A cybersecurity analyst is the gatekeeper of a company’s digital information. They are the bodyguards who keep out viruses, review suspicious activities, and protect against hackers. They keep constant tabs on threats and monitor their organization’s networks for any breaches in security.
Energy industry is highly digitized and uses sophisticated systems to monitor, measure and control oil and gas wells, facilities and pipeline operations. These systems, and the continued adoption of digitization and automation across the energy industry, increases the need for cybersecurity.
Cybersecurity analysts protect critical information. They address the security of the traditional IT environment of computerized offices and also deal with the added complexity of securing their company’s Internet of Things (IoT). IoT is the connectivity between physical devices that communicate and interact with each other over the internet and can be remotely monitored and controlled. Additionally, cybersecurity analysts may be tasked with understanding, integrating and protecting innovative digital business processes such as robotic process automation, blockchain and artificial intelligence. Increasingly, the cybersecurity function is also about monitoring, managing and influencing behaviours and interactions within the organization from employees, vendors, etc. that could present additional risk, and finding innovative ways to mitigate that risk. Many companies have developed Security Operations Centres which provide a centralized, structured and coordinating hub for all cybersecurity activities in the organization.
Cybersecurity analysts research, plan, design, coordinate, implement and support security measures for all digital information systems within an organization.
I'm interested in a career in
- Sub-sector Exploration and production, Oil and gas services, Pipelines, Oil sands
- Environment Primarily indoor/office work
- Average Salary $67,000 to $116,000
- Education Post-secondary diploma
- Career Demand Growing
When you start in this occupation activities may include:
- Monitoring use of data files and regulating access to safeguard information in computer files.
- Performing vulnerability testing, risk analyses and security assessments of technology infrastructure.
- Preventing hackers from disabling computers or seeing, modifying or destroying data.
As you advance you may take on additional tasks including:
- Developing policies, procedures and contingency plans to minimize the effects of security breaches.
- Developing security awareness by providing orientation, educational programs and ongoing communication.
- A four-year bachelorâ€™s degree in computer science, computer systems engineering, software engineering, business administration or a related discipline is typically required. Some employers will consider applicants with a two-year diploma in computer science or a related discipline with several yearsâ€™ experience.
- Depending on the employer, certifications required may include:
- Certified Information Systems Security Professional (CISSP)
- Certified Information Systems Manager (CISM)
- Global Information Assurance Certification (GIAC)
- SSCP or Security +
- CompTIA Security
- Certification or training provided by specific software vendors may be required.
- Specific health and safety certifications may be required, determined by location of work and company requirements
- Information Systems Professional is a protected title under Alberta’s Professional and Occupational Associations Registration Act. This means that to call yourself an Information Systems Professional or use the I.S.P. designation, you must be a registered member of the Canadian Information Processing Society of Alberta (CIPS Alberta)
- A security background check normally is required
- Experience as a computer programmer is usually required
- Minimal or no travel
- Primarily indoor/office work
- Work not physically demanding
You have strong technical and computer-based knowledge. You are also strong at risk assessment, project management and communicating technical information to non-technical people.
- Computers and Electronics
- Customer and Personal Service
- Information and Document Management
- Cyber/Data Security
- Understanding Risk
- Operation and Control
- Systems Evaluation and Analysis
- Attention to Detail