A topic that caught my attenion some time ago. What is a jobscope of these two people? Well, since i was/am still in the industry, i can shed some light on the jobscope of both the positions. A security analyst is someone who has knowledge on a number of areas; OSes, programming langauge, tcp/ip etc. He/she must be able to use the many different tools to perform analysis task i.e. tcpdump, wireshark, squil, mrtg, ntop, acid, ossec etc. These some of the many essential tools that a security analyst must be familiar with. Besides that, he/she must also be able to detect accurately and response promptly to any incident issues. Most importantly, he/she must be able to do root cause analysis to determine the authenticity of a suspected event.
How about a security consultant? A Security Consultant is a person who has advanced skill in the world of security. NSM is at his/her fingetips. He/she is someone who could differentiate the output given by tcpdump and output from wireshark. The name itself carries a significant weight that a consultant can be proud of; the word consultant. Anyone could just walk to a Security consultant and ask advise on how to secure a network. That is the meaning of consultant=consultation. The network topology can vary from bus to mesh yet the Security Consultant could provide you with in depth recommendation on how to secure the network. He/she not only has the fundementals, but are experts in breeding a Security Analyst.
IMHO, this guy, this guy and my good friend Mr. Gigco are worthy Security Consultants. I've seen what these people can do. I strongly believe they can be approached by anyone regarding building a secured network and trust me they will live up to the task.
p.s - a person taking down minutes of a meeting, generating automatic report, ordering food and typing letters is known as a clerk. You don't need to be a rocket scientist to know that.