Solorigate, FireEye Breach, Nintendo Data Breach, Zoom Credentials Hack, are some of the major breaches and security attacks reported in 2020 alone. A Kaspersky report said, as many as 726 million cyberattacks were carried out in the first five months of 2020. The rise in attacks was chalked up to the shift to remote working, in the wake of the pandemic. 

A huge demand-supply gap on the talent front, rising incidents of cyberattacks, and stringent data protection and privacy laws worldwide make cybersecurity-related jobs much sought-after in the current market. Indian IT sector is estimated to be worth $350 billion by 2025, with cybersecurity accounting for 10 percent of the total market cap.

Cybersecurity presents several career paths, including cybersecurity engineer, cybersecurity consultant, auditor, administrator, etc. 

An earlier report by the US Bureau of Labor Statistics said the cybersecurity analyst hiring is expected to grow by 32 percent between 2018 and 2028. 

Let us take a look at the nuts and bolts of becoming a cybersecurity analyst. 

Who Is A Cybersecurity Analyst?

Cybersecurity analysts are the forefront warriors of an enterprise’s cyber defense. The role demands keeping a constant tab on any threat and monitoring the company’s network for potential vulnerabilities. A cybersecurity analyst lives by the adage– ‘a company’s security is as good as its weakest link’, and is always on the lookout for any untoward event across the network.

The major responsibilities of a cybersecurity analyst include: 

• Maintaining a firewall to protect confidential information and encrypting data transmission
• Monitoring the entire network for any attacks, intrusions or unauthorised activity
• Determining emerging threat patterns and vulnerabilities using advanced analytics tools
• Generating reports for all the stakeholders involved– both technical and non-technical
• Carrying out risk assessments to ensure best security practices are in place
• Help in developing cybersecurity awareness training for colleagues
• Educating users about threats and vulnerabilities

How To Get There?

A bachelor’s degree is the minimum eligibility criteria. The degree could be in cybersecurity/information security, computer science, information systems, mathematics, physics, networks, etc.

That said, practical experience and skills play a huge role in landing a cybersecurity analyst job. Skills include: knowledge of computer networks, operating systems, and security; familiarity with programming languages such as C, C++, PHP, Perl, and Java; working knowledge of security technologies such as firewalls, host intrusion prevention, and anti-virus; problem-solving; decision-making capabilities; strong verbal and written communication skills.

“We are seeing increased adoption of technologies like endpoint detection and response, extended detection and response, network detection and response, security information and event management, security orchestration automation & response across all customer verticals. Security analysts need to be aware of upcoming technologies and how these fit into the IT landscape ecosystem,” said  Srinivas Prasad, Vice President and Security Practice Head at NTT Netmagic.

For a stronger technical understanding and expertise, aspirants can opt for the following certification programs:

• CompTIA’s Network+: A vendor-neutral certification to learn designing, management, troubleshooting, and network configuration aspects.
• CompTIA’s Cybersecurity Analyst: This certification is ideal for IT professionals planning to pivot to cybersecurity.
• Certified Ethical Hacking: This certification will teach you to use the same knowledge and tools as a black-hat hacker, albeit lawfully, to improve an organisation’s security.
• CompTIA’s Advanced Security Practitioner: This certification is designed to provide advanced skills in enterprise security integration, research and collaboration, and risk management.
• CompTIA Security Analytics Expert certification: This is an advanced certification course for people with basic level certification such as CompTIA’s Cybersecurity Analyst.

Common Interview Questions

When we asked Srinivas Prasad on what skills are candidates generally interviewed on in companies such as NTT Netmagic, he said, “There are multiple career options in cybersecurity, if we talk about security analysts in specific, we do not focus on technology-specific skills while interviewing an analyst. Since there are new technologies in security that come up every day, it is practically not possible to have hands-on expertise with each. We look for candidates with:

• Good understanding of operating systems & network fundamentals
• Threat detection & response capabilities
• Basic digital forensics and incident response
• Understanding and management of SIEM.”

As mentioned by Srinivas, the employers look for the general understanding and aptitude of candidates on cybersecurity issues. They can be expected to be quizzed on the following topics (subject to experience level):

• Risk, vulnerability and threat on a network
• Cybersecurity frameworks
• SSL encryption
• DDoS attack and mitigation methods
• DNS monitoring

Wrapping Up

Given the booming market and, in particular, the potential for the cybersecurity analyst role, it’s the place to be. Since security is a pan-industry issue, cybersecurity analysts may get the opportunity to work in varying sectors such as BFSI, government, energy, media, educational institutions, and consultancies. The starting salary for a cybersecurity analyst is 6 lakh per annum in India.