dcsimg

IT Security Systems Schools

Information security systems analysts: An overview

IT security systems analysts conceptualize, design and implement security attacks against a computer system to identify a system's vulnerabilities and strengthen them. They can also decode and identify malware, computer viruses, and worms. IT security systems analysts need a solid understanding of computer science, information technology and software programming, and the ability to think creatively.

According to the Bureau of Labor Statistics (BLS), information security analysts usually need a bachelor's degree in computer science or a related subject (BLS.gov/ooh, 2012). Security analysts may be required to have earned an MBA in information systems. An MBA generally requires two years of study beyond a bachelor's degree and can prepare analysts for managing other security teams or security departments, as well as preparing the security analyst for working with a company's management.

In addition to earning a degree in a related field, the BLS also notes that information security analysts may be required to have prior work experience in a related occupation or field, such as computer systems analysis, database administration, or software programming.

While the job description of an information security analyst can change from employer to employer, information security analysts can generally expect to do the following:

  • Implement firewalls across an entire network
  • Deconstruct worms and viruses
  • Monitor traffic for malicious activity
  • Create "honeypot" defenses for attackers
  • Perform a penetration test on their own security measures

A number of certifications are available to IT security analysts to display their varied security skills:

  • EC-Council: Ethical Hacker Certification
  • TruSecure: TICSA Certification: Information Security Basics
  • CompTIA: Security+ Certification
  • (ISC)2: Certified Information Systems Security Professional

Many of the certifications for information security analysts are vendor-neutral, meaning they are not offered by a software provider or that they focus on software from a specific vendor, and none of the certifications require state, agency or government approval. Similar to locksmiths and safecrackers, there is no difference in the skills or tools of a professional information security analyst and a criminal hacker, only how they choose to use their skills (Forbes.com, 2012).

Skills of a security systems analyst

Since the job of an IT security systems analyst is to outthink hackers, this can involve anticipating where an attack might come from and how the attack might be carried out. Sometimes this involves breaking into the analyst's own network. As a result, the BLS notes that information security analysts may benefit from the following skills (BLS.gov/ooh, 2012):

  • Ingenuity
  • Good problem-solving skills
  • Creativity
  • Excellent attention to detail
  • Strong organization skills
  • Solid analytical skills
  • Ability to work well as part of a team

Additionally, information security analysts should have the mindset of a hacker, continually testing boundaries and limitations (Forbes.com, 2012). Because those who may attempt to break a network's security will not obey rules and industry norms, analysts who want to protect data should think like someone who wants to steal data.

This might require analysts to dupe their own employees with viruses they created in order to test the firewalls of a network and even leverage social engineering to get their co-workers to break their own security (WSJ.com, 2013). In essence, it is vital for an information security analyst to possess a) the knowledge of how to cheat at IT security, and b) the willingness to do so.

"Hacking is cheating, and it's how we get better at security," wrote security technologist Bruce Shneier (Schneier, 2006). "We need these people in security, and we need them on our side. Criminals are always trying to figure out how to break security systems. Field a new system -- an ATM, an online banking system, a gambling machine -- and criminals will try to make an illegal profit off it. They'll figure it out eventually, because some hackers are also criminals. But if we have hackers working for us, they'll figure it out first -- and then we can defend ourselves."

Tools of the security systems analyst

The tools of an IT security systems analyst are the same as those used by hackers, so it stands to reason that security analysts can expect to use some of the following hacker tools while preparing their company's security:

  • Network vulnerability scanners such as Nmap and GFI LanGuard

o   These software tools look for unrestricted ports, information on usernames, passwords and group info. When used maliciously, these are called "worms."

  • Network analyzer software such as OmniPeek and Aircrack-ng

o   This software allows a security analyst to monitor traffic across an entire network and spot potential denial of service (DoS) attacks or traffic bottlenecks.

  • Exploit software such as Metasploit and Milw0rm

o   Exploit software looks for bugs in the code that could be exploited by an attacker to gain privileged data or facilitate a DoS attack.

  • Database security software such as AppDetectivePro and SQLPing3

o   This software locates any and all databases across an entire network and monitors the activity of each database, similar to a network analyzer, while also checking for potential exploits.

    Information security analysts may also need to understand the types of vulnerabilities and weapons of attack, such as DoS attacks, SQL injections, and man-in-the-middle attacks. Man-in-the-middle attacks breach security on information after it leaves a user's computer and before it reaches the network, often as it passes through an email system or a website. As such, information security analysts may create and disassemble computer viruses, malware, spyware, computer worms, and Trojans. Security analysts may also be expected to know various programming languages such as C, Java, and SQL, among others.

    Employment opportunities for security systems analysts

    IT security analysts can be employed under many job titles, including:

    • Security Managers
    • Information Security Analysts
    • Systems Security Analysts
    • Penetration Testers
    • Code Breakers
    • Data Security Engineer
    • Security Engineer
    • Cyber Security Analysts

    The Bureau of Labor Statistics reports that, as of May 2012, information security analysts earned a national median annual wage of $86,170, with the highest and lowest 10 percent earning $135,600 and $49,960, respectively (BLS.gov/oes, 2013).

    According to the BLS, employment for information security analysts is expected to increase 22 percent from 2010 to 2020 (BLS.gov/ooh, 2012). Because cyber attacks have grown both in frequency and sophistication, as recent data mining attacks on major news outlets and search engines make clear, organizations are expected to increase their staff of security analysts to guard against these new threats. Two primary employers of information security analysts are projected to be the federal government and the health care industry, as analysts will be needed to protect the nation's critical information technology systems and to safeguard patient records (BLS.gov/ooh, 2012).

    Sources:

    EC-Council, Courses: Certified Ethical Hacker, 2013, http://www.eccouncil.org/courses/certified_ethical_hacker.aspx
    Forbes, Exploding The Myth Of The 'Ethical Hacker,'" Conrad Constantine and Dominique Karg, http://www.forbes.com/sites/parmyolson/2012/07/31/exploding-the-myth-of-the-ethical-hacker/
    Bureau of Labor Statistics, U.S. Department of Labor, Occupational Outlook Handbook, 2012-13 Edition, Information Security Analysts, Web Developers, and Computer Network Architects, March 29, 2012, http://www.bls.gov/ooh/computer-and-information-technology/information-security-analysts-web-developers-and-computer-network-architects.htm
    Bureau of Labor Statistics, U.S. Department of Labor, Occupational Employment Statistics: Occupational Employment and Wages, May 2012, Information Security Analysts, March 29, 2013, http://www.bls.gov/oes/current/oes151122.htm
    The Wall Street Journal, "You Won't Believe How Adorable This Kitty Is! Click for More!," Geoffrey A. Fowler, March 26, 2013, http://online.wsj.com/article/SB10001424127887324373204578373011392662962.html
    Schneier on Security, "What is a Hacker?," Bruce Schneier [blog], September 14, 2006, http://www.schneier.com/blog/archives/2006/09/what_is_a_hacke.html

    Search for Campus and Online Systems Security Schools Below

    Click on a school to request more information.

    Refine School Matches
    Hide filters
    • SUBJECT Clear All

      See More

    • DEGREE

      See More

    • PROGRAM TYPE

    • START TIME

      LOCATION
      Please enter valid US or Canada Zip.

    Searching Searching ...

    Prefer exploring options talking to our staff?
    Call toll free now: 1.855.330.6938
    Matching School Ads
    1 Program(s) Found
    • Has students attend one four-week class at a time and take their final exam before moving on to their next class.
    • Offers 24/7 online tech support, with a typical response time of 4 hours or less.
    • Has online help centers that offer assistance with writing, statistics, medical assisting, and more.
    • Provides job placement assistance to all its students and alumni.
    • Researches trends for growing fields to tailor a more effective curriculum.
    Show more [+]
    Good for Working Adults
    • Accredited
    • Online Courses
    • Flexible Scheduling
    • Financial Aid
    • Transferable Credits
    1 Program(s) Found
    • Offers several scholarship opportunities for students who qualify.
    • Laptop computers are issued to each student at the beginning of their program.
    • Provides programs in health care, business, information technology, and graphic arts.
    • Respiratory Therapy program is accredited by the Commission on Accreditation for Respiratory Care (CoARC).
    • Accredited by the Accrediting Commission of Career Schools and Colleges (ACCSC).

    Our family of non-profit colleges admits students of any race, color, and national or ethnic origin.

    Show more [+]
    5 Program(s) Found
    • Liberty University’s online programs ranked in the top 10 out of more than 2,100 colleges & universities for academic quality, affordability, and accessibility.*
    • 100% online programs at associate, bachelor’s, master’s, and doctoral level.**
    • Transfer up to 90 credits into an undergraduate degree program.
    • Up to 50% of your master’s degree can be transferred in to help you get the most out of your hard work and maximize the credit you previously earned.
    Show more [+]
    • Accredited
    • Online Courses
    • Financial Aid
    • Transferable Credits
    3 Program(s) Found
    • Bachelor’s program options include Cybersecurity, Information Systems Technology, Computer Science, and more.
    • A BAS in Information Systems Technology is also available for students who already hold an A.A.S degree.
    • Regent University’s tech programs are designed to prepare students for careers in Software Development and Engineering, Computer Information Security, Network Administration, and more.
    • Regionally accredited by the Southern Association of Colleges and Schools Commission on Colleges (SACSCOC).
    • Online Courses
    5 Program(s) Found
    ABCO Technology , Inglewood
    • An accredited computer training academy preparing students to enter the IT industry as Network Engineers, Software Engineers, Web Apps Developer, Website Designers, Programmers, Database Administrators since 2000.
    • Holds A+ certification from CompTIA.
    • Located in Los Angeles, approximately 10 minutes away from LAX.
    • Flexible class schedules offered during day times, evenings and weekends.
    • Helping students start a career in technology within 3 - 9 months.
    • Educates with the mission to serve the needs of the local community and graduates by matching opportunities to skills.
    • Military friendly school.
    Show more [+]
    Good for Working Adults
    • Flexible Scheduling
    • Financial Aid
    5 Program(s) Found

    What They’re Known For

    Founded in 1946 and located in the heart of central New York, Utica College is a regionally accredited, independent, private institution that features many of the advantages of a large university — such as undergraduate and graduate degree options, excellent academics, and outstanding faculty — with the intimacy and high degree of personal attention more closely associated with smaller private institutions.


    • Online Courses
    1 Program(s) Found
    • The M.S. in Cybersecurity provides the necessary foundations for the design and development of systems that are assured to be secure
    • Founded in 1901, the school has maintained its reputation as a leader in the field, offering a curriculum built on theory, fundamentals, and application with a worldwide community of over 20,000 engineering and computer science alumni
    • Syracuse University’s College of Engineering and Computer Science is designated by the National Security Agency and Department of Homeland Security as a Center of Academic Excellence in Information Assurance Education (CAEIAE) since 2001 and as a Center of Academic Excellence in Information Assurance Research (CAE-R) since 2009.
    • Designed and taught by Syracuse faculty, the curriculum built on theory, fundamentals, and application.
    Show more [+]
    • Online Courses
    5 Program(s) Found
    • Its Fast Track program enables qualified students to save up to 30% on tuition and graduate up to 30% faster.
    • Its online MBA program was named by the International Graduate Forum as a top 10 Online MBA Program in 2012.
    • Listed as a military friendly school by G.I. Jobs magazine in 2014.
    • Lets students watch, view, read, or hear content through its program, My Unique Student Experience (M.U.S.E.).
    • Has additional campus locations near military bases in Colorado Springs and Denver.
    Show more [+]
    Good for Working Adults
    • Online Courses
    • Flexible Scheduling
    • Accelerated Programs
    • Financial Aid
    • Transferable Credits
    5 Program(s) Found

    See What’s Possible When You Earn a Degree at Florida Tech 100% Online

    Whatever your motivation for considering an undergraduate or graduate degree, Florida Tech offers programs online that can meet your needs. Here are a few reasons Florida Tech may be the right choice for you.

    • Online Courses
    2 Program(s) Found

    50 Years of Excellence In Education

    Coleman University is a private non-profit teaching university founded in 1963 and located in San Diego, California. Its undergraduate and graduate programs prepare individuals for technology-focused careers and leadership. As San Diego’s oldest school dedicated to information technology, Coleman University has historically educated a large number of the region’s business-technology professionals.