How To Become A Cyber Security Analyst

Cyber security analysts employ various processes and technologies to detect, prevent, and manage cyber threats to help protect their organisations. Here in Northern Ireland, there are many Cyber Security Analyst jobs advertised. From our research, this is the most in demand role, especially for entry level Cyber Security roles, and projected growth is enormous. This article will look closer at this job and what skills, training, and certifications potential employers are looking for.

What Are Cyber Security Analysts?

A security analyst supervises databases, information networks, and computer infrastructure to protect the companies information and data. They are also often referred to as information security professionals or analysts.

Cyber security analysts protect a companies IT infrastructure (including computer software, hardware and networks) from a wide range of malicious activities. They monitor operating systems and networks, assess and analyse alarms, detect security threats, and report on false alarms, network intrusion attempts and threats, either escalating or resolving them depending on their severity. Some may even be involved in producing reports and contingency plans for their company.

Cyber security analysts generally work in one of the following areas:

• Protecting the security of the organisation they work for.

• Offering advisory and consulting services to clients.

Job titles for the same role differ and include

  • cyber intelligence analyst
  • security analyst
  • information security (infoSec) analyst
  • security operations centre (SOC) analyst
  • information security consultant
  • cyber defence analyst

What Do Cyber Security Analysts Do?

Cyber Security Analysts work in different areas to ensure that the company’s and clients data and systems are safe from any potential security breaches. Analysts scan the security systems of an organisation’s networks for vulnerabilities, resolve any issues that a junior cyber security analyst may find, and take steps to prevent such occurrences from happening in the future again. They utilise different emerging technologies and cyber security tools, which help them safeguard data.

A Cyber Security Analyst also collaborates with other security professionals to create security systems and protocols that will help safeguard the organisation from numerous potential cyber-attacks, threats, and security risks. This enables the company to keep its reputation and integrity by ensuring its clients and information is always kept safe.

They also protect the company’s hardware, software, and networks from attacks by cybercriminals. The primary function of a security analyst is to know how the company’s infrastructure operates in detail and then track it continuously to assess any threats or vulnerabilities that may potentially cause a breach of their network.

Cyber security analysts also constantly look for new ways to safeguard a company network’s sensitive details and improve its security.

How Can I Become a Cyber Security Analyst?

There are essentially four ways most people will get a cyber security role and become a cyber security analyst in the UK and Ireland.

Transfer From Another IT Role

Starting in other IT jobs, such as a service desk or a related field, creates the opportunity to enter the cyber security profession without having a bachelor’s degree. You could then gain industry certifications and experience while working your way up to the cyber security role.

Graduate Roles

Employers wanting to fill a graduate position will require you to have a degree in technology, science, mathematics, or engineering subject. Exact requirements will be different for various employers. Relevant degree subjects may include:

• computer science

• cyber/information/network security

• software/electrical/network engineering

• computing and information systems

ethical hacking

• physics

• mathematics

• other Information Technology/security/computer networks-related degrees.

However, it is also possible to get into the profession with an unrelated or non-technical degree. Some graduate roles or schemes, such as the Assured Skills Academies run by the Department of communities, are happy to accept graduates from any degree discipline.

Although studying at a Master’s degree level isn’t necessarily a requirement, you may decide to do further studies in a relevant subject, especially if your bachelor’s degree is not in a related subject. The National Cyber Security Centre (NCSC’s) certified degrees provide a list of certified Master’s Degrees in cyber security and closely related fields. Some employers also sponsor candidates to undertake a relevant Master’s degree.

The degree subject will become less important as you gain experience, and employers will instead want to know what you’ve done in your professional capacity.

After gaining experience in general IT, there are often opportunities to move into cyber security.

Below are the Cyber Security Courses available from the Further & Higher Educations course in Northern Ireland

Belfast Metropolitan College

Queens University

An Apprenticeship or Academy

An alternative is to start a cyber security apprenticeship, where study and employment are combined with working towards a recognised qualification. There are apprenticeships available at different levels, including degree levels.

Belfast Met runs the Higher Level Apprenticeship (More info here), which is a great way to get into Cyber Security.

We are very fortunate here in Northern Ireland, as the Department for the Economic has invested in its Assured Skills Academies (More info here). This collaborates with locally-based businesses, a further education college and the Department.

These academies offer pre-employment education and training that give you the skills, knowledge and certifications for currently in demand jobs. You can expect the course to run between 8 and 12 weeks and are very intensive (this is how I started my career in the cyber security world). You usually have to have a 2:2 degree in any course as a minimum.

The Academy is incredibly intensive, with a new exam each week from Network Fundamentals, data tools, penetration testing and other security courses. You will also use a range of tools specific to the employers. They also work on presentation skills and creative ways to enhance your careers.

While at the Academy, you will be paid £150 a week plus expenses, which I have heard has put off some people. However, most are offered jobs after (or at least interviews), and the salaries are good for entry level, with an excellent earning potential in the years to follow. From my Academy off the 19 who finished 18 are currently have careers in Cyber Security or Support roles in some form.

Self Skill Up

So if you really can’t do any of the above and have a keen interest in a job in cybersecurity, then the last option is for you—self Education.

We are fortunate to live in an age where you can access vast amounts of free and low-cost education, knowledge and skills without giving up your day job. This involves going out and using creative ways to gain experience, build a network and make getting a job more manageable.

We go into much greater detail in our guide on how to get a job in cyber security here. However, you will need to research what job you want then go out and gain those certifications, experience and knowledge required to get it. This could be doing certifications, taking part in bug bounties, or building your labs.

Check out our article on the best certifications to help get a job in cyber security here

what qualifications are needed?

Training often takes place on the job, and you may receive advice and mentoring support from colleagues that have more experience.

Some employers, especially those that offer graduate training schemes, may sponsor you to complete an MSc or BSc in cyber/information security while you’re on the job, such as the apprenticeships mentioned above.

There are also several industry-related qualifications that you look at. However, if you google “best certificates for a cyber security analyst jobs”, you tend to get the below.

CISSP – (Certified Information System Security Professional)

CCSP – (Certified Cloud Security Practitioner),

CEH – Certified Ethical Hacker

SSCP (Systems Security Certified Practitioner) is an entry-level IT certification for those with at least a year’s experience, so maybe worth looking at.

However, the certifications mentioned earlier are generally for those with experience in the industry and are expensive. I’m also guessing that you are not here looking for advice on qualifications if you already work as a Cyber Security Analyst.

Entry Level Cyber Security Certifications

Having been a cyber security analyst, SOC Analyst and Cyber Security Associate (all very similar), these are the certifications and courses that I recommend that you look at

Vendor Neutral Exams

  • CompTIA Network +
  • CompTIA Security +
  • Blue Team Level 1
  • Range Force

Vendor-Specific Exams

  • SC-900 (Microsoft)
  • AZ-900 (Microsoft)
  • MS-900 (Microsoft)
  • AZ-500 (Microsoft)
  • SC-200 (Microsoft)
  • AWS Certified Security Specialist (Amazon)
  • Google Cloud Security Professional

Other relevant courses include General Data Protection Regulation (GDPR) awareness, and Cyber Incident, Planning and Response (CIPR).

Looking at job adverts for cyber security analyst roles will give you a feel for the certifications employers tend to look for. It would help if you tried to speak to your recruiter first when selecting a certificate, as they will know what course companies are most sought after.

Cyber Security Analyst Salaries

According to Viaresource, the median salary for a Security Analyst is £45,000 (1-2 years experience), £65,000 (3-5 Years experience) and £90,000 (5+ years experience). This is from an analysis of UK wide job boards. However, from our experience entry level Cyber Analysts or SOC Analysts here in Northern Ireland generally, start around £23-£28,000 with (entry being 0-1 years experience) and junior Cybersecurity analysts (1-3 years experience) being in the £25,000 to £35,000 range.

Don’t Stop Here

More To Explore

sc-200 Microsoft Security Operations Analyst Exam Guide

SC-200 Exam Guide

Sc-200 This article will share how I successfully prepared for and passed the SC-200: Microsoft Security Operations Analyst certification exam. It has been two years

Read More »