The career I have chosen, as well as my current interest, is being a cybersecurity analyst. This job is heavily involved in the social aspects of cybersecurity, nearly as much so as the technical aspects. First discussed will be the duties of a cybersecurity analyst, and second will be how these duties relate to concepts learned in class.

The consensus of those in the field identify the responsibilities of a cybersecurity analyst as follows: researching current and emerging threats, auditing systems to identify vulnerabilities, monitoring users, installing and maintaining security software and systems, establishing back up procedures for data and infrastructure, and training employees on organizational cybersecurity (Matzelle, 2023). Of note are several duties that require a thorough understanding of how people behave in cyber environments and how this behavior can affect the security of a given system. This is to say, they utilize both technical and social means of supporting enterprise infrastructure based on the needs and desires of the organization.

To effectively perform duties as a cybersecurity analyst, there must be not only a strong technical knowledge, but a strong psychological and social knowledge as well. Cybersecurity systems are only as strong as the people who make them, and the people who use them. One of the largest ways that topics discussed in this class relate to this profession is through the ability to explain complex topics to those from different backgrounds without the same level of technical knowledge. Cybersecurity can be incredibly complex, but the importance of cybersecurity falls on everyone – regardless of technical proficiency, rom janitors to bank tellers. Many times, cybersecurity concepts may need to be relayed to these types of people, and it is the responsibility of a cybersecurity analyst to simplify complex concepts to the point where they can be easily digested and understood, while remaining effective. This could have context in security awareness training for associates at an organization, testing security awareness through practice phishing attacks, and even outlining cybersecurity responsibilities of associates that they may not be aware of. Additionally, it is of the utmost importance that a cybersecurity analyst can work effectively in a team environment. Cybersecurity touches all disciplines and aspects of our world, so having a team with proficiencies in differing areas is paramount to effectively securing and defending an infrastructure. While one team member may be proficient in pen testing, another team member may have more proficiency in biosecurity, and both of these proficiencies can be equally valuable in a team environment given specific circumstances. In addition to these responsibilities, there is also a responsibility to understand those that are being defended against. Better understanding the mind of a hacker and what their motivations may be in accessing your organizations cyber infrastructure will help significantly in adapting techniques to best defend against their potential attacks. Even watching how other organizations react to and defend against cyberattacks could be valuable knowledge in securing organization’s cyber infrastructure. Lastly, the ability to work within the cybersecurity department and effectively outline opportunity areas or weaknesses to superiors is another invaluable skill. Being on the “frontlines” of cyber defense, a cybersecurity analyst will have exposure to many events or scenarios that their superiors may not. Being able to effectively communicate the importance of the discoveries made and the priority by which they should be addressed is crucial to ensure no weak points remain in the cyber infrastructure.

Clearly, a cybersecurity analyst plays a crucial role in protecting an organization’s cyber infrastructure, and with it comes a need for a deep understanding of people from hackers to coworkers, and their motivations and intent. From security awareness training, to alerting coworkers and superiors of potential problem areas, and even to monitoring and analyzing hackers movements and actions within systems, sociology and a fundamental understanding of people are certainly required to be successful in this profession.