Alternate Job Titles
Security Consultant, Information Security analyst, Security Operations Analyst, Information Security Officer
Job Level
Entrant
Functional Group
IT Security
Job Family
Applications configurations and installations and IT Security
Job Description
Security analysts are ultimately responsible to:
- Ensure that the company's digital assets are protected from unauthorised access;
- Secure both online and on-premise infrastructures.
- Weed through metrics and data to filter out suspicious activity.
- Find and mitigate risks before breaches occur.
- Generate reports for IT administrators and business managers to evaluate the efficacy of the security policies in place.
- Help to make the necessary changes for a more secure network.
- Create training programmes and modules to educate employees and users on proper security protocols.
- Keep the company's security systems up to date and create documentation and planning for all security-related information, including incident response and disaster recovery plans.
Other specific responsibilities include:
- Monitoring security access.
- Conducting security assessments through vulnerability testing and risk analysis.
- Performing both internal and external security audits.
- Analysing security breaches to identify the root cause.
- Continuously updating the company’s incident response and disaster recovery plans.
- Verifying the security of third-party vendors and collaborating with them to meet security requirements.
Critical Work Function
Monitoring Cyber Security Systems
- Perform cyber security monitoring activities on IT systems and applications.
- Categorise security incidents and breaches that occur.
- Track and react to security monitoring alert.
- Compile reports on the performance of security operations for management reporting.
Cyber Security Operations Maintenance
- Perform cyber security monitoring activities on IT systems and applications.
- Categorise security incidents and breaches that occur.
- Track and react to security monitoring alert.
- Compile reports on the performance of security operations for management reporting.
Cyber Security Queries Response
- Assist in responding to cyber security issues.
- Assist in forensic threat investigations.
- Assist with resolution of security-related issues.
- Assist with simulation of user problems to identify drawbacks of cyber security systems.
- Recommend modifications to cyber security systems to address issues.
- Maintain logs of cyber security incidents.
Cyber Security Compliance Facilitation
- Assist with the implementation security policies, standards and procedures.
- Educate users on cyber security policies, standards and practices.
- Identify improvement areas to existing security policies and procedures.
- Monitor third party compliance with organisational cyber security policies, standards and procedures.
- Monitor users’ adherence to cyber security policies, standards and procedures.
- Develop cyber indicators to maintain awareness of the status of the highly dynamic operating environment.
- Collect, process, analyse, and disseminate cyber threat/warning assessments.
Cyber Security System Performance Optimisation
- Assist with piloting of new cyber security tools, technologies, and processes.
- Assist with installation of new cyber security related hardware and software.
- Assist with security system testing and ongoing optimisation or changes such as
- Schedule upgrades and updates.
- Maintain documentation of all optimisation activities.
- Recommend security products, services and/or procedures.
- Propose improvements to IT operational processes, procedure manuals, and documentation.
Entry Requirements
#1
Associate Security Analyst
BDQF Level 5 in Information Systems, Computer Science or related field or
BDQF Level 4 in Information Systems, Computer Science or related field with 5 years relevant industry experience or possess relevant portfolio/experience.
Skills & Competencies
Technical Skills
Soft Skills
Recommended Technical Training Courses
CompTia Infrastructure and Cybersecurity Certification
EC-Council Advanced Certification
Computational Thinking -Intermediate
GIAC Advanced Certification
Certified Information Systems Auditor (CISA)
Certified Information Security Manager (CISM)
Security+
Certified Ethical Hacker (CEH)
GIAC Security Essentials Certification (GSEC)
Systems Security Certified Practitioner (SSCP)
CompTIA Advanced Security Practitioner (CASP+)
GIAC Certified Incident Handler (GCIH)
Offensive Security Certified Professional (OSCP)
CREST Certification