Career Paper

Posted by spami001 on

Samael Pamie-George
Professor
Career Paper
4/11/2024


Infosec Analyst/Cybersecurity Analyst
Vigilant, analytical, and adaptive are just three words to describe the job of an Infosec
analyst and a cybersecurity analyst. The role of a security analyst is broad. It consists of
numerous responsibilities, like monitoring security best practices, procedures with the right tools,
protocols and making sure that all practices are properly used and followed. Those who have this
role analyze reports from useful tools to proactively identify anomalous or unusual network
behaviors. File access and credentialing will also be given to them to control including firewall
maintenance and network updates. One who is well trained in this area will have a solid
understanding concerning the use of data, how it is stored, how it is managed, and the different
kinds of cybersecurity threats. An example of these threats are ransom attacks, data theft, social
engineering, and etc. Penetration testing and vulnerability scans are in some cases performed
along with relevant changes to better security. When it comes to a larger company, security
analysts tend to work in a security operation center to specifically monitor, contain, remediate,
and detect threats. When it comes to a midsize organization, security analysts may play a broader
role in handling everything from security analysis and intrusion detection, to patch updates,
antivirus updates, and firewall maintenance. Since they are trained in security risk and of the best
practices, they might be requested to train employees on cybersecurity hygiene (techtarget).
Now, how may one describe how professionals in this field require and depend on social science
research and social principles in that career? In Infosec analyst/cybersecurity analyst roles,
professionals tend to rely on social science research and principles for the enhancement of their
own effectiveness when it comes to understanding and addressing cybersecurity challenges. To
begin, there is the understanding of human behavior. When it comes to social science research it
provides an insight into human behavior, which is essential when it comes to cybersecurity.
Analysts need to comprehend how individuals/groups behave online, including their motivations,
decision making processes, and their responses to security measures. It is this form of
understanding that assists them in designing security protocols that account for human factors,
such as susceptibility to phishing attacks or a compliance with security policies (hindawi). Now,
there is user-centered design. Social Science principles such as human-computer interaction, also
known as (HCI) along with usability studies are essential when it comes to designing secure
systems that are also user-friendly. The analyst must consider how people interact with
technology and how those interactions can impact security. For instance, applying usability
research can lead to a more effective security training program along with the development of
intuitive security controls (interaction-design). Next, there is risk assessment and management.
Now, social science methodologies, such as risk analysis and behavioral economics, contribute
to the form of assessing cybersecurity risk. By integrating insights from these disciplines,
analysts can better evaluate the likelihood and impact of security incidents, with the
consideration of both human behaviors and technical vulnerabilities that may amplify risk
(deloitte). Furthermore, we have security awareness and training. Social science research informs
the development of an effective security awareness. Analysts/professionals use a psychological
principle to tailor education content along with strategies that resonate with a diverse user group.
For one to understand cognitive biases along with persuasion techniques helps in terms of
crafting messages that promote secure behaviors among fellow employees (techtarget). Now,
there are also ethical and legal implications. Now, do not get it mixed up, your fellow
cybersecurity professionals often encounter ethical and legal dilemmas which require a form of
consideration when it comes to one’s social, cultural, and legal norms. Social science research on
ethics, privacy, and governments informs decision-making processes related to data protection,
compliance with regulations, and incident response (augusta). The last topic to be discussed is
policy development and advocacy. When it comes to social science, it contributes its own form
of shaping cybersecurity policies and regulations. Analysts collaborate with policymakers to
understand societal implications of cybersecurity measures, such as privacy concerns, equity in
access to technologies, and a broader implication on digital rights (nces.ed.gov).
All in all, in Infosec Analyst and Cyber Security Analyst jobs, professionals benefit from
integrating social science research into their own work, creating holistic security strategies which
are all accounting for human behavior, usability considerations, risk management, ethical
considerations, an\d policy implications. As I said earlier, this enhances the effectiveness and
relevance of cybersecurity practices in today’s complex digital environment. So, how may one
describe how professionals in this field require and depend on social science research and social
principles in that career? That is how. Thank you.


Works Cited
Awati, R. (2024, January 5). Top 8 in-demand cybersecurity jobs for 2024 and beyond. WhatIs.
https://www.techtarget.com/whatis/feature/5-top-cybersecurity-careers


Chakraborty, P. (2024, March 28). Computer, Computer Science, and Computational Thinking:
Relationship between the Three Concepts. Hindawi.
https://www.hindawi.com/journals/hbet/?utm_source=google&utm_medium=cpc&utm_campaig
n=HDW_MRKT_GBL_SUB_ADWO_PAI_KEYW_JOUR_HBET_GENPH&gad_source=1&g
clid=Cj0KCQjwlN6wBhCcARIsAKZvD5hOuT5cNyvQAfEhIAyqEXfsuCXJOIVzfvR_KYsAUa1bKzsMBfc9yUaAhbREALw_wcB


Deloitte. (2024). Detect and protect: 5-part series on Enterprise Risk Management: Deloitte US.
Deloitte. https://www2.deloitte.com/us/en/pages/deloitte-private/articles/risk-managementstrategies-for-privatecompanies.html?id=us%3A2ps%3A3gl%3Adpermsp2%3Aawa%3Adp%3A021324%3Arisk+ma
nagement+strategies%3Ab%3Ac%3Akwd-
24193541&gad_source=1&gclid=Cj0KCQjwlN6wBhCcARIsAKZvD5h36XMBwi0rH3OnVvd3
p8-kXGiP0Ob5MtubAKqmLkch4Iq2JytLJ3AaAtzzEALw_wcB


Ed.gov, Ies. nces. (2024). Chapter 3-Security Policy: Development and implementation, from
safeguarding your technology, NCES publication 98-297 (National Center for Education
Statistics). https://nces.ed.gov/pubs98/safetech/chapter3.asp


University, A. (2023, August 21). Cybersecurity ethics grows in urgency as the digital landscape
continues to Transform Society. Cybersecurity Ethics: What Cyber Professionals Need to Know.
https://www.augusta.edu/online/blog/cybersecurity-ethics


User Centered Design (UCD). (2024, January 17). What is User Centered Design (UCD)?. The
Interaction Design Foundation. https://www.interaction-design.org/literature/topics/usercentered-design


Yasar, K., & Pratt, M. K. (2023, October 12). What is Security Awareness Training?: Definition
from TechTarget. Tech Target. https://www.techtarget.com/searchsecurity/definition/securityawareness-training

Leave a Reply

Your email address will not be published. Required fields are marked *