Information Security Analyst
What you need to know
Information security analysts plan and carry out security measures to protect an organization’s computer networks and systems. Their responsibilities are continually expanding as the number of cyberattacks increases.
Information security analysts are heavily involved with creating their organization’s disaster recovery plan, a procedure that IT employees follow in case of emergency. Many information security analysts work with other members of an information technology department, such as network administrators or computer systems analysts.
Some of the things information security analysts might do:
- Monitor their organization’s networks for security breaches and investigate a violation when one occurs
- Install and use software, such as firewalls and data encryption programs, to protect sensitive information
- Prepare reports that document security breaches and the extent of the damage caused by the breaches
- Conduct penetration testing, which is when analysts simulate attacks to look for vulnerabilities in their systems before they can be exploited
- Research the latest information technology (IT) security trends
- Develop security standards and best practices for their organization
- Recommend security enhancements to management or senior IT staff
- Help computer users when they need to install or learn about new security products and procedures
- Analytical skills. Information security analysts must carefully study computer systems and networks and assess risks to determine how security policies and protocols can be improved.
- Detail oriented. Because cyberattacks can be difficult to detect, information security analysts must pay careful attention to computer systems and watch for minor changes in performance.
- Ingenuity. Information security analysts must anticipate information security risks and implement new ways to protect their organizations’ computer systems and networks.
- Problem-solving skills. Information security analysts must respond to security alerts and uncover and fix flaws in computer systems and networks.
The average pay for information security analysts in the United States ranges from $60,060 to $163,300 as of May 2020.
The specific pay depends on factors such as level of experience, education and training, geographic location, and specific industry.
Employment of information security analysts is projected to grow 31 percent from 2019 to 2029, much faster than the average for all occupations.
Demand for information security analysts is expected to be very high. Cyberattacks have grown in frequency, and analysts will be needed to come up with innovative solutions to prevent hackers from stealing critical information or creating problems for computer networks.
Information security analysts usually need at least a bachelor’s degree in computer science, information assurance, programming, or a related field.
Some employers prefer applicants who have a Master of Business Administration (MBA) in information systems. Programs offering the MBA in information systems generally require 2 years of study beyond the undergraduate level and include both business and computer-related courses.