What does an information assurance analyst do?
Information assurance analysts are professionals who are responsible for conducting vulnerability management activities to assess potential threats. These analysts are required to establish information technology (IT) programs that protect member information from internal and external data loss. They need to develop security policies and procedures so that they can achieve ISO certification. They must also monitor and maintain networks while conducting a full range of security-related analysis to evaluate suspicious activities. Information assurance analysts must also review logs and interview personnel to determine the level of investigation or disciplinary actions.
Information assurance analyst responsibilities
Here are examples of responsibilities from real information assurance analyst resumes:
- Log analysis & managing the accuracy of DLP identification to lowering/avoiding false positives and negatives.
- Monitor, detect and report vulnerability issues using ACAS scanner.
- Used automated security scanning tools (ACAS) to identify potential vulnerabilities.
- Develop accreditation packages to submit to DSS for ATC or ATO approval.
- Work with QA business unit and application development department to ensure requirements are met.
- Track progress of testing to ensure tasks are turn around quickly within QA time commitment.
- Provide analysis on scan results from App detective & Nessus for UFMS production and non -production.
- Conduct vulnerability and compliance testing using Harris, ADT, eEye, and NESSUS scanning software.
- Assist in the implementation, management and maintenance of HBSS for the AOC WS modernization program.
- Report on HBSS to include, review of logs, open tickets, recommend process for remediation.
- Utilize NIST SP 800-26 in order to interview with the ISSO, system owner, system administrators, and users.
- Develop automated data collections to complete the weekly summary of FISMA statistics; the automation saves over 10 man-hours per week.
- Configure and hardened/accredite Linux and application software.
- Implement standard operating procedures for close areas and classify AIS safeguards.
- Provide trend analysis/ comparative analysis to determine effectiveness of FISMA reporting methods.
Information assurance analyst skills and personality traits
We calculated that 10% of Information Assurance Analysts are proficient in RMF, DOD, and ACAS. They’re also known for soft skills such as Analytical skills, Detail oriented, and Problem-solving skills.
We break down the percentage of Information Assurance Analysts that have these skills listed on their resume here:
- RMF, 10%
Provide risk assessments relative to NIST 800-30 and 800-53* Development documents that are included in the RMF process to approve applications.
- DOD, 9%
Ensured that all DoD information system IA-related documentation, were current and accessible to properly authorized individuals and stakeholders.
- ACAS, 7%
Certified in Assured Compliance Assessment Solutions (ACAS) and assist Vulnerability team in the planning of this architecture deployment.
- IAM, 6%
Identified residual risk and recommended approval/disapproval to the IAM.
- Windows, 5%
Ensured that IA security requirements were appropriately identified in computer environment operation procedures including Windows and Linux audits.
- Security Policies, 4%
Created documentation to ensure compliance for management, operational and technical security policies based on National Institute of Standards and Technology.
Common skills that an information assurance analyst uses to do their job include "rmf," "dod," and "acas." You can find details on the most important information assurance analyst responsibilities below.
Analytical skills. One of the key soft skills for an information assurance analyst to have is analytical skills. You can see how this relates to what information assurance analysts do because "information security analysts must carefully study computer systems and networks and assess risks to determine how security policies and protocols can be improved." Additionally, an information assurance analyst resume shows how information assurance analysts use analytical skills: "maintained databases of system accreditation status, developed reports, and alerted the mda iam when accreditation documentation required updating. "
Detail oriented. Another essential skill to perform information assurance analyst duties is detail oriented. Information assurance analysts responsibilities require that "because cyberattacks can be difficult to detect, information security analysts must pay careful attention to computer systems and watch for minor changes in performance." Information assurance analysts also use detail oriented in their role according to a real resume snippet: "prepared detailed reports for quarterly fisma reports indicating compliance with nist 800- 53. "
Problem-solving skills. Another skill that relates to the job responsibilities of information assurance analysts is problem-solving skills. This skill is critical to many everyday information assurance analyst duties, as "information security analysts must respond to security alerts and uncover and fix flaws in computer systems and networks." This example from a resume shows how this skill is used: "managed resolutions of security violations and enforced national, dod and air force security policies and directives. "
The three companies that hire the most information assurance analysts are:
- Ernst & Young7 information assurance analysts jobs
- Resource Management6 information assurance analysts jobs
- Peraton6 information assurance analysts jobs
Choose from 10+ customizable information assurance analyst resume templates
Build a professional information assurance analyst resume in minutes. Our AI resume writing assistant will guide you through every step of the process, and you can choose from 10+ resume templates to create your information assurance analyst resume.
Compare different information assurance analysts
Information assurance analyst vs. Security administrator
A security administrator is in charge of establishing and enforcing security measures over a company's information systems and networks. Their duties typically revolve around installing and maintaining security networks, analyzing existing systems to identify areas needing improvement, conducting regular maintenance checks and upgrades to optimize services and functions, and monitoring overall systems for any suspicious activities or breaches. Furthermore, as a security administrator, it is essential to develop information technology solutions in adherence to the company's policies and regulations, including its vision and mission.
These skill sets are where the common ground ends though. The responsibilities of an information assurance analyst are more likely to require skills like "rmf," "acas," "poa," and "iam." On the other hand, a job as a security administrator requires skills like "customer service," "troubleshoot," "security procedures," and "data entry." As you can see, what employees do in each career varies considerably.
Security administrators really shine in the government industry with an average salary of $91,933. Comparatively, information assurance analysts tend to make the most money in the professional industry with an average salary of $86,637.The education levels that security administrators earn slightly differ from information assurance analysts. In particular, security administrators are 7.2% less likely to graduate with a Master's Degree than an information assurance analyst. Additionally, they're 0.2% more likely to earn a Doctoral Degree.Information assurance analyst vs. Security engineer
Security engineers are responsible for developing and overseeing data and security software to help prevent data breaches, leaks, and taps related to cybercrime. Other duties and responsibilities include developing new systems to help protect computer networks and assets, configuring firewalls, and conducting penetration testing to pinpoint vulnerabilities. Additionally, security engineers are responsible for investigating attacks and help prevent cybersecurity threat. They are also responsible for creating new processes for authorization, encryption algorithms, and authentication, and analyzing current security policies.
In addition to the difference in salary, there are some other key differences worth noting. For example, information assurance analyst responsibilities are more likely to require skills like "rmf," "acas," "iam," and "st." Meanwhile, a security engineer has duties that require skills in areas such as "java," "cloud security," "infrastructure," and "application security." These differences highlight just how different the day-to-day in each role looks.
Security engineers may earn a higher salary than information assurance analysts, but security engineers earn the most pay in the technology industry with an average salary of $126,572. On the other hand, information assurance analysts receive higher pay in the professional industry, where they earn an average salary of $86,637.security engineers earn similar levels of education than information assurance analysts in general. They're 0.3% less likely to graduate with a Master's Degree and 0.2% more likely to earn a Doctoral Degree.Information assurance analyst vs. Personal security specialist
A network security engineer is responsible for maintaining the safety and security of all the organization's network systems, conducting regular configuration and maintenance to avoid unauthorized access and suspicious activities that may pose risks for the company's integrity. Network security engineers manage security threats and strategize resolutions to mitigate the reoccurrence of security issues. They also develop security enhancement recommendations, update network infrastructure, and monitor system activities. A network security engineer should have excellent communication and technical skills, as well as a strong command of programming languages and system codes.
The required skills of the two careers differ considerably. For example, information assurance analysts are more likely to have skills like "rmf," "acas," "poa," and "iam." But a personal security specialist is more likely to have skills like "customer service," "emergency situations," "product knowledge," and "sales floor."
Most personal security specialists achieve a lower degree level compared to information assurance analysts. For example, they're 10.1% less likely to graduate with a Master's Degree, and 0.1% less likely to earn a Doctoral Degree.Information assurance analyst vs. Network security engineer
Types of information assurance analyst
Updated January 8, 2025
