How to become a cybersecurity analyst

By Robert Half on 30/11/2023
Eestimated Read Time: 3 minutes

Protecting a business against cyber-security attacks takes a special skill set. Hiren Joshi, branch director Ontario at Robert Half in Canada, explores how to become a cyber security analyst – and why smart communicators with technical flare are in high demand.

What happens if a senior finance leader receives an email, asking for money to be transferred between accounts? A legitimate request from a reputable source will cause no issues. But if the email is from a hacker, pretending to be someone else, the ramifications could be more serious. Money could be lost, systems compromised, and information leaked in a matter of seconds. The fallout might hit the headlines and the reputation of the business called into a question.

The impact of a cyber-attack can be devastating. But if they can be prevented, businesses can save face and money. That’s why cyber expertise matters. Specialists can help shore up defences and prevent attacks, but they can also help businesses to respond if the worst should happen. They come with years of experience staying one step ahead of the hackers and alive to evolving threats; how to become a cyber security analyst is therefore an important topic to understand.

Technical training, on-the-job experience

Most people start at the bottom of the technical ladder. Graduates often join the IT helpdesk, before moving on to network and system administration. Over time, they will develop technical skills and face a diverse range of scenarios. If they show an interest in security, they will usually move in that direction. People also come into the profession with a data background because their skills can be especially useful when dealing with attacks on business information.

Training and development are typically done on the job. Cyber security analysts have to make decisions based on real-life scenarios and understand different methods of attack. But there are also important technical qualifications along the way. CompTIA offers certified security training; CISSP stands for Certified Information Systems Security Professional; and there are various ‘ethical hacking’ programmes, designed to help detect vulnerabilities in company systems. There is also a qualification for chief information security officers, CISOs.

The key threats they will defend against include phishing, malware and ransomware. Phishing is a common social engineering technique using emails and texts to encourage users to share sensitive information or download a malicious file, similar to the story above. Malware, often delivered through phishing techniques, is malicious software code designed to harm a computer, network or server. Ransomware, a type of malware, is when a hacker gains access to company data, encrypts it, and provides a decryption key in exchange for payment.

Cyber security analysts need strong soft skills, too: communication and attention-to-detail are the most important. Every day, they talk to people in multiple teams, often across international borders; every day, they are new ways for hackers to attack their systems. They have to be smart to constantly monitor evolving threats; they have to be proactive and often make split-second decisions.

Developing a proactive approach

Businesses are good at asking for help with cyber security when things go wrong, but they could do better at avoiding attacks in the first place. In the future, cyber security analysts will therefore become even more important, as threats evolve, and businesses learn to take a more proactive approach. Inhouse security teams can be complemented by contracted professionals, who will be able to advise on specific problems and challenges; businesses can also put more permanent expertise in place. It’s their choice.

Either way, finding the right person with a rounded skill set, will be critical. So, the next time an executive leader receives a spoof email asking for money, a proactive approach – with the right cyber security analyst on the team – will prevent it from compromising systems and, potentially, harming a hard-won reputation.


Hiren Joshi is currently working as a Branch Director with Robert Half based out of Toronto, ON. He has been with Robert Half for more than 7 years and has more than 15+ years of IT recruitment experience.

Interested in a job in IT?

Are you triggered by a job in IT? Take a look among our vacancies and kickstart your career!

More From the Blog...