to the business unit's programs and activities
Routine Compliance: Perform routine privacy compliance activities in accordance with appropriate laws
Privacy Reporting: Prepare periodic privacy reports and assist other offices in the completion of their privacy reports
Policy Review: Review and recommend updates to privacy policies and procedures
Database Management: Manage privacy-related reporting databases
Event Monitoring: Monitor external events involving privacy that may raise concerns with the organization's systems
Incident Coordination: Coordinate with other offices in responding to and mitigating privacy data incidents or breaches
Risk Assessment: Other security risk assessment and audit tasks, e.g., conducting security scans, auditing systems, and preparing reports
Business Development: Assist with business development activities, such as proposals, capture, account teams, whitepapers, conferences, and/or other thought leadership materials

34. Information Security Analyst Role Purpose

Policy Development: Assess policy requirements and develop policies and procedures for integrating Assurance in Software Engineering (ASE) into acquisition phases and sustainment of AF weapon systems
Plan Coordination: Plan, develop, and coordinate ASE policy development and plans for weapon system Platform Information Technology (PIT) covering various aspects
Cyber Integration: Coordinate policy development for the integration of Cyber Resiliency into software supporting operations throughout the lifecycle of AF weapon systems
Policy Review: Review existing and proposed policy documents related to Cyber Resiliency and ASE
ASE Expertise: Provide expertise in ASE, particularly for weapon system Platform Information Systems (PIT) and Embedded Systems, to enhance cybersecurity and resiliency of operational software
Software Consistency: Ensure consistency in security and resiliency software across operational systems and align with system-level requirements, CONOPS, and architectures
Technical Review: Review technical approaches of programs to identify opportunities for improving cybersecurity and resiliency in PIT and Embedded systems
Program Evaluation: Review acquisition programs for integration and technical changes that enhance software security and resiliency
Contract Review: Work with the contracts review team in reviewing and redlining security clauses in customer contracts
Term Negotiation: Negotiate security terms with customers
Query Response: Review and respond to customer security queries, questionnaires and risk assessments

35. Information Security Analyst General Responsibilities

Strategic Design: Participates with the client in the strategic design process to translate security and business requirements into technical designs
System Validation: Configures and validates secure systems and tests security products and systems to detect security weaknesses
Vulnerability Analysis: Performs network scanning and vulnerability analysis
Security Compliance: Ensures that the appropriate security features and safeguards have been implemented on all information systems as required by DoD/IC policy and directives, and industry best practices
Device Maintenance: Performs defense device system installation, configuration maintenance, account maintenance, signature maintenance, patch management, and troubleshooting of all implemented, maintained, and deployed systems
Certification Testing: Provides security certification test and evaluation of assets, vulnerability management and response, security assessments, customer support and guides on security issues
Security Planning: Plan, implement, upgrade, or monitor security measures for the protection of computer networks and information
Control Assurance: Ensure appropriate security controls are in place that will safeguard digital files and vital electronic infrastructure
Breach Response: Respond to computer security breaches and viruses

36. Information Security Analyst Key Accountabilities

Project Leadership: Working as an SME on a variety of different projects across the organisation, ranging from large acquisitions through to initiatives that touch technology, people and processes
Security Guidance: Serve as a security expert on change programmes, providing guidance and support to enable change delivery teams to comply with enterprise and technology security policies, industry regulations and best practices
Risk Alignment: Support deliveries with robust risk assessment/mitigation and ensure that they align to the appropriate technology change framework and that solutions meet the relevant operating principles, to protect the Business, whilst continuing to deliver change
Requirement Identification: Identify appropriate security requirements through a deep understanding of the business requirements and security control environment for each phase of a project or change initiative
Technology Evaluation: Undertake technology evaluations and provide recommendations for the security aspects of new applications
Security Design: Working with the IT solutions team to detail the security design into project templates
Stakeholder Awareness: Ensure all stakeholders are aware that global and local requirements are met, with the skillset to influence change at all levels
Risk Prioritization: Conduct risk analysis and contribute to the prioritisation of information security initiatives based on risk and business need
Option Articulation: Weigh business needs and security concerns, make recommendations and clearly articulate options (including benefits and risks) to business partners, decision makers and key stakeholders
Risk Communication: Communicate known security risks and solutions to mitigate risks to business and technology partners
Incident Support: Assist with the investigation and operational support of the information security incident management processes
Solution Integration: Ensure solutions are fully integrated into business-as-usual activities
KPI Delivery: Ensure regional KPIs and KRIs are defined and delivered
Expertise Maintenance: Maintain current expertise in information security technology, methodology, tools, threats/vulnerabilities, news and regulatory changes, emerging security trends, issues and threats
Security Acceptance: Work with Project Management to ensure that projects have met all Security / Production acceptance criteria before design and implementation into production
Risk Leadership: Provide leadership within a framework of prudent and effective controls that enable risk to be assessed and managed to fit within the Organization's agreed risk appetite

37. Information Security Analyst Roles and Details

PCI Compliance: Obtaining and retaining full PCI-DSS compliance across the estate, brands and territories
Training Standards: Maintaining PCI-DSS education and training standards to accepted levels
Security Innovation: Bring innovation to how to continue to identify and respond to threats, to how to manage and secure payment card information
Stakeholder Engagement: Demonstrate continuous improvement in ways to engage and communicate with key stakeholders
Subject Expertise: Maintaining and improving Information Security subject matter expertise
System Monitoring: Monitor and analyze systems for indication of security incidents
Incident Handling: Initiate security incident handling procedures and create incident handling reports
Log Analysis: Perform log correlation and analysis
Tool Maintenance: Provide maintenance and reporting for various security tools including vulnerability management solutions, SIEM, UTMs, HIDS, etc.
Event Simulation: Design and deploy simulated security events as part of a security awareness training program
Control Monitoring: Support continuous monitoring programs in Cloud and Corporate environments to ensure control activities are operating effectively
Process Documentation: Document security processes and operational tasks
Technology Evaluation: Analyze and evaluate new technologies

38. Information Security Analyst Responsibilities and Key Tasks

Policy Monitoring: Monitor adherence to Security Governance Policies and Compliance Best Practices
Standards Adherence: Acknowledgement and adherence to Technical Security/Privacy Standards
Technical Assurance: Provide technical assurance skills around IT and Security
Audit Support: Provide support for all external audits such as SSAE 16, HIPAA, HITRUST, NIST, PCI and more
Access Review: Perform all access reviews at a set regular interval
Documentation Maintenance: Maintain client security documentation by making regular scheduled reviews and updates
Mailbox Monitoring: Maintain and monitor shared mailbox activities, triage incoming queries, and work with relevant product owners to provide accurate responses to clients
Stakeholder Interaction: Interacting with diverse stakeholders including external service providers, IT project managers, systems administrators, and sales executives
SAQ Support: Provide support to sales executives in answering security assessment questionnaires (SAQ) relating to RFIs and RFPs
Development: Self-motivated to learn new skills, technology, and industry security best practices

39. Information Security Analyst Duties and Roles

Security Maintenance: Maintaining the security level and integrity of BASF’s implemented security technology stacks as a mitigation strategy against cybersecurity threats
Control Implementation: Plan, implement and upgrade security measures and controls
Improvement Planning: Address necessary improvements in the organization
Threat Remediation: Maintain the security level by implementing automated or manual measures such as system containment and remediation of security threats
Control Currency: Ensure all security mitigating controls are current with any software or hardware changes
Team Collaboration: Work with Solution Architects and DevOps Teams across the company by communicating potential flaws in the security of their systems
Security Recommendation: Recommend changes that will improve the security footprint of BASF
Gap Documentation: Creating documentation to help close security gaps
Assessment Execution: Perform Security Assessments with administrators and internal business partners for company-owned endpoints such as mobile and workplace devices as well as the corresponding workplace infrastructure
Policy Reporting: Develop reports to share with related and process involved stakeholders about the efficiency of implemented security policies and recommend any changes
Threat Research: Proactively perform security research by utilizing public and internal Threat Intelligence Office (TIO) information
Status Evaluation: Evaluate the security status of IT implementations across segments organization

40. Information Security Analyst Roles and Responsibilities

Governance Execution: Work within the Information Security and Privacy department to implement/execute governance and compliance processes
Control Oversight: Provide oversight and reporting on key controls and risk management measures, including Data Loss Prevention
Risk Assessment: Initiate and review security risk assessments and gap analysis of systems and third parties
Ongoing Monitoring: Monitor these on an ongoing basis to ensure completeness
Training Administration: Compile training materials in relation to Information Security, administer the rollout and track to completion
ISMS Support: Assist in the development and maintenance of the Information Security Management System (ISMS)
Metric Collection: Collect and collate metrics related to the performance of Information Security controls
Report Input: Provide input to board reports, committee reports, forums, policies and procedures, as well as other ad-hoc materials
Request Response: Respond to client/regulator information requests
Repository Maintenance: Ensuring that the repository of source material is kept up to date and accurate

41. Information Security Analyst Duties

Compliance Support: Support IT compliance programs to ensure alignment with UPS's organizational, regulatory, and risk obligations
Policy Monitoring: Monitor IT compliance with the organization’s policies and procedures
Regulatory Compliance: Monitor IT compliance with existing Federal, State and Local regulatory requirements
Metrics Maintenance: Maintain information security and compliance metrics that are meaningful and actionable
Dashboard Accuracy: Ensure that reports, trackers, and visibility dashboards reflect the true state of compliance for various audiences
Audit Operations: Perform daily audit-related operational activities
Remediation Tracking: Work with business partners to track/manage remediation of control deficiencies identified during audits and compliance assessments
Control Evaluation: Examine internal controls to determine design and operational effectiveness
Requirement Analysis: Analysis and interpretation of regulatory compliance requirements
Process Improvement: Identify opportunities and make recommendations to improve the efficiency and effectiveness of IT internal controls and operating processes
Review Execution: Perform compliance reviews of various applications and infrastructure

Relevant Information

What Does An Information Security Do?

What Does An Information Security Architect Do?

What Does An Information Security Consultant Do?