A computer security analyst evaluates computers and systems for signs of vulnerabilities that could compromise their integrity. These can include loopholes for hackers to exploit, problems with programming that leave systems open to the release of private data, and issues with hardware security that endanger the safety of the system. Some analysts work full time with companies that have ongoing information technology needs, monitoring their systems and implementing security fixes. Others are consultants who perform work by request and may work for a number of companies.
These computing professionals focus on the safety and security of the systems used by their clients. This includes individual computers and programs, networks, and connections. In addition to looking at the programming, they examine hardware and the physical storage for the system. A server array, for instance, may have strong programming that makes it less vulnerable to attack, but could be stored in an unlocked room that anyone could access.
Security needs for computer systems often evolve, sometimes very quickly. A computer security analyst must keep up with developments in the field to offer reliable and timely assistance to clients. The work can include attending conferences and reading publications to monitor ongoing trends in security. As new systems go into development at manufacturers, a computer security analyst may play a role in testing their programming and making recommendations to get them as safe as possible before their launch.
Data may be unsafe when it can be accessed by outside or unauthorized personnel, especially if it can be copied away from the network, edited, corrupted, or replaced with new data. The job of a computer security analyst is to identify the needs of a given system and to determine if existing security meets that need. If it does not, the analyst is expected to provide detailed information about how to address the problem and keep the system safe. This can involve activities that range from simulating penetration attacks to interviewing employees about how they use the system.
Some colleges and universities offer programs developed for people who want to specialize in computer security. This training can include courses in a variety of subjects, and may be used as grounds to apply for certification in a particular type of computer system or security program. A certification can be useful for a computer security analyst, as it may open up some job opportunities and can be used to join a professional organization for networking and other purposes.