An information security analyst is a person responsible for protecting a company’s computer systems and the data they contain from malicious intruders. To do this they develop, implement and maintain systems, policies and procedures that protect an organization’s data from being accessed or used inappropriately. This can include creating firewalls between their systems and the internet, encrypting data so that it cannot be read in transit and ensuring that only legitimate users have access to applications.
Another important aspect of this role is promoting security awareness within the company’s users. They document and test security policies, test networks and servers for vulnerabilities and ensure that regulatory and compliance requirements are being met. Their role involves performing risk and vulnerability assessments and planning on methods for defending the system from attack. They can also be included in planning for disaster recovery, caused by severe weather or power outages, and planning for continuing operations at alternate sites.
