SANS 2021 Report: Top Skills Analysts Need to Master
What Makes a Security Analyst Successful?
As more organizations invest in improving their security operations—either by building their own security operations centers (SOCs) or by engaging managed security services—the demand for security-related roles is higher than ever, reaching 3.5 million unfulfilled positions in 2021, according to a Cybersecurity Jobs Report.
But from all of the coolest jobs in the security industry, security analysts stand out from the rest. In the United States alone, the U.S. Bureau of Labor Statistics reports that information security analyst jobs are projected to grow 31% from 2019 to 2029, much faster than the average for all occupations. As one of the highest-paid jobs in the field, security analysts must become masters of all trades, essentially “all-around defenders” who are highly competent in threat detection, while possessing excellent analytical and communication skills. But what are the technical and nontechnical skills required to acquire mastery in this role? And how can industry security solutions augment analysts’ capabilities to become more effective?
To answer these questions, this report will first explore what makes a security analyst successful. This critical step is often overlooked, leading to the wrong expectations for both analysts and employers, thus resulting in higher attrition and burnout. After that, we will examine the top skills security analysts need to master to be effective at defending organizations across endpoints, networks, and the cloud, as well as aligning to the models presented in the report.
This paper will cover:
- Security models and frameworks to develop and improve analysts skills
- The distinction between investigative tasks and investigative thinking
- An introduction to incorporating the OODA Loop concept to investigations