Please Help

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

Hi Darren,
You've certainly posed a difficult question and I'm not sure there is a clear cut answer but I'll give it a go.

At my company all IT Security staff are called Security Analysts, except for their managers. Security as you say is the umbrella name for a variety of Security professionals. What I have found is that in smaller companies (1000 or less employee's), a Security Analyst will monitor security on multiple platforms so Windows Sever, Mainframe, Unix/Linux and Citrix. Monitoring access logs and implementing increasing security measures by making recommendations to be carried out by the network and server teams etc.

In larger companies you tend to get Analysts who specialise in just one area of security, so you may have a SAP security analyst or a network infrastructure analyst. This is the case with my employer who have specific Analysts for each platform.

The job spec for a Security Analyst seems to vary from company to company depending on the systems and networks they have but a core knowledge is always there.

I know for a fact that the defacto qualification to have in security is the CISSP regardless of your role. An MSc is a great achievement and would look great on your CV, not to mention the knowledge you will gain. If you decide not to take this route, check out CompTIA's Security+ which I am sitting next week. You can self study and its a great starting point in your studies. I too want to get into security but I'm aiming for a very specific role and won't need a masters myself.
Cheers
James