What Does An IT Security Analyst Do?

WHAT DOES AN IT SECURITY ANALYST DO?

Published: Nov 06, 2025 - The Information Technology (IT) Security Analyst supports the implementation of security standards, vulnerability mitigation measures, and incident management processes to strengthen organizational protection. This role monitors access, performs security assessments and audits, and ensures compliance with internal policies and risk frameworks. The analyst also promotes security awareness, coordinates penetration testing, and provides recommendations to improve data protection and overall information security posture.

A Review of Professional Skills and Functions for IT Security Analyst

1. IT Security Analyst Duties

Planning Coordination: Ensures the necessary planning, outreach, execution, and dissemination of lessons learned/after-action reports
Audit Support: Provides support for all post Command Cyber Readiness Inspection (CCRI) and Cyber Security Inspection (CSI) and NAVSEA 08 Audit data/information resulting from a CSI/CCRI/NAVSEA 08 Audit conducted at NNSY
Compliance Assessment: Conducts CS compliance and A&A documentation validation assessments for legacy applications, systems, and networks
Documentation Development: Develops or expands existing A&A and CS documentation to ensure complete documentation exists in accordance with DoD A&A and IA policy
Meeting Participation: Attends meetings on behalf of the A&A team, takes notes and prepares written feedback on the content and outcome of meetings, and follows up on tasks including recommendations and suggestions
Report Preparation: Assists in developing point papers, naval messages, presentations, briefings, and other forms of written documentation on an as-needed basis to support A&A and CS functions
Data Analysis: Compiles and analyzes data from authoritative sources
Dashboard Development: Develops a SharePoint web-enabled monthly Dashboard
Clerical Assistance: Assists with office clerical work
User Support: Assist users with CS related issues and provide other CS support as the need arises (e.g., auditing, contingency planning, CS awareness training, risk assessments, etc.)

2. IT Security Analyst Details

Access Development: Constructs access paths to suites of information (e.g., link pages) to facilitate access by end-users
Framework Design: Designs, builds, implements, and maintains a knowledge management framework that provides end-users access to the organization’s intellectual capital
User Analysis: Develops an understanding of the needs and requirements of information end-users
Knowledge Promotion: Leads efforts to promote the organization's use of knowledge management and information sharing
Content Management: Manages the indexing/cataloguing, storage, and access of explicit organizational knowledge (e.g., hard copy documents, digital files)
Usage Monitoring: Monitors and reports the usage of knowledge management assets and resources
Project Management: Plans and manages the delivery of knowledge management projects
Knowledge Sharing: Promotes knowledge sharing between information owners/users through an organization’s operational processes and systems
Data Recommendation: Provides recommendations on data structures and databases that ensure the correct and quality production of reports/management information

3. IT Security Analyst Responsibilities

Cloud Security: Assist in developing, operating, and evolving Cloud Access Security solutions and capabilities
Process Development: Assist in developing processes and documentation for security capabilities
Automation Implementation: Research, recommend, and implement streamlined automation processes
Project Coordination: Work closely with project managers for all projects involving enterprise data
Architecture Documentation: Maintain documentation of the architecture and environment to maintain a current and accurate view of the larger data picture
Adaptability Skills: Effectively adapts to changing work environments
Resilience Skills: Remains flexible despite adversity
Change Management: Champions and embraces change from the current environment to the desired future state
Technology Adaptation: Adapts effectively to changing technology and changing job demands
Solution Implementation: Assist in the solution implementation for new security capabilities

4. IT Security Analyst Job Summary

Project Support: Provide support to one or more projects simultaneously
Project Delivery: Delivers projects on schedule
Customer Collaboration: Work with internal customers on complex needs and may consult with external customers
Work Planning: Plan and coordinate own work to meet commitments and quality expectations
Issue Resolution: Identification and resolution of project issues
Information Analysis: Reviews and analyzes a wide variety of information and recommends an appropriate course of action using intuition, reasoning, and experience
Problem Solving: Analyzes problems and alternative solutions and takes appropriate, timely action to achieve desired business results
Creative Thinking: Seeks unique and novel solutions to problems and considers the impact of the final resolution
Compliance Adherence: Responsible for complying with Neighborhoods Corporate Compliance Program, Standards of Business Conduct, applicable contracts, laws, rules and regulations, policies and procedures as they apply to individual job duties, the department, and the Company

5. IT Security Analyst Accountabilities

Threat Anticipation: Anticipates security threats that generate alerts, incidents, and disasters and recommends controls to reduce their likelihood
Incident Analysis: Analyzes incidents and security breaches to determine root causes
Incident Reporting: Prepares reports that document security incidents and breaches and the extent of the damage caused by the breaches
Tool Recommendation: Recommends appropriate security tools and countermeasures
Playbook Development: Creates and maintains Incident Response Playbooks and Runbooks for the different types of security incidents/scenarios
Threat Hunting: Performs anomaly detection and threat hunting to identify suspicious/anomalous activity that will require further detailed investigation to mitigate possible risks
System Monitoring: Maintains security monitoring systems and monitors security access
Network Management: Assists in managing network, intrusion detection and prevention systems, making recommendations for improvements
Security Training: Assists in training fellow employees in security awareness and procedures

6. IT Security Analyst Functions

Access Investigation: Investigate improper access and recommend revocation of access
Violation Reporting: Reports violations, monitors information requests, and recommends improvements
Control Implementation: Assists in establishing system controls, implementing control frameworks, and evaluating levels of access
Data Protection: Assists in establishing plans and protocols to protect digital files and information systems against unauthorized access, modification, and/or destruction
Security Metrics: Produces metrics reporting the state of the security of the organization by means of the performance of security incident response and threat detection
Knowledge Development: Keeps constantly updating job knowledge by participating in educational opportunities
Professional Engagement: Reading professional publications, maintaining personal networks, and participating in professional organizations
Security Research: Research security enhancements and make recommendations to management and Sr. Security Staff
Penetration Management: Assists in managing annual penetration testing services, including both expert consulting and managed services

7. IT Security Analyst Job Description

Compliance Planning: Execute annual planning of the company's Information Security compliance efforts
Audit Coordination: Work with Internal Audit to communicate the results of ITGC and potentially operational audits and lead mitigation efforts
Risk Assessment: Review the organization’s security risk profile, partnering with IT teams to assess, build mitigation plans, and update the risk register
Control Testing: Support and coordinate ITGC, PCI DSS, SOX, SOC2, and COBIT5 control testing, including communicating results in a timely and collaborative manner
Process Documentation: Coordinate with the Business Process Owners in ensuring that documentation, testing, remediation, and appropriate controls associated with financial reporting are identified and documented in the process documentation, as well as provide education and training
Evidence Management: Coordinate evidence requests with internal and external auditors resulting from audits of the company's internal controls over financial reporting
Compliance Reporting: Prepare reports to key stakeholders and senior management on the status of compliance efforts
Control Design: Utilize knowledge and judgment to design effective control test plans
Team Mentorship: Directs, mentors, and trains Jr. Compliance Analysts
Policy Management: Creates, updates, and manages Standard Operating Procedures (SOPs) and IT Policies
Vendor Management: Creates, updates, and manages RFP’s (Requests for Proposal) and Third-Party Questionnaire requests

8. IT Security Analyst Overview

Event Identification: Interacting closely with BCG’s MSSP, identify, assess, and communicate cyber events promptly
Alert Response: Responding to security event alerts from multiple sources
Incident Escalation: Quickly, efficiently, and accurately triaging and escalating cyber events to senior team members
Threat Intelligence: Maintaining industry knowledge of SIEM and threat intelligence and its interactions with other technologies, such as Active Directory, Log Management, Ticketing, Information Management, Cloud Services, Devices, etc.
Log Analysis: Collecting, monitoring, and analyzing log data produced by the BCG's System
Status Reporting: Reviewing and preparing monthly status reports and statistics
Incident Follow-up: Following up on incidents, issues, and concerns related to security events and data loss
Security Auditing: Providing backup to other BCG Security Architects to audit, monitor, and report on the various components of BCG IT security
Risk Balancing: Balance cost, risk, security, user convenience, and business requirements in all aspects of work

9. IT Security Analyst Details and Accountabilities

SIEM Monitoring: Monitor Security Incident and Event Management (SIEM) tools for malicious activity
Attack Detection: Monitor for DDoS and other external attacks against internet-facing services
Event Analysis: Review events from a variety of sources and identify security incidents
Incident Escalation: Escalate security incidents in accordance with CSOC procedures and the Incident Response Plan
Incident Containment: Assist with triage and containment of security incidents
Threat Response: Assist with Incident Response
Threat Hunting: Participate in active threat hunting initiatives and learn from senior Analysts and Engineers
Tool Feedback: Provide feedback to Security Engineers regarding the performance of security tools
Skill Development: Continually train and develop skills to stay current with the modern threat environment
Status Communication: Communicate status and findings to senior Analysts and CSOC Leadership

10. IT Security Analyst Tasks

Network Monitoring: Uses network monitoring tools, SIEM (security incident event monitoring), to carefully examine network traffic and to identify both external and internal threats to ensure security specifications meet the HealthAxis infrastructure guidelines
Patch Management: Define firmware and patch management policies for all operating systems in accordance with the Information Security Policy
Audit Administration: Design and administer self-scan audits internally and externally and address all findings
Audit Preparation: Initiate internal and external IT audit preparation and resolutions to findings
Data Security: Implement controls to maintain data security through enabling/disabling network protocols, port security, restricting access to VLANs, certificate management, MAC filtering and other security controls
Disaster Testing: Participate in the annual execution of disaster recovery testing
Infrastructure Design: Research and design short-term and long-term changes and enhancements to the infrastructure
Solution Engineering: Engineer solutions that sustain the operational integrity and security of all business systems and networks
Security Administration: Installing, administering, and troubleshooting network security solutions
Software Updating: Updating software with the latest security patches and ensuring the proper defenses are present for each network resource
Vulnerability Testing: Performing vulnerability and penetration tests, identifying and defending against threats, and developing disaster recovery plans
System Configuration: Configuring security systems, analyzing security requirements, and recommending improvements

11. IT Security Analyst Roles

Network Monitoring: Monitoring network traffic for suspicious behavior
Access Control: Creating network policies and authorization roles and defending against unauthorized access, modification, and destruction
Security Consulting: Consulting with staff, manager, and executives about the best security practices and providing technical advice
Tool Configuration: Configuring and supporting security tools, such as firewalls and anti-virus software
Policy Administration: Administer policies, standards, and procedures to manage security functions relative to information technology systems, networks, applications, and communications in compliance with regulations
Threat Analysis: Understand the threat landscape and attack trends as they relate to intelligence gathering, dissemination, and defense coordination
Identity Management: Manage identity and access management functions including security administration, access governance, provisioning, and access control design and engineering
Security Expertise: Provide subject matter expertise on a broad range of information security standards and best practices, such as NIST, PCI, ISO 27001, and MAR
Committee Participation: Participate in the organization’s Enterprise Security Committee
Department Collaboration: Collaborate with other departments including Human Resources, Legal, Privacy, Procurement, and Compliance to ensure information security alignment
Standard Awareness: Stay up to date on information technology trends and security standards

12. IT Security Analyst Additional Details

Risk Identification: Responsible for identifying security risks and security compliance gaps in information services, products, and services
Compliance Coordination: Coordinate and execute security compliance activities to ensure security controls meet contractual and regulatory requirements (SSAE 16, Meaningful Use, HIPAA, PCI)
Stakeholder Training: Communicate to and train stakeholders on contractual and regulatory control requirements, obligations, and timelines
Progress Tracking: Effectively track and report on progress
Documentation Maintenance: Develop and maintain documentation supporting compliance
Remediation Assistance: Coordinate and assist with applicable remediation activities
Incident Response: Participate in security and privacy incident management and response
Assessment Planning: Identify security compliance and self-assessment activity requirements, define procedures, and set schedules
Communication Development: Develop communication plans and training for stakeholders on control requirements, obligations, and timelines
Remediation Guidance: Direct and review the analysis of assessment findings and provide guidance on remediation recommendations
Standard Review: Participate in the review of security standards and regulations, and define their impact on Allina
Policy Implementation: Develop and participate in the implementation of policies, tools, and processes to ensure Allina Health can demonstrate compliance

13. IT Security Analyst Essential Functions

Process Alignment: Ensures that processes, standards, policies, and procedures are aligned with IT standards and overall security
Documentation Management: Creates and maintains comprehensive documentation for all implemented security systems/networks and updates it for each system/network change
Project Engagement: Engages in projects related to information security
Program Implementation: Assists in the implementation, maintenance, and monitoring of the information security program in in-scope operational areas (gap analysis, risk assessment, third-party assessments, procedure/specification development, execution of recurring procedures, incident response)
Solution Deployment: Performs the deployment, integration, and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with industry best practices
Vulnerability Management: Supports processes to identify security vulnerabilities in networks and systems
Technical Support: Provides technical advice and support to ensure vulnerabilities are addressed promptly
Incident Handling: Supports, implements, and maintains internal procedures to ensure data security, including incident response handling
Framework Evaluation: Evaluates and improves the existing internal security framework and compliance within the organization
Threat Analysis: Understands current as well as emerging security threats and assists in security architecture to mitigate threats
Evidence Collection: Works with owners to collect evidence deliverables on a regularly scheduled basis and maintain the schedule
Control Enhancement: Suggests design enhancements for internal controls, such as segregation of duties, production change management, software management, security, incident handling, and transmission integrity

14. IT Security Analyst Role Purpose

Evidence Collection: Obtains documented evidence ensuring RBC Bank suppliers, engineering, networking infrastructure, and CI/CD systems and approaches are implemented and maintained in compliance with RBC Bank policies and standards
Issue Tracking: Provides tracking and follow-up on SRMA assessments and IT issue management, including business risk acceptance
Report Analysis: Analyzes external supplier SOC1, SOC2, PCI, and ISO reports and certifications for proper ITGC controls
Risk Assessment: Involved in Supplier Risk Management Assessment (SRMA), providing support using the evidence repository for review and approval
Risk Calculation: Assists with the calculation of ITGC inherent risks, mitigation strategies, and residual risk exposure of applications and services with external service providers
Documentation Support: Provides documentation to analyze supplier ITGC and development through DevOps findings and participates in documented issue remediation with the issue owner
Control Evidence: Provides documented evidence for RBC Bank Technology Risk controls and KRI metrics
Cyber Risk Assessment: Assists with assessing, evaluating, and communicating Cybersecurity risks, threats, and impacts to RBC Bank
Policy Guidance: Assists with guidance and training throughout RBC Bank in the use of Information Security policies, standards, and procedures, including actions to be taken, resources required, and industry best practices
Tool Promotion: Promotes and assists in the use of the RSA Archer Risk Management tool for application and supplier assessments
Recovery Coordination: Helps coordinate and document IT Disaster Recovery Exercises for RBC Bank applications and key infrastructure

15. IT Security Analyst General Responsibilities

System Configuration: Configures, implements, monitors, and supports security software and systems that ensure compliance with regulatory, industry, and corporate policies and procedures
Security Recommendations: Makes recommendations to management on enhancements to existing and new security hardware, software, or related tools
Application Evaluation: Assists in evaluating, planning, configuring, and implementing new or existing security applications and tools
Best Practices: Ensures security best practices are identified and integrated into all facets of projects, including network and system design, configuration, and implementation
Policy Improvement: Identifies and recommends potential areas where existing data security policies and procedures require changes or supplements to mitigate key security risks
Policy Collaboration: Partners with various business units to enhance security policies and procedures
Documentation Management: Creates and maintains data security documentation, policies, and procedures
Incident Response: Assists in the identification, response, investigation, and remediation of potential breaches and issues surrounding data security
Breach Reporting: Prepares reports that document security breaches and the extent of the damage caused
Penetration Testing: Conducts penetration testing by simulating attacks to identify vulnerabilities before they can be exploited

16. IT Security Analyst Key Accountabilities

Security Research: Stays up to date on IT security and the latest methods attackers use to infiltrate computer systems
Technology Evaluation: Researches new security technology to determine what will most effectively protect Merakey
On-call Support: Responsible for providing support during off-hours in an on-call rotation
Technical Guidance: Provides technical guidance on security and privacy policies, standard development, and acts as a Subject Matter Expert (SME) to enterprise architects and other technologists
Problem Resolution: Guides problems and questions and resolves issues in a professional manner
User Communication: Interfaces with technology users with tact and diplomacy to promote a positive image of the department
Information Communication: Accurately communicates pertinent information to stakeholders
Program Development: Assists in the development and implementation of security improvement programs for the department
Resource Management: Performs duties cost-effectively to avoid waste of resources without compromising quality of care and service
Professional Development: Maintains competency and enhances professional growth through continuing education and conferences

17. IT Security Analyst Roles and Details

Account Management: Holds responsibility for the lifecycle management of enterprise end-user accounts in various enterprise applications and services such as Active Directory
O365 Provisioning: Provisions accounts for O365
Course Support: Assists in the rollout of and reporting on the Cyber Security course
Governance Engagement: Engages with individuals and teams across business, IT, and support functions to collect IAM governance lifecycle requirements and ensure a smooth user onboarding experience
Access Troubleshooting: Documents, analyzes, troubleshoots, and supports end-user access levels and accounts, IAM processes and procedures, and workflow management to improve data quality and efficiency
Access Validation: Discusses, reviews, and validates security accesses, roles, and profiles with Business Applications and Business Owners focusing on Access Control requirements and validation
Process Review: Reviews IAM processes (provisioning, de-provisioning, re-certifications, etc.) to ensure alignment with business policies and practices
Security Support: Performs other support activities in service of the mission of the Information Security organization
Incident Handling: Performs tasks and works on security incidents and requests

18. IT Security Analyst Responsibilities and Key Tasks

Security Protection: Participates in both project and operationally focused work regarding end-user Security Protection technologies and implementing standards and processes
Threat Mitigation: Participates in the implementation of recommendations arising from vulnerability assessments and other potential threats
Incident Management: Provides security event monitoring and incident management support
Incident Leadership: Serves as an incident manager as part of Syncreon’s IT Incident Management process
Security Awareness: Develops communications and actively promotes information security awareness among all staff
Best Practices: Advises internal organizations on best practices for securely managing information and assists with the design and implementation of a formal security awareness and training program for Information Security and Compliance
Access Monitoring: Monitors all types of access to protect the confidentiality and integrity of customer and employee data and ensures compliance with organization policies and standards
Audit Support: Provides input to audit log requirements and designs, and periodically checks audit logs to ensure they are maintained to agreed retention levels
Security Assessment: Coordinates security assessments and reports on penetration testing results to proactively identify and mitigate internal and external threats
Network Security: Responsible for network security and performing on-site IT Security audits
Risk Management: Responsible for IT risk management by maintaining a risk/control framework aligned with the Information Security Policy and standards
Risk Collaboration: Provides recommendations on risk assessment and collaborates with legal and audit teams on items related to security and compliance

19. IT Security Analyst Duties and Roles

Documentation Coordination: Assists in the coordination and completion of information security operations documentation
Strategy Development: Works with information security leadership to develop strategies and plans to enforce security requirements and address identified risks
Risk Reporting: Reports to management concerning residual risk, vulnerabilities, and other security exposures, including misuse of information assets and noncompliance
Advisory Role: Plays an advisory role in application development or acquisition projects to assess security requirements and controls and to ensure that security controls are implemented as planned
Project Collaboration: Collaborates on critical IT projects to ensure that security issues are addressed throughout the project life cycle
Technical Control: Works with the IT department and members of the information security team to identify, select, and implement technical controls
Process Development: Develops security processes and procedures and supports service-level agreements to ensure that security controls are managed and maintained
Authorization Guidance: Advises security administrators on normal and exception-based processing of security authorization requests
Security Evaluation: Researches, evaluates, and recommends information security-related hardware and software, including developing business cases for security investments

20. IT Security Analyst Roles and Responsibilities

Control Assessment: Performs control and vulnerability assessments to identify control weaknesses, assess the effectiveness of existing controls, and recommend remedial actions
Testing Definition: Defines testing criteria for systems and applications
Risk Assessment: Serves as the primary individual responsible for executing risk assessment activities, analyzing results, and recommending acceptable risk levels and mitigation strategies
Staff Support: Works with junior staff on deploying, tuning, and running vulnerability-scanning and penetration-testing tools
Control Implementation: Defines and implements security controls
Incident Support: Provides second- and third-level support and analysis during and after a security incident
Incident Resolution: Assists security administrators and IT staff in resolving reported security incidents
Log Monitoring: Monitors daily or weekly reports and security logs for unusual events
Compliance Review: Participates in security investigations and compliance reviews as requested by internal or external auditors

Relevant Information

What Does An IT Analyst Do?

What Does An IT Financial Analyst Do?

What Does An IT Business Systems Analyst Do?

What Does An IT Support Analyst Do?