How to become a cybersecurity analyst
This article will explore some interesting details from an episode of Infosec’s information security career podcast, Cyber Work. This episode, with guest Jonathan Butler, covers how to become a cybersecurity analyst.
Jonathan is the professional services and security analytics manager at Distil Networks. He takes us through his journey into information security and discusses how he got his start in security, a little about the day-to-day responsibilities of the role, what someone should enjoy doing if they plan on becoming a cybersecurity analyst and the future of the role.
What should you learn next?
How did you get your start? Were you always interested in tech?
Jonathan came from a rural upbringing with bad internet service. He attended the University of Virginia and pursued a mathematics degree which required that he take a computer science course, sparking his passion for computers. Another course Jonathan took piqued his interest in programming; this one required a project to recreate Angry Birds that Jonathan found fascinating for how physics were baked into the code.
When he was in school, the internet was still not quite as ever-present as it is today. Jonathan described it as being the age of the flip phone. Despite this, others around him had a better knack and general understanding of the internet because they were exposed to it much more than Jonathan, making him feel like he was always playing catch-up compared to others. A formative moment came in one class where he decided he would not make excuses and would sit down and learn the material.
What were some of the steps on your path to becoming a senior cybersecurity analyst?
According to Jonathan, he did not plan out the future. Instead, he put his nose to the proverbial grindstone and then let the universe lead him from there. He worked in a software development firm which led to a role in data science (which was a data consulting for the automotive space), where he decided that he wanted to become a database administrator.
While he was preparing for a database certification, Jonathan changed his mind and decided to enter the private sector. Here, he got involved in enterprise with companies that included Audi and Volkswagen. Jonathan worked as a consultant in enterprise, which taught him the consultant mentality of helping others with data-driven decisions and also learned about the business side of things. These skills helped Jonathan to naturally transition have into his current organization, Distil Networks, which at the time lacked a professional team that straddled both technical and business expertise.
What is the average day like for a cybersecurity analyst?
Jonathan said that every organization is different, but the position can be 24/7, depending on current projects. (Distil strives to offer a good work-life balance.) The average week begins with checking your email inbox, going through upcoming projects and mapping out your week and the individual days. Every week, something comes up that derails your day and you just work around it.
Being a manager, are you spending as much time on the nuts and bolts of problems?
As a cybersecurity analyst, you have responsibility over a certain segment of projects and customers and the responsibility load increases as time goes on. As a manager, Jonathan is more likely to jump in when there is a critical issue or situation.
What should you REALLY enjoy doing? What are you going to be faced with almost every day as a cybersecurity analyst?
Jonathan’s situation is a little different than most because he is more of a consultant for a customer than an analyst working for a company. For him, he really enjoys helping customers, and most analysts will have to enjoy doing the same thing.
Cybersecurity analysts will be faced with determining which of their mundane responsibilities they can automate, as well as performing log analysis and thinking outside of the box every day. This focus on automation and streamlining of processes helps you stay ahead of adversaries.
What are the most interesting parts of the job? What are the most boring parts?
According to Jonathan, the most interesting part of the job is that information security offers constant discovery. He really enjoys seeing new team and adversary techniques that are always changing and evolving.
The most boring aspect of the job is the monotonous responsibilities that are part of every job. Some of this is attributed to systems and processes that existed prior to his arrival at Distil. Over time, a good cybersecurity analyst is supposed to automate these monotonous tasks away. You may end up working a role that keeps you up all night, but if you are confident, resilient and able to grow, you will be able to rise to the occasion.
What role do professional certifications play in the enhancement of a security career?
Professional certifications can definitely help in enhancing an information security career, although Jonathan himself does not have one. He did make note of an interesting aspect of information security: that is the dichotomy between those who swear by earning certifications and those who pride themselves on getting by without one.
Jonathan’s only concern about professional certifications was whether they can keep pace with changes in information security adequately.
How does it make you feel if you see someone with a certification?
When cybersecurity analysts first start out, and even later in their career, so much of the knowledge needed is in-house. This has changed as time goes by, moving more towards security being the bread and butter of the role. Overall, having someone around with a certification wouldn’t hurt.
What kind of companies require a cybersecurity analyst?
All companies, big and small, have a need for a cybersecurity analyst (budgetary considerations notwithstanding). In small companies, a cybersecurity analyst will be more than likely focusing on tasks like securing the perimeter.
The bigger a company is, the bigger the target for attackers. In big companies, cybersecurity analysts are more likely to be working on more narrow avenues of expertise. The downside of this is that these analysts are less likely to see the big picture.
What is something you can do today to move towards becoming a cybersecurity analyst?
Jonathan offered some good advice for those looking to move one step closer. Prospective analysts should take an online course, of which many are available today. Earning a certification, such as Certified Ethical Hacker, will also help. Lastly, Jonathan said that local security companies post job openings that list job descriptions. These will give a great idea of the skills and knowledge that hiring organizations are looking for.
Where is the role going?
The role of cybersecurity analyst is moving toward consolidation. Between moving towards deep subject matter experts from a more jack-of-all-trades approach and tooling and parsing non-traditional data sets for better insight, change is in the air. AI will also play a bigger role this year and this is not going to change anytime soon. Lastly, cybersecurity analysts will be increasingly required to wear multiple hats in an organization.
What should you learn next?
Conclusion
This podcast offered invaluable insights into what is like to be a cybersecurity analyst. Jonathan’s situation is unique in that he is a manager, but his path is more conventional than you might think, as many find their way into this position through a combination of experiences and learning what they love, namely information security.
For more information about this podcast, you can view it here.
Get unlimited and self-paced training for you or teams in your organization with Infosec Skills.
- 190+ role-guided learning paths
- 100s of hands-on labs & cyber ranges
- Custom certification practice exams
In this Series
- How to become a cybersecurity analyst
- Top-paying cybersecurity jobs and salary trends for 2024
- The importance of IT certifications in boosting your career
- Understanding the role of a network engineer in IT
- The role of the chief information officer (CIO) in cybersecurity
- What is a network engineer and how to become one?
- What does a system administrator do and how to become one?
- Cyber security hiring: Tips and best practices
- Cybersecurity soft skills: Career benefits of public speaking
- CompTIA Data+ certification: Opening doors to new careers
- Surviving cybersecurity burnout: Tips from industry experts
- How to make a mid-career change to cybersecurity
- 7 top security certifications you should have in 2024
- The Changing Role of the Modern SOC
- Discover the top 5 information security management certifications
- CySA+ versus CASP+: Is the CySA+ good enough for a career in cybersecurity?
- The best cybersecurity jobs in 2023: Trends, roles and salaries
- Top 10 penetration testing certifications for security professionals (2023)
- How to land an entry-level cybersecurity job: Essential skills and certifications
- 133 cyber security training courses you can take now — for free
- Breaking down barriers: How to make cybersecurity more inclusive and diverse
- Computer forensics interview questions
- The digital security forensic analyst salary guide
- Applying linguistics to cybersecurity: The journey of Jade Brown, a 2022 Infosec Scholarship winner
- The Path to “Career 4.0”: Amy Bonus leverages humanities, FinTech experience to bring Cybersecurity to the layperson
- Security engineer: Degree vs. certification
- Cybersecurity engineer: CyberSeek
- Infosec Accelerate Scholarship winner highlights essential qualities of a successful cybersecurity professional
- Career skills, imposter syndrome and intelligence-led pentesting | From the Cyber Work desk
- Cloud security engineer interview questions and answers
- Prior preparation results in a big payoff for Jason Mondragon, an Army veteran transitioning into cybersecurity
- Infosec scholarship winner Kandice Kucharczyk salutes her mentors as she sets her sights high
- Which CompTIA cert is right for you: Security+, PenTest+, CySA+ or CASP+? [updated 2023]
- How VetsInTech and Infosec Laid the Path to Gaurav Panta’s New IT Career
- Infosec 2022 scholarship winner Anthony Torres: Bringing the Marine Corps ethos to the cyber domain
- Infosec Scholarship winner Chris Chisholm knows the power of service and diversity in cybersecurity
- Betta Lyon Delsordo, Infosec scholarship 2022 winner, is a true life-long learner
- A veteran transitions from military medical logistics to multi-national security analyst
- An Army National Guard member fast tracks his cybersecurity career transition with VetsinTech
- How a career harnessing Navy nuclear energy can power a transition to a Security+ certification
- What is a cloud administrator? Essential roles and skills
- Security control mapping: Connecting MITRE ATT&CK to NIST 800-53
- Should you take the CCSP/SSCP before the CISSP? [updated 2022]
- (ISC)² certifications: The ultimate guide [updated 2022]
- CCSP vs. Cloud+ [updated 2022]
- Data architect: The ultimate career guide
- The ultimate guide to ISACA certifications: Overview & career paths [updated 2022]
- I failed IAPP’s CIPP/C certification. Here’s how I recovered
- How learning to be "Always Flexible" helped a Marine in earning the Security+ certification
- How to learn and pass your next certification exam
- Mission accomplished: How one army veteran turned neurobiologist moved into cybersecurity
Get certified and advance your career
- Exam Pass Guarantee
- Live instruction
- CompTIA, ISACA, (ISC)², Cisco, Microsoft and more!
Professional development
Professional development
Professional development
Professional development
The role of the chief information officer (CIO) in cybersecurity