Information Security Analyst Job Description: Top Duties and Qualifications

If you are looking to hire for a new position in your business, each new opening is unique in its own way because of the various candidates you will need to go through to find the right person for the job. Writing a good job description sample is important to make it clear what kind of person you are looking to hire and attract the right candidates. If you want to hire for an Information Security Analyst position, take a look at this job description sample and modify it to fit your hiring needs.

Build a Job Description

Information Security Analyst Duties and Responsibilities

Information Security Analysts have duties and responsibilities which directly affect a company’s well-being. Therefore, it is important to find someone who has the right mindset and understands what it takes to be successful in this job. 

The following are the major duties and responsibilities that an Information Security Analyst has to take care of in a business, government entity or think tank:

  • Prepare reports that take note of security breaches and the extent of the damage caused by these breaches.
  • Install software that is created to protect sensitive information, such as firewalls and data encryption programs.
  • Monitor the company’s networks to keep an eye out for any security breaches and investigate it if one does occur.
  • Research the latest in information technology security trends to keep up to date with the subject and use the latest technology to protect information.
  • Develop a security plan for best standards and practices for the company.
  • Conduct frequent testing of simulated cyber attacks to look for vulnerabilities in the computer systems and take care of these before an outside cyber attack.
  • Make recommendations to managers and senior executives about security advancements to best protect the company’s systems.
  • Help co-workers when they need to install a new program or learn about security procedures.

Information Security Analyst Job Description Examples:


Information Security Analyst

More information about this job: Overview: FM Global is a leading property insurer of the world's largest businesses, providing more than one-third of Fortune 1000-size companies with engineering-based risk management and property insurance solutions. FM Global helps clients maintain continuity in their business operations by drawing upon state-of-the-art loss-prevention engineering and research; risk management skills and support services; tailored risk transfer capabilities; and superior financial strength. To do so, we rely on a dynamic, culturally diverse group of employees, working in more than 100 countries, in a variety of challenging roles. Responsibilities: The Information Security Principal Analyst role is expected to provide guidance and direction to other team members, business representatives, and technical resources and may manage information security projects of significant scope and complexity, which tend to be of high business visibility and in support of corporate objectives. This person is recognized by business stakeholders as a subject matter expert in various security capabilities within the organization and is an influential partner in setting business security direction and process. The Information Security Principal Analyst is responsible for the development and oversight of security requirements involved in new or the modification and ongoing support of existing information security program objectives and initiatives. This is the highest level position in the Information Security Analysis job family. Qualifications: Responsibilities Responsible for the oversight of security program and/or security infrastructure capability initiatives, ensuring alignment and visibility to progress, impediments and overall risk posture. This includes initiatives that are large in size and scope, driven by technology and/or business need. Collaborates with team members, technology resources and management to ensure that security services are successfully being delivered to program and customer stakeholders that meet the expectations of the FM Global organization Provides insight to information security industry and regulatory trends and topics and is responsible for client and regulatory security responses. Performs research and analysis regarding security threats, mitigating strategies, and industry trends. From this analysis, successfully implements strategy to address high-risk program gaps Collaborates with internal clients to support security initiatives and as a catalyst for security education; communicates with all audiences across the FM Global organization regarding information security and successfully influences stakeholder behaviors, decisions and support. Ensures that information security functions and services are well documented and that metrics & reporting are defined and measurable to provide management with clear oversight including risks, trending, capabilities and deficiencies. Identifies and considers improvement recommendations from others’ regarding effectiveness and/or efficiencies of services and programs Qualifications/ Experience: Experience in information technology program/project management or business analysis 5+ years in an information security specific field, such as: risk assessment and management security infrastructure business analysis, information security system security security standards and compliance or other related discipline. Technical knowledge Demonstrated knowledge of information security discipline via relevant advanced industry certification such as: SSCP, CISA, CCE, Security+, GIAC, CEH, etc Soft skills Able to multi-task and prioritize. Good interpersonal, oral/written communication and organizational skills. Validated ability to provide direction to others and influence decisions made. Ability to communicate complex security concepts to business stakeholders Plan development, alignment, and delivery Education: Bachelor degree in Information Security / Assurance, Computer Science, Information Technology, or a related discipline, or equivalent work experience or technical training with a non-related degree. ISC2 CISSP preferred. We offer our employees a wide range of benefits including career long learning opportunities, tuition reimbursement, 401 (k), pension, flexible schedules, rich health and well-being programs, generous time off allowances, volunteer days and so much more! FM Global is an Equal Opportunity Employer and is committed to attracting, developing and retaining a diverse workforce.

Information Security Analyst

Position Type : Full time Type Of Hire : Experienced (relevant combo of work and education) Education Desired : Bachelor of Computer Science Travel Percentage : 50% Job Description Are you curious, motivated, and forward-thinking? At FIS you’ll have the opportunity to work on some of the most challenging and relevant issues in financial services and technology. Our talented people empower us, and we believe in being part of a team that is open, collaborative, entrepreneurial, passionate and above all fun. What you will be doing: Develops large and/or complex solutions that require analysis and research. Works on multiple projects as a project leader or frequently as the subject matter expert. Works on projects/issues of medium to high complexity that require demonstrated knowledge across multiple technical areas and business segments. Coaches and mentors junior technical staff. Works under minimal supervision on complex projects. Executes security controls to prevent hackers from infiltrating company information or jeopardizing programs. Researches attempted efforts to compromise security protocol and recommends solutions. Maintains SIEM and administers security policies to control access to systems. Creates information security documentation related to work area and completes requests in accordance with company requirements. Responds to information security-related questions and inquiries using established information security tools and procedures. Resolves and/or performs follow through to resolve all information security issues and questions. Implements and administers information security controls using software and vendor security systems. Identifies opportunities and executes plans to improve workflow and understands and quantifies business impacts of those improvements for communication to management. Interfaces with user community to understand security needs and implements procedures to accommodate them. Ensures that user community understands and adheres to necessary procedures to maintain security. Provides status reports on security matters to develop security risk analysis scenarios and response procedures. Other related duties assigned as needed. What you bring: Knowledge of networks technologies (protocols, design concepts, access control) Knowledge of security technologies (encryption, data protection, design, privilege access, etc.) Knowledge of SIEM (Splunk/Qradar) Proficiency in time management, communications, decision making, presentation and organizational skills Proficiency in planning, reporting, establishing goals and objectives, standards, priorities and schedules Basic to intermediate decision-making and problem solving skills Basic to intermediate verbal and written communication skills to technical and non-technical audiences of various levels in the organization Experience establishing and maintaining effective working relationships with employees and/or clients What we offer you: A multifaceted job with a high degree of responsibility and a broad spectrum of opportunities The chance to work on some of the most challenging, relevant issues in financial services & technology A work environment built on collaboration, flexibility and respect . Privacy Statement FIS is committed to protecting the privacy and security of all personal information that we process in order to provide services to our clients. For specific information on how FIS protects personal information online, please see the Online Privacy Notice. EEOC Statement FIS is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, marital status, genetic information, national origin, disability, veteran status, and other protected characteristics. The EEO is the Law poster is available here supplement document available here For positions located in the US, the following conditions apply. If you are made a conditional offer of employment, you will be required to undergo a drug test. ADA Disclaimer: In developing this job description care was taken to include all competencies needed to successfully perform in this position. However, for Americans with Disabilities Act (ADA) purposes, the essential functions of the job may or may not have been described for purposes of ADA reasonable accommodation. All reasonable accommodation requests will be reviewed and evaluated on a case-by-case basis. Sourcing Model Recruitment at FIS works primarily on a direct sourcing model; a relatively small portion of our hiring is through recruitment agencies. FIS does not accept resumes from recruitment agencies which are not on the preferred supplier list and is not responsible for any related fees for resumes submitted to job postings, our employees, or any other part of our company. #pridepass This job is available in 2 locations See allJob Id JR0132682Category Information Date: 03/05/2021

Information Security Analyst

PHEAA is a nonprofit student aid organization that holds a mission of providing affordable access to higher education. Give back tomorrow by joining us today! PHEAA is seeking an IT Security Analyst to join the Enterprise Security Office team. This position is responsible for all aspects of information and network security within the Agency, including the administration of applicable security technologies, proactive monitoring of all information technology assets for potential security issues, identity and access management activities, as well as the application of security best practices to mitigate risks within the organization. This position performs at a moderate level of complexity with proficiency under general supervision. Salary: Commensurate with experience Shift: Monday - Friday, 8:00 am - 5:00 pm Job Security Technology and Controls Support Responsible for administering, monitoring, maintaining the IBM z/OS RACF security application. Assist with coordinating the implementation of the IBM z/OS RACF security application and upgrades to systems as needed. Assist security configurations related to the IBM z/OS RACF security application Participate in the implementation of moderate to high complexity of the IBM z/OS RACF security application security initiatives. Monitor compliance and adherence to agency security policies and assist with violation investigations. Manage end user requests and act as liaison between end users and development teams. Monitoring and processing of configuration change and service desk requests to facilitate timely resolution. Implement and maintain the controls and procedures required to protect the Agency’s information system assets in a cost-effective and uniform manner. Responsible for performing root cause analysis (RCA) of events and incidents. Perform risk analysis to identify any security issues that could lead to lost or stolen data. Deploy and administer vendor and internally developed software and procedures to address security requirements. Project Management Provide accurate estimates and timely updates to project management. Monitor and report on system availability, performance, and capacity metrics. Testing and Documentation Perform analysis, documentation, and testing of enhancements associated with new or existing application functionality. Perform unit testing of system modifications to ensure that the specifications are met, and that there is no unexpected or adverse impact on system performance and functionality. Responsible for application documentation for both technical and functional purposes. Provide support and collect evidence for internal and external audits. Assist with maintaining and testing the department’s Disaster Recovery and Business Continuity Plan. Other Duties and Required to stay current in industry specific knowledge. Other duties as assigned. Required Skills Minimum qualifications: IBM Z/OS RACF security equivalent and four plus years of experience in information security, specializing in information security, or any equivalent combination of training, experience, and/or certifications. Ability to create new batch jobs and handle ABENDs. Working knowledge of REXX and DB2. Solid understanding of RACF including user administration, auditing, digital certificates, and classes. Understanding of IBM Utilities and Dfsort/SyncSort. Ability to interface with RACF from the command line and not entirely rely on tools like z/Secure or Vanguard Ability to research complex issues and read and understand IBM technical documentation. Effective skills with time management, organization and prioritization. Demonstrated ability to accept personal accountability and ownership for areas of responsible. Pursue solutions and make decisions. Proven ability to identify, engage, and coordinate escalation teams to resolve issues in accordance to security objectives. Ability to analyze complex information. Possess a high level of integrity and ethics. Demonstrated exceptional communication skills. Proficient knowledge of Microsoft Suite. Proficient with the implementation of security principles, risk assessment policies and standards, information security best practices, products and technologies, defense-in-depth strategies, and network technologies. Knowledge and experience in several of the following areas: access control, application development, database, encryption, network, security controls, security frameworks such as NIST, server hardening, and server patching technologies. This position will support a federal government contract. Applicants must be able to obtain Public Trust security clearance as required of federal government contractors to include a background check conducted by the [website] Government to determine eligibility and suitability for federal contract employment for public trust or sensitive positions. For this level of clearance, the federal government requires applicants to possess [website] citizenship. In light of this federal government requirement, PHEAA will be unable to hire applicants without United States citizenship for such positions. Essential Duties and Weekend and off shift hours may be required based on business needs. Required Experience

What Does an Information Security Analyst Do?

Information Security Analysts are the backbone of security in your business. They take care of planning and carrying out security features to protect the business’ computer networks and systems. It is important for companies and organizations to keep their online activities safe, as a loophole in the system can cause information to be stolen and cause much damage to the company and its reputation. 

Information Security Analysts come up with disaster recovery plans in case something happens so that the businesses’ information can be kept safe. Analysts have to stay up to date with information technology security measures and the latest details on how hackers attack computer systems.

Information Security Analyst Skills and Qualifications

An Information Security Analyst has to have certain skills and qualifications to do their job well and benefit the company in the long-run. These qualifications are acquired through years of study and work experience.

The following are the major skills employers like to see from an Information Security Analyst:

  • Information security analysts have to anticipate potential danger in the systems and use their ingenuity to implement new methods to protect the company’s systems.
  • Cyber attacks are not easy to spot, so IT specialists have to be aware of any changes in details in the systems.
  • IT specialists should be able to detect and quickly respond to cyber attacks and fix any flaws in the systems.
  • IT specialists should monitor and study computer systems and networks to assess risks and determine how policies can be improved.

Information Security Analyst Salary Expectations

The average salary of an Information Security Analyst is $81,065 per year.

Information Security Analyst Education and Training Requirements

The education requirements of an Information Security Analyst usually include having a Bachelor’s in Computer Science, Programming or Information Assurance. Some employers also prefer IT analysts who have a Master’s of Business Administration in Information Systems which provide computer and business courses.

There are also many certifications for IT professionals that prove their on-the-job knowledge. These include general information certificates like the Certified Information Systems Security Professional. Other certifications are more focused on a particular subject.

Information Security Analyst Experience Requirements

Usually, an Information Security Analyst is preferred to have previous work experience in the field. Many Analysts can have experience in the IT department as a network administrator. Employers want to hire Analysts who have worked in the particular field they are hiring for. For example, a systems security opening would seek a strong candidate who has worked in computer systems analysis.

Job Description Samples for Similar Positions

If you are not quite looking for an Information Security Analyst, then take a look at the below job description samples for similar positions that might be closer to the position you are looking to fill:

Job Description Examples

Need help writing a job description for a specific role? Use these job description examples to create your next great job posting. Or if you’re ready to hire, post your job on Indeed.

No search results found

    *Indeed provides this information as a courtesy to users of this site. Please note that we are not your career or legal advisor, and none of the information provided herein guarantees a job offer.