dcsimg

IT Security Systems Schools

Information security systems analysts: An overview

IT security systems analysts conceptualize, design and implement security attacks against a computer system to identify a system's vulnerabilities and strengthen them. They can also decode and identify malware, computer viruses, and worms. IT security systems analysts need a solid understanding of computer science, information technology and software programming, and the ability to think creatively.

According to the Bureau of Labor Statistics (BLS), information security analysts usually need a bachelor's degree in computer science or a related subject (BLS.gov/ooh, 2012). Security analysts may be required to have earned an MBA in information systems. An MBA generally requires two years of study beyond a bachelor's degree and can prepare analysts for managing other security teams or security departments, as well as preparing the security analyst for working with a company's management.

In addition to earning a degree in a related field, the BLS also notes that information security analysts may be required to have prior work experience in a related occupation or field, such as computer systems analysis, database administration, or software programming.

While the job description of an information security analyst can change from employer to employer, information security analysts can generally expect to do the following:

  • Implement firewalls across an entire network
  • Deconstruct worms and viruses
  • Monitor traffic for malicious activity
  • Create "honeypot" defenses for attackers
  • Perform a penetration test on their own security measures

A number of certifications are available to IT security analysts to display their varied security skills:

  • EC-Council: Ethical Hacker Certification
  • TruSecure: TICSA Certification: Information Security Basics
  • CompTIA: Security+ Certification
  • (ISC)2: Certified Information Systems Security Professional

Many of the certifications for information security analysts are vendor-neutral, meaning they are not offered by a software provider or that they focus on software from a specific vendor, and none of the certifications require state, agency or government approval. Similar to locksmiths and safecrackers, there is no difference in the skills or tools of a professional information security analyst and a criminal hacker, only how they choose to use their skills (Forbes.com, 2012).

Skills of a security systems analyst

Since the job of an IT security systems analyst is to outthink hackers, this can involve anticipating where an attack might come from and how the attack might be carried out. Sometimes this involves breaking into the analyst's own network. As a result, the BLS notes that information security analysts may benefit from the following skills (BLS.gov/ooh, 2012):

  • Ingenuity
  • Good problem-solving skills
  • Creativity
  • Excellent attention to detail
  • Strong organization skills
  • Solid analytical skills
  • Ability to work well as part of a team

Additionally, information security analysts should have the mindset of a hacker, continually testing boundaries and limitations (Forbes.com, 2012). Because those who may attempt to break a network's security will not obey rules and industry norms, analysts who want to protect data should think like someone who wants to steal data.

This might require analysts to dupe their own employees with viruses they created in order to test the firewalls of a network and even leverage social engineering to get their co-workers to break their own security (WSJ.com, 2013). In essence, it is vital for an information security analyst to possess a) the knowledge of how to cheat at IT security, and b) the willingness to do so.

"Hacking is cheating, and it's how we get better at security," wrote security technologist Bruce Shneier (Schneier, 2006). "We need these people in security, and we need them on our side. Criminals are always trying to figure out how to break security systems. Field a new system -- an ATM, an online banking system, a gambling machine -- and criminals will try to make an illegal profit off it. They'll figure it out eventually, because some hackers are also criminals. But if we have hackers working for us, they'll figure it out first -- and then we can defend ourselves."

Tools of the security systems analyst

The tools of an IT security systems analyst are the same as those used by hackers, so it stands to reason that security analysts can expect to use some of the following hacker tools while preparing their company's security:

  • Network vulnerability scanners such as Nmap and GFI LanGuard

o   These software tools look for unrestricted ports, information on usernames, passwords and group info. When used maliciously, these are called "worms."

  • Network analyzer software such as OmniPeek and Aircrack-ng

o   This software allows a security analyst to monitor traffic across an entire network and spot potential denial of service (DoS) attacks or traffic bottlenecks.

  • Exploit software such as Metasploit and Milw0rm

o   Exploit software looks for bugs in the code that could be exploited by an attacker to gain privileged data or facilitate a DoS attack.

  • Database security software such as AppDetectivePro and SQLPing3

o   This software locates any and all databases across an entire network and monitors the activity of each database, similar to a network analyzer, while also checking for potential exploits.

    Information security analysts may also need to understand the types of vulnerabilities and weapons of attack, such as DoS attacks, SQL injections, and man-in-the-middle attacks. Man-in-the-middle attacks breach security on information after it leaves a user's computer and before it reaches the network, often as it passes through an email system or a website. As such, information security analysts may create and disassemble computer viruses, malware, spyware, computer worms, and Trojans. Security analysts may also be expected to know various programming languages such as C, Java, and SQL, among others.

    Employment opportunities for security systems analysts

    IT security analysts can be employed under many job titles, including:

    • Security Managers
    • Information Security Analysts
    • Systems Security Analysts
    • Penetration Testers
    • Code Breakers
    • Data Security Engineer
    • Security Engineer
    • Cyber Security Analysts

    The Bureau of Labor Statistics reports that, as of May 2012, information security analysts earned a national median annual wage of $86,170, with the highest and lowest 10 percent earning $135,600 and $49,960, respectively (BLS.gov/oes, 2013).

    According to the BLS, employment for information security analysts is expected to increase 22 percent from 2010 to 2020 (BLS.gov/ooh, 2012). Because cyber attacks have grown both in frequency and sophistication, as recent data mining attacks on major news outlets and search engines make clear, organizations are expected to increase their staff of security analysts to guard against these new threats. Two primary employers of information security analysts are projected to be the federal government and the health care industry, as analysts will be needed to protect the nation's critical information technology systems and to safeguard patient records (BLS.gov/ooh, 2012).

    Sources:

    EC-Council, Courses: Certified Ethical Hacker, 2013, http://www.eccouncil.org/courses/certified_ethical_hacker.aspx
    Forbes, Exploding The Myth Of The 'Ethical Hacker,'" Conrad Constantine and Dominique Karg, http://www.forbes.com/sites/parmyolson/2012/07/31/exploding-the-myth-of-the-ethical-hacker/
    Bureau of Labor Statistics, U.S. Department of Labor, Occupational Outlook Handbook, 2012-13 Edition, Information Security Analysts, Web Developers, and Computer Network Architects, March 29, 2012, http://www.bls.gov/ooh/computer-and-information-technology/information-security-analysts-web-developers-and-computer-network-architects.htm
    Bureau of Labor Statistics, U.S. Department of Labor, Occupational Employment Statistics: Occupational Employment and Wages, May 2012, Information Security Analysts, March 29, 2013, http://www.bls.gov/oes/current/oes151122.htm
    The Wall Street Journal, "You Won't Believe How Adorable This Kitty Is! Click for More!," Geoffrey A. Fowler, March 26, 2013, http://online.wsj.com/article/SB10001424127887324373204578373011392662962.html
    Schneier on Security, "What is a Hacker?," Bruce Schneier [blog], September 14, 2006, http://www.schneier.com/blog/archives/2006/09/what_is_a_hacke.html

    Search for Campus and Online Systems Security Schools Below

    Click on a school to request more information.

    Refine School Matches
    Hide filters
    • SUBJECT Clear All

      See More

    • DEGREE

      See More

    • PROGRAM TYPE

    • START TIME

      LOCATION
      Please enter valid US or Canada Zip.

    Searching Searching ...

    Prefer exploring options talking to our staff?
    Call toll free now: 1.855.330.6938
    Matching School Ads
    5 Program(s) Found
    • There's still time to apply to Grand Canyon University and pursue your education. Learn more today!
    • Study on your schedule - GCU offers many programs 100% online to fit your busy lifestyle.
    • GCU offers a variety of opportunities to reduce the cost of furthering your education. Campus students may qualify for scholarships, while online students can take part in limited special offers.
    • A regionally accredited university, GCU also holds specialized accreditations and approvals for some of our core program offerings.
    • Degrees in business, education, nursing, humanities and social sciences, theology and more. Find the degree that fits you.
    • Talk to us today to learn more about financial aid and start dates!
    Good for Working Adults
    • Accredited
    • Online Courses
    • Flexible Scheduling
    • Accelerated Programs
    • Financial Aid
    • Transferable Credits
    1 Program(s) Found

    The Secret to Getting Ahead is Getting Started

     

    Congratulations! Your interest in California College San Diego is an important first step toward changing your life. A career-focused degree is the key to a new career with a potentially higher income, better benefits, and more satisfaction.

    5 Program(s) Found
    ABCO Technology , Inglewood
    • An accredited computer training academy preparing students to enter the IT industry as Network Engineers, Software Engineers, Web Apps Developer, Website Designers, Programmers, Database Administrators since 2000.
    • Holds A+ certification from CompTIA.
    • Located in Los Angeles, approximately 10 minutes away from LAX.
    • Flexible class schedules offered during day times, evenings and weekends.
    • Helping students start a career in technology within 3 - 9 months.
    • Educates with the mission to serve the needs of the local community and graduates by matching opportunities to skills.
    • Military friendly school.
    Show more [+]
    Good for Working Adults
    • Flexible Scheduling
    • Financial Aid
    2 Program(s) Found

    50 Years of Excellence In Education

    Coleman University is a private non-profit teaching university founded in 1963 and located in San Diego, California. Its undergraduate and graduate programs prepare individuals for technology-focused careers and leadership. As San Diego’s oldest school dedicated to information technology, Coleman University has historically educated a large number of the region’s business-technology professionals.

     

    5 Program(s) Found

    Utica College, founded in 1946, is a comprehensive private institution located in upstate central New York.  The College offers regionally accredited online certificates, bachelors, masters, and doctoral degrees in healthcare, cybersecurity, financial crime, nursing, physical therapy, business, criminal justice, and data science.  All courses are taught by credentialed, highly experienced faculty with significant and ongoing accomplishments in their respective fields.

    • Online Courses
    1 Program(s) Found

    Discover the Difference a Community of Support Makes in Your Educational Journey. From Application to Graduation, the Support You Need to Achieve Your Goals. 100% Online.

    New England College was founded in 1946 to educate soldiers coming home from war. The same great support system that welcomed returning GIs is still a hallmark of NEC today. From enrollment services representatives who’ll guide you through the application process to interactive tools that help you collaborate with instructors and classmates, NEC inspires you to reach the milestones of your educational journey.

    Good for Working Adults
    • Online Courses
    • Flexible Scheduling
    • Financial Aid
    • Transferable Credits
    2 Program(s) Found
    • Ranked among the Best Online Bachelor's Programs in 2014 by U.S. News & World Report.
    • Implements a one-to-one teaching model, partnering one student with one faculty member in each course.
    • 100% of faculty members hold doctoral degrees.
    • No physical residency requirements, allowing students to pursue their degree online.
    • Committed to innovation, diversity, excellence, and accountability since its founding in 1996.
    • Offers several programs in business, education, psychology, and more.
    Show more [+]
    • Online Courses
    • Financial Aid
    • Transferable Credits
    1 Program(s) Found
    • For the 12th consecutive year, Cal U was named one for the best schools in the Northeast by The Princeton Review 
    • Recognized by the U.S. News and World Report for: Best Online Programs, Bachelor’s 2017, Best Online Programs, Grad Education 2017 and Best Online Programs, Bachelor’s for Veterans 2017
    • Quality Online courses at Cal U have the same objectives, content and learning outcomes as campus-based programs and are taught by the same expert professors.
    • Offers private school amenities at a public school cost. Student-to-teacher ratio of 20:1
    • CAL U online programs complete an annual assessment of student learning to ensure outcomes are focused on your success in career entry, advancement or enhancement!
    Show more [+]
    • Accredited
    • Online Courses
    • Accelerated Programs
    • Financial Aid
    • Transferable Credits
    1 Program(s) Found

    The University of Delaware’s tradition of proven academic excellence in online learning brings together expert faculty, experiential learning, and the flexible access online learning offers.

    • Online Courses
    1 Program(s) Found
    Platt College , Anaheim
    • A Los Angeles-based private college offering programs in medical sciences, legal studies, and graphic design since 1985.
    • Has weekend programs, including certified  veterinary technology, nurse assistant, and hemodialysis technician.
    • Showcases visual communication students’ artwork and design through campus magazine.
    • 3 campuses in Southern California.
    • Accredited by the Accrediting Commission of Career Schools and Colleges (ACCSC).
    Show more [+]
    Good for Working Adults
    • Accredited
    • Flexible Scheduling
    • Accelerated Programs
    • Financial Aid
    • Transferable Credits