Difference between a security analyst and a security engineer?

There's no strict definition, and some organisations or recruiters will interchange the terms arbitrarily.

Generally speaking, a security analyst will work more on the attack side, performing penetration tests and identifying security issues. A security engineer will work more on the defence side, building secure systems and resolving security incidents. There is often overlap between the roles, particularly when a security analyst is working internally within an organisation (e.g. internal pentest team), rather than as an external consultant (often referred to as a security consultant, penetration tester, or ethical hacker).


There is a lot of confusion around the term 'analyst'. For instance, I was hired by one company as an 'analyst', but my job description was to design, build, implement, and maintain an entire security ecosystem for a SaaS company across international boundaries. That sounded like an 'architect' to me, but my employer was told by a consulting company that 'analyst' was an appropriate term, too.

In short, 'analyst' can be a catch-all term that means very different things to different organisations.


The difference actually comes down in the end to salary: https://www.glassdoor.com/Salaries/cyber-security-analyst-salary-SRCH_KO0,22.htm

https://www.glassdoor.com/Salaries/cyber-security-engineer-salary-SRCH_KO0,23.htm

I've had both titles and a lot of my responsibilities are the same in both positions. In the end the reason why certain companies will want to label you as an "Analyst" is because "Engineer" commands about $15K higher in salary.