How to become a Security Analyst? That's the question everybody asked when they want to go to security and the answer is depend!


Depend of different factor like your experience and knowledge, also the requirements for that position. Lets begin with the basic:


Basic Knowledge and Experience


Lets be clear, you cannot protect something that you do not know how it works and how to configure it. So you need to have good knowledge and experience with Windows or Linux, network devices or any programming language. It doesn't require to be an expert on those feels.

For example, what happen if you are a Security Analyst in one company and got a ticket requiring you to give access to some shared folders to a user, what happen if you do not understand the differences between shared and NTFS permissions? Inherit permissions?, etc, etc. Can you imaging the mess that you could create on that shared folder. So again we need to understand the basic.

Now lets analyze different security analyst position.


Example 1: Security Analyst - Principal function grant/revoke access, manage RSA tokens, VPN, etc. -Windows shop


Now for this position you will need to know Active Directory, Windows Administration, SHARED and NTFS permissions, how two factor authentication works for RSA and networking knowledge to troubleshooting VPN.

Target certifications: Any Windows 2008/2012 Server certification and CCNA Security plus the gold one to make it sure CISSP.


Example 2: Security Analyst - Principal function vulnerability assessment, Source Fire  (Snort), Splunk or QRadar. - Practically monitoring


Now this position has the same title of the example 1, the requirements are higher than the other example 1. This position would require some basic knowledge for penetration testing, Operating system like Windows/Linux, network protocols and some exposure for Splunk or QRadar.

Target certification: Any Windows 2008/2012 Server certification, CCNA Security, Linux cert, GIAC cert plus the gold one to make it sure CISSP and OSCP.


Example 3: Security Analyst - Principal function vulnerability assessment, penetration testing.


Now this is the gold position that everybody dream, it is one of the most difficult, because you need to have good knowledge or everything and one or two specialist.

Target certification: All above plus CISSP, OSCP, any web cert or any advance certification and the most important is experience and logic.


How to reach my goal: Security Analyst?


Doesn't matter the position where you are, you need to become good in that position, get knowledge any experience possible and certification slowly, you need to be good in that position to move up.

There is not short cut, require effort and study and practice a lot. Most of the security analyst comes from System or Network admin/engineer. so if you already reach those positions then you are in good track.

Do you have your own virtual machines, your own lab where to practice any configuration, if you have one then you are putting yourself in shape to be a security analyst.


please give us your opinion in the forum: