7

Looking out for jobs/internships, I see these two designations used almost interchangeably at times and at other times they mean different things.

So as someone who have no experience in security, what is the difference between these two?

Anders
  • 64,406
  • 24
  • 178
  • 215
xandfury
  • 1,351
  • 3
  • 10
  • 19

4 Answers4

10

There's no strict definition, and some organisations or recruiters will interchange the terms arbitrarily.

Generally speaking, a security analyst will work more on the attack side, performing penetration tests and identifying security issues. A security engineer will work more on the defence side, building secure systems and resolving security incidents. There is often overlap between the roles, particularly when a security analyst is working internally within an organisation (e.g. internal pentest team), rather than as an external consultant (often referred to as a security consultant, penetration tester, or ethical hacker).

Polynomial
  • 132,208
  • 43
  • 298
  • 379
  • While I agree about there being no strict definition, I don't think "analyst" is typically on the attack side - it is more a "reviewer" position. E.g. an analyst might come in to check what the engineer designed. – AviD Oct 26 '16 at 15:04
  • 1
    @AviD Interesting; I've not seen that approach in the UK. This may be an artifact of cultural differences in job titles. I also just remembered that "security analyst" also tends to apply to many jobs with anti-virus and exploit sales companies too. So it's all over the place, really. – Polynomial Oct 26 '16 at 15:07
  • Heh, true. Though I admit to spending some time as a "security analyst" for companies in the UK too.. I think that "overlap" plays here too, still the same responsibilities from a different perspective. Could also be the cultural differences between pentesting companies vs software companies... – AviD Oct 26 '16 at 15:14
4

There is a lot of confusion around the term 'analyst'. For instance, I was hired by one company as an 'analyst', but my job description was to design, build, implement, and maintain an entire security ecosystem for a SaaS company across international boundaries. That sounded like an 'architect' to me, but my employer was told by a consulting company that 'analyst' was an appropriate term, too.

In short, 'analyst' can be a catch-all term that means very different things to different organisations.

schroeder
  • 123,438
  • 55
  • 284
  • 319
3

The difference actually comes down in the end to salary: https://www.glassdoor.com/Salaries/cyber-security-analyst-salary-SRCH_KO0,22.htm

https://www.glassdoor.com/Salaries/cyber-security-engineer-salary-SRCH_KO0,23.htm

I've had both titles and a lot of my responsibilities are the same in both positions. In the end the reason why certain companies will want to label you as an "Analyst" is because "Engineer" commands about $15K higher in salary.

-3

A security engineer has to defend stuff, while an analyst has to break stuff like a pentester or hacker.

Anders
  • 64,406
  • 24
  • 178
  • 215