Cyber Security training from QA

The ideal IT Security Analyst

Interested in what a job as a IT Security Analyst entails? Or what key skills a good candidate will hold? Take a look at what makes the ideal IT Security Analyst and the processes an organisation should adhere to.

Mark Amory | 7 July 2015

IT security is by any standard, a very wide topic to look at, and so it would be accurate to say that an ideal Information Security Analyst has to have a good, broad understanding of all things IT related.

Well, yes that’s perfectly correct, but there is more to it than that…

Firstly, let’s take a quick look at what security entails.

One of the key principles taught in security is that you have to try to maintain a level of Confidentiality, Integrity & Accessibility around the asset you wish to defend. This is known as the CIA triad.

Maintaining the CIA triad should involve implementing controls that cover dealing with People, Process, Technology and Physical security.

So when you look at these four elements, you can see an IT security job isn’t just about IT; so to become an ideal IT security analyst, you need to understand how these four elements work and interact, and how they can be/are abused.

Dealing with People

People are quite possibly the biggest security risk in an IT environment because people are well…people!

For example:-

  • People create weak passwords, re-use passwords, and write them down even when they are told not to
  • People don’t read warning messages when they pop-up
  • People don’t watch what they click on
  • People get confused easily where IT is concerned
  • People don’t like to follow rules set by the management

An ideal IT Security Analyst should know how people tick and how to spot security issues brought about by people.

The IT Security Analyst should certainly understand how Social Engineering is used to elicit sensitive data from people and how to take steps to stop this happening.

Dealing with Process

Business processes should be designed to allow the business to perform its function. When processes are implemented, they are usually designed to be efficient and make the most of existing assets.

As a business grows and evolves, it unusual for many business to re-visit processes to see if they are still efficient and making the most of the assets available.

“We’ve always done it that way” is a very common phrase heard in businesses all across the land.

A good IT Security Analyst should be able to look at business process to see if there are any weak areas that could be fixed by changing process. As such, the analyst should help to devise, implement, and maintain corporate policies to ensure that security stays high on the list of priorities.

Dealing with Technology

The biggest part of the IT Security Analysts’ day will be spent with technology, and so a good security analyst should have a well-rounded understanding of Hardware, Software, and Networking systems.

He/she needs to stay abreast of the latest developments with industry standards and security tools to ensure that corporate security controls not only stay up to date, but also remain capable of keeping up with ever-changing business requirements.

As such, the analyst should take part in the development, implementation, and upkeep of security controls that are in compliance with corporate strategies. By knowing exactly how the corporate security model works, they will be best placed for conducting vulnerability assessments, dealing with change requests, and handling security incidents.

The ideal IT Security Analyst will need to know how to interpret the output from systems such as IDS/IPS, router & server logs, Antivirus/Antimalware tools and react to them accordingly.

By understanding the security model to a high degree, the ideal analyst will be able to play a role as part of a corporate security response unit, and as such, provide expert counsel on how to solve issues relating to security alerts, incidents, and disasters.

Dealing with Physical Security

If a criminal gets direct access to an IT device, they will normally be able to carry out more devastating attacks than if they were only remotely accessing the device. As such, the ideal IT Security Analyst should have a good understanding of the physical security that should be in place when IT is either on premises or abroad in unknown environments.

“It takes a thief to catch a thief”

As the phrase above suggests; to be an ideal IT Security Analyst you quite often need to think like an attacker to see how they might get round your security controls.

Thinking about how People, Process, Technology and Physical controls could be attacked goes a long way to becoming an ideal security analyst. Reading about the latest attacks will help the analyst make strategic decisions to ensure the attacks cannot affect their systems and having test systems to carry out demo attacks will help the analyst understand the effect of an attack.

For more information visit


Mark Amory

Cyber Training Delivery Manager

After leaving a career as a Mechanical and Electrical Engineer in 1998, Mark started out with a fresh career as an IT trainer. Spending the first few years as an applications trainer, Mark excelled in delivering Microsoft Office and Adobe products. In-line with his background as an Engineer, Mark soon shifted focus to more technical deliveries, including hardware and networking topics; a field he has remained in ever since. As a natural progression of his career saw Mark start to explore the security aspect of his existing competencies and since 2005 has specialised in the Cyber Security domain. Mark has been the author of a number of QA Cyber Security courses and was the design authority and author of the 2017 NCSC Cyber First Academy. Mark is a C|EH and is currently undergoing the process of becoming an NCSC Certified Cyber Professional.
Talk to our learning experts

Talk to our team of learning experts

Every business has different learning needs. QA has over 30 years of experience in combining the highest quality training with the most comprehensive range of learning services, ensuring the very best fit for your organisation.

Get in touch with our learning experts to talk about how we can help.