dcsimg

IT Security Systems Schools

Information security systems analysts: An overview

IT security systems analysts conceptualize, design and implement security attacks against a computer system to identify a system's vulnerabilities and strengthen them. They can also decode and identify malware, computer viruses, and worms. IT security systems analysts need a solid understanding of computer science, information technology and software programming, and the ability to think creatively.

According to the Bureau of Labor Statistics (BLS), information security analysts usually need a bachelor's degree in computer science or a related subject (BLS.gov/ooh, 2012). Security analysts may be required to have earned an MBA in information systems. An MBA generally requires two years of study beyond a bachelor's degree and can prepare analysts for managing other security teams or security departments, as well as preparing the security analyst for working with a company's management.

In addition to earning a degree in a related field, the BLS also notes that information security analysts may be required to have prior work experience in a related occupation or field, such as computer systems analysis, database administration, or software programming.

While the job description of an information security analyst can change from employer to employer, information security analysts can generally expect to do the following:

  • Implement firewalls across an entire network
  • Deconstruct worms and viruses
  • Monitor traffic for malicious activity
  • Create "honeypot" defenses for attackers
  • Perform a penetration test on their own security measures

A number of certifications are available to IT security analysts to display their varied security skills:

  • EC-Council: Ethical Hacker Certification
  • TruSecure: TICSA Certification: Information Security Basics
  • CompTIA: Security+ Certification
  • (ISC)2: Certified Information Systems Security Professional

Many of the certifications for information security analysts are vendor-neutral, meaning they are not offered by a software provider or that they focus on software from a specific vendor, and none of the certifications require state, agency or government approval. Similar to locksmiths and safecrackers, there is no difference in the skills or tools of a professional information security analyst and a criminal hacker, only how they choose to use their skills (Forbes.com, 2012).

Skills of a security systems analyst

Since the job of an IT security systems analyst is to outthink hackers, this can involve anticipating where an attack might come from and how the attack might be carried out. Sometimes this involves breaking into the analyst's own network. As a result, the BLS notes that information security analysts may benefit from the following skills (BLS.gov/ooh, 2012):

  • Ingenuity
  • Good problem-solving skills
  • Creativity
  • Excellent attention to detail
  • Strong organization skills
  • Solid analytical skills
  • Ability to work well as part of a team

Additionally, information security analysts should have the mindset of a hacker, continually testing boundaries and limitations (Forbes.com, 2012). Because those who may attempt to break a network's security will not obey rules and industry norms, analysts who want to protect data should think like someone who wants to steal data.

This might require analysts to dupe their own employees with viruses they created in order to test the firewalls of a network and even leverage social engineering to get their co-workers to break their own security (WSJ.com, 2013). In essence, it is vital for an information security analyst to possess a) the knowledge of how to cheat at IT security, and b) the willingness to do so.

"Hacking is cheating, and it's how we get better at security," wrote security technologist Bruce Shneier (Schneier, 2006). "We need these people in security, and we need them on our side. Criminals are always trying to figure out how to break security systems. Field a new system -- an ATM, an online banking system, a gambling machine -- and criminals will try to make an illegal profit off it. They'll figure it out eventually, because some hackers are also criminals. But if we have hackers working for us, they'll figure it out first -- and then we can defend ourselves."

Tools of the security systems analyst

The tools of an IT security systems analyst are the same as those used by hackers, so it stands to reason that security analysts can expect to use some of the following hacker tools while preparing their company's security:

  • Network vulnerability scanners such as Nmap and GFI LanGuard

o   These software tools look for unrestricted ports, information on usernames, passwords and group info. When used maliciously, these are called "worms."

  • Network analyzer software such as OmniPeek and Aircrack-ng

o   This software allows a security analyst to monitor traffic across an entire network and spot potential denial of service (DoS) attacks or traffic bottlenecks.

  • Exploit software such as Metasploit and Milw0rm

o   Exploit software looks for bugs in the code that could be exploited by an attacker to gain privileged data or facilitate a DoS attack.

  • Database security software such as AppDetectivePro and SQLPing3

o   This software locates any and all databases across an entire network and monitors the activity of each database, similar to a network analyzer, while also checking for potential exploits.

    Information security analysts may also need to understand the types of vulnerabilities and weapons of attack, such as DoS attacks, SQL injections, and man-in-the-middle attacks. Man-in-the-middle attacks breach security on information after it leaves a user's computer and before it reaches the network, often as it passes through an email system or a website. As such, information security analysts may create and disassemble computer viruses, malware, spyware, computer worms, and Trojans. Security analysts may also be expected to know various programming languages such as C, Java, and SQL, among others.

    Employment opportunities for security systems analysts

    IT security analysts can be employed under many job titles, including:

    • Security Managers
    • Information Security Analysts
    • Systems Security Analysts
    • Penetration Testers
    • Code Breakers
    • Data Security Engineer
    • Security Engineer
    • Cyber Security Analysts

    The Bureau of Labor Statistics reports that, as of May 2012, information security analysts earned a national median annual wage of $86,170, with the highest and lowest 10 percent earning $135,600 and $49,960, respectively (BLS.gov/oes, 2013).

    According to the BLS, employment for information security analysts is expected to increase 22 percent from 2010 to 2020 (BLS.gov/ooh, 2012). Because cyber attacks have grown both in frequency and sophistication, as recent data mining attacks on major news outlets and search engines make clear, organizations are expected to increase their staff of security analysts to guard against these new threats. Two primary employers of information security analysts are projected to be the federal government and the health care industry, as analysts will be needed to protect the nation's critical information technology systems and to safeguard patient records (BLS.gov/ooh, 2012).

    Sources:

    EC-Council, Courses: Certified Ethical Hacker, 2013, http://www.eccouncil.org/courses/certified_ethical_hacker.aspx
    Forbes, Exploding The Myth Of The 'Ethical Hacker,'" Conrad Constantine and Dominique Karg, http://www.forbes.com/sites/parmyolson/2012/07/31/exploding-the-myth-of-the-ethical-hacker/
    Bureau of Labor Statistics, U.S. Department of Labor, Occupational Outlook Handbook, 2012-13 Edition, Information Security Analysts, Web Developers, and Computer Network Architects, March 29, 2012, http://www.bls.gov/ooh/computer-and-information-technology/information-security-analysts-web-developers-and-computer-network-architects.htm
    Bureau of Labor Statistics, U.S. Department of Labor, Occupational Employment Statistics: Occupational Employment and Wages, May 2012, Information Security Analysts, March 29, 2013, http://www.bls.gov/oes/current/oes151122.htm
    The Wall Street Journal, "You Won't Believe How Adorable This Kitty Is! Click for More!," Geoffrey A. Fowler, March 26, 2013, http://online.wsj.com/article/SB10001424127887324373204578373011392662962.html
    Schneier on Security, "What is a Hacker?," Bruce Schneier [blog], September 14, 2006, http://www.schneier.com/blog/archives/2006/09/what_is_a_hacke.html

    Search for Campus and Online Systems Security Schools Below

    Click on a school to request more information.

    Refine School Matches
    Hide filters
    • SUBJECT Clear All

      See More

    • DEGREE

      See More

    • PROGRAM TYPE

    • START TIME

      LOCATION
      Please enter valid US or Canada Zip.

    Searching Searching ...

    Prefer exploring options talking to our staff?
    Call toll free now: 1.855.330.6938
    Matching School Ads
    5 Program(s) Found
    • Programs include Bachelor of Science in Criminal Justice, Master of Science in Criminal Justice, and more.
    • Advanced degrees in criminal justice help working professionals stay up to date on the latest law enforcement practices.
    • Some programs offer the opportunity for hands-on experience working on real criminal cases.
    • Flexible online and campus-based programs available.
    Good for Working Adults
    • Online Courses
    • Flexible Scheduling
    • Financial Aid
    • Transferable Credits
    1 Program(s) Found
    • Has specialized in career training since 1982.
    • Offers beginning to advanced training in computer repair, medical assisting, cosmetology, nursing, and more.
    • Continually maintains programs according to industry needs by working closely with industry experts and employers.
    • Provides well-equipped training facilities to give students the advantage of hands-on training.
    • Its instructors attend seminars and workshops to keep current with new technology and topics.
    Good for Working Adults
    • Accredited
    • Flexible Scheduling
    • Financial Aid
    • Transferable Credits
    5 Program(s) Found
    • Online Master’s in IT was ranked among the Best Online Programs in 2017 by U.S. News and World Report
    • Offers several bachelor’s degree programs, including Cyber Security, Information Systems Management, and Information Technology
    • Students study core concepts such as programming, system administration, security, and databases
    • Concentrations in Information Technology include IT Security, Network Management, Web Development, and more
    Good for Working Adults
    • Online Courses
    • Flexible Scheduling
    • Accelerated Programs
    • Financial Aid
    • Transferable Credits
    4 Program(s) Found
    • Recognized in the first Best for Vets: Business Schools list in Military Times Edge magazine’s 2013 “Best for Vets” edition.
    • Offers MUSE (My Unique Student Experience), a content delivery system that gives students the option to watch, view, read or listen to required course materials.
    • Allows students to complete courses at whatever pace they want.
    • A DANTES-affiliated university and member of the Service Members Opportunity Colleges.
    • Offers IntelliPath, a proprietary learning technology that lets students learn at their own pace.
    Good for Working Adults
    • Online Courses
    • Flexible Scheduling
    • Financial Aid
    • Transferable Credits
    2 Program(s) Found
    ECPI University , North Charleston
    • Named a Best for Vets school by the Military Times in 2014.
    • Has specialized in student-centered technology, business, criminal justice, health science, and culinary education for over 45 years.
    • Makes it possible for students to earn a bachelor’s degree in 2.5 years or an associate’s in 1.5 years by providing a year-round schedule.
    • Offers externships and clinical experience that help students prepare for life after they graduate.
    • Has 10 campuses across the mid-Atlantic, plus online degree programs.
    Good for Working Adults
    • Flexible Scheduling
    • Accelerated Programs
    • Financial Aid
    • Transferable Credits
    2 Program(s) Found
    • Bachelor’s program options include Cybersecurity, Information Systems Technology, Computer Science, and more.
    • A BAS in Information Systems Technology is also available for students who already hold an A.A.S degree.
    • Regent University’s tech programs are designed to prepare students for careers in Software Development and Engineering, Computer Information Security, Network Administration, and more.
    • Regionally accredited by the Southern Association of Colleges and Schools Commission on Colleges (SACSCOC).
    • Online Courses
    3 Program(s) Found
    • Grand Canyon University's online technology programs offer a premier educational experience designed to lead you to a career in science, technology, engineering and math.
    • The College of Science, Engineering and Technology strives to create a challenging and engaging, inquiry-based learning environment.
    • Choose from a variety of undergraduate and graduate programs, such as cyber security, computer programming, information technology, business analytics and more.
    • GCU's education nurtures and supports a Christian worldview, which informs ethical decision-making.
    • Pursue a next-generation education with an online program or join Grand Canyon University's vibrant and growing campus community in beautiful Phoenix, Arizona.
    Good for Working Adults
    • Accredited
    • Online Courses
    • Flexible Scheduling
    • Accelerated Programs
    • Financial Aid
    • Transferable Credits
    1 Program(s) Found
    UEI College , El Monte
    • Dedicated to providing career training since 1975.
    • Has 13 campus locations in Southern California and a campus in Morrow, GA.
    • Provides flexible class times including weekends.
    • Offers curriculum that ranges from 8 month diploma programs to 16-month Associate of Applied Science degree programs.
    • Has admissions professionals available to help students decide which diploma or degree program they should pursue.
    • Gives job placement assistance strengthened by relationships with local employers.
    Good for Working Adults
    • Accredited
    • Flexible Scheduling
    • Financial Aid
    1 Program(s) Found
    • Online Bachelor's programs include BBA, Criminal Justice, Psychology, IT, Healthcare Management & Public Health
    • Over 115 years of delivering quality education and personalized attention to students
    • Provide a range of campus experiences and services online including advising, tutoring, student community, and career services
    • Give students and alumni access to career assistants who help with resumes, cover letters, job hunting, and more.
    Good for Working Adults
    • Online Courses
    • Flexible Scheduling
    • Financial Aid
    • Transferable Credits
    3 Program(s) Found

    Since 1977, Keiser University has maintained a practical, hands-on approach to career education to help our students achieve their personal and professional goals.  Our student-centered approach remains at the foundation of the Keiser University mission and continues to attract students who prefer a more personal learning experience.