Information Security Analyst

Career Clusters: STEM, Information Technology

What you need to know


Information security analysts plan and carry out security measures to protect an organization’s computer networks and systems. Their responsibilities are continually expanding as the number of cyberattacks increases.

What is this career like?

Information security analysts are heavily involved with creating their organization’s disaster recovery plan, a procedure that IT employees follow in case of an emergency. Many information security analysts work with other members of an information technology department, such as network administrators or computer systems analysts.

Some of the things information security analysts might do:

  • Monitor their organization’s networks for security breaches and investigate a violation when one occurs
  • Install and use software, such as firewalls and data encryption programs, to protect sensitive information
  • Prepare reports that document security breaches and the extent of the damage caused by the breaches
  • Conduct penetration testing, which is when analysts simulate attacks to look for vulnerabilities in their systems before they can be exploited
  • Research the latest information technology (IT) security trends
  • Develop security standards and best practices for their organization
  • Recommend security enhancements to management or senior IT staff
  • Help computer users when they need to install or learn about new security products and procedures

Watch this video to learn about some of the things our information security analyst role models do in their careers:

What skills are needed?
  • Analytical skills. Information security analysts must carefully study computer systems and networks and assess risks to determine how security policies and protocols can be improved.
  • Detail oriented. Because cyberattacks can be difficult to detect, information security analysts must pay careful attention to computer systems and watch for minor changes in performance.
  • Ingenuity. Information security analysts must anticipate information security risks and implement new ways to protect their organizations’ computer systems and networks.
  • Problem-solving skills. Information security analysts must respond to security alerts and uncover and fix flaws in computer systems and networks.

Watch this video to learn more from our information security analyst role models:

What is the pay?

The average pay for information security analysts in the United States was $120,360 in May 2023 according to the U.S. Bureau of Labor Statistics.

An information security analyst’s pay depends on factors such as level of experience, education and training, geographic location, and specific industry.

What is the career outlook?

About 16,800 new job openings for information security analysts are projected each year, on average, over the next 10 years in the United States.

Overall employment of information security analysts is projected to grow 32 percent from 2022 to 2032 according to the U.S. Bureau of Labor Statistics. This is much faster than the average growth rate for all occupations.

Demand for information security analysts is expected to be very high. Cyberattacks have grown in frequency, and analysts will be needed to come up with innovative solutions to prevent hackers from stealing critical information or creating problems for computer networks.

What education is required?

Information security analysts usually need at least a bachelor’s degree in computer science, information assurance, programming, or a related field.

Some employers prefer applicants who have a Master of Business Administration (MBA) in information systems. Programs offering the MBA in information systems generally require 2 years of study beyond the undergraduate level and include both business and computer-related courses.

Discover some of the courses you will take pursuing a degree in Information Systems or Computer Science.

Watch this video to learn more from our information security analyst role models: