Your next move: Vulnerability analyst
This article is part of an IT Career News series called Your Next Move. These articles include the responsibilities, qualifications, related job titles and salary range for each role.
If you have a knack for determining problems and wanting to find solutions, then a career as a vulnerability analyst may be for you.
What Is a Vulnerability Analyst?
A vulnerability analyst detects weaknesses in networks and software and then takes measures to correct and strengthen security within the system.
Job duties include:
- Develops risk-based mitigation strategies for networks, operating systems, and applications
- Compiles and tracks vulnerabilities and mitigation results to quantify program effectiveness
- Creates and maintains vulnerability management policies, procedures, and training
- Review and define requirements for information security solutions
- Organize network-based scans to identify possible network security attacks and host-based scans to identify vulnerabilities in workstations, servers, and other network hosts.
The role of vulnerability analyst can be an in-house position or a consultant hired for specific times or tasks. Either way though, the job is an important one—determining critical security flaws and figuring out how to fix them.
A vulnerability analyst has to think like a hacker in order to protect against them. Most companies doing business online are at risk for cybercrime, and a vulnerability analyst position is essential to protect an organization. The larger the organization, the more vulnerability analysts they will employ.
While some of the vulnerability analyst’s responsibilities include penetration testing, a vulnerability analyst is not the same as a penetration tester. A penetration tester identifies risks in a network or system and a vulnerability analyst does that too, but also uncovers vulnerabilities in a network and provides solutions to manage the vulnerability.
How to Become a Vulnerability Analyst
Some companies hiring a vulnerability analyst are looking for someone with a bachelor’s degree in computer science, cybersecurity, programming or a related field, but many employers would be satisfied with an applicant that has a couple of years of practical experience under their belt, along with some certifications.
Certifications like CompTIA Network+, CompTIA Security+ and CompTIA PenTest+ can prove that you have the skills to be a vulnerability analyst. Check out the CompTIA Career Roadmap to see what other certifications can help you become a vulnerability analyst.
Vulnerability Analyst Salary RangeOver $75,000 with a median annual wage of $92,600 (Burning Glass Technologies)
Vulnerability Analyst Job Outlook
Along with positions like information security analysts, a position like vulnerability analyst is expected to be in demand. From 2016 to 2026, CompTIA projects an increase of 19 percent with 17,917 net new jobs expected during that 10-year period.
Job Titles Related to Vulnerability Analyst
- Penetration Tester
- Vulnerability Tester
- Security Analyst (II)
- Vulnerability Assessment Analyst
- Network Security Operations
- Application Security Vulnerability
(This post originally appeared on the CompTIA blog, which can be viewed here).