Information Security Analyst

This job search feature is for Premium Users.
Take our career test and discover careers that fit you best and your work personality strengths. With one click - see your best fitting jobs, who is hiring near you, and apply for these jobs online.

Career Test + Premium Career Report + Unlimited Career Research & Job Search Access Learn more here

Salary Range: $80,000 or more

Average Hourly: $ 49.8

Education: Bachelor's degree

Number of Jobs: 141200

Jobs Added to 2029: 47100

Growth: Much faster than average



Go here to see salary and job data specific to the United Kingdom.

What Information Security Analysts Do

Information security analysts plan and carry out security measures to protect an organization’s computer networks and systems. Their responsibilities are continually expanding as the number of cyberattacks increases.

Duties

Information security analysts typically do the following:

  • Monitor their organization’s networks for security breaches and investigate a violation when one occurs
  • Install and use software, such as firewalls and data encryption programs, to protect sensitive information
  • Prepare reports that document security breaches and the extent of the damage caused by the breaches
  • Conduct penetration testing, which is when analysts simulate attacks to look for vulnerabilities in their systems before they can be exploited
  • Research the latest information technology (IT) security trends
  • Develop security standards and best practices for their organization
  • Recommend security enhancements to management or senior IT staff
  • Help computer users when they need to install or learn about new security products and procedures

IT security analysts are heavily involved with creating their organization’s disaster recovery plan, a procedure that IT employees follow in case of emergency. These plans allow for the continued operation of an organization’s IT department. The recovery plan includes preventive measures such as regularly copying and transferring data to an offsite location. It also involves plans to restore proper IT functioning after a disaster. Analysts continually test the steps in their recovery plans.

Information security analysts must stay up to date on IT security and on the latest methods attackers are using to infiltrate computer systems. Analysts need to research new security technology to decide what will most effectively protect their organization.


Work Environment

Most information security analysts work for computer companies, consulting firms, or business and financial companies.


Work Environment Details

Information security analysts held about 141,200 jobs in 2020. The largest employers of information security analysts were as follows:
Computer systems design and related services 26%
Finance and insurance 18
Information 10
Management of companies and enterprises 9
Administrative and support services 5

Many information security analysts work with other members of an information technology department, such as or .

Work Schedules

Most information security analysts work full time. Information security analysts sometimes have to be on call outside of normal business hours in case of an emergency. Some work more than 40 hours per week.


Job Outlook

Employment of information security analysts is projected to grow 33 percent from 2020 to 2030, much faster than the average for all occupations.

About 16,300 openings for information security analysts are projected each year, on average, over the decade. Many of those openings are expected to result from the need to replace workers who transfer to different occupations or exit the labor force, such as to retire.


How to Become an Information Security Analyst

Most information security analyst positions require a bachelor’s degree in a computer-related field. Employers usually prefer analysts to have experience in a related occupation.

Education

Information security analysts usually need at least a bachelor’s degree in computer science, information assurance, programming, or a related field. 

Some employers prefer applicants who have a Master of Business Administration (MBA) in information systems. Programs offering the MBA in information systems generally require 2 years of study beyond the undergraduate level and include both business and computer-related courses.

Work Experience in a Related Occupation

Information security analysts generally need to have previous experience in a related occupation. Many analysts have experience in an information technology department, often as a network or computer systems administrator. Some employers look for people who have already worked in fields related to the one in which they are hiring. For example, if the job opening is in database security, they may look for a database administrator. If they are hiring in systems security, a computer systems analyst may be an ideal candidate.

Licenses, Certifications, and Registrations

There are a number of information security certifications available, and many employers prefer candidates to have certification, which validates the knowledge and best practices required from information security analysts. Some are general information security certificates, such as the Certified Information Systems Security Professional (CISSP), while others have a more narrow focus, such as penetration testing or systems auditing.

Advancement

Information security analysts can advance to become chief security officers or another type of computer and information systems manager.

Important Qualities

Analytical skills. Information security analysts must carefully study computer systems and networks and assess risks to determine how security policies and protocols can be improved.

Detail oriented. Because cyberattacks can be difficult to detect, information security analysts must pay careful attention to computer systems and watch for minor changes in performance.

Ingenuity. Information security analysts must anticipate information security risks and implement new ways to protect their organizations’ computer systems and networks.

Problem-solving skills. Information security analysts must respond to security alerts and uncover and fix flaws in computer systems and networks.


United Kingdom Job Data

Source:

Bureau of Labor Statistics, U.S. Department of Labor, Occupational Outlook Handbook, Information Security Analysts, at https://www.bls.gov/ooh/computer-and-information-technology/information-security-analysts.htm (visited ).