Last Updated: March 3, 2020
Information security analysts, can expect an estimated 32% increase in employment from 2018-2028, according to the U.S. Bureau of Labor Statistics (BLS). As a field that evolves alongside technology, information security analysis requires knowledge of computer networks and systems, security solutions and protections, and risk assessment protocols.
Security analysts' daily duties may vary, but a bachelor's degree in computer science or information technology serves as a launch point for the profession. Additional education, experience, and industry certifications build expertise in the field.
Threats to cybersecurity continue to pervade the marketplace and our personal lives. Security analysts combat this, offering essential protections across private and public sectors. Security analysts thrive in financial, business, and technological industries.
In 2018, information security analysts earned a mean annual salary exceeding $102,000 annually. The computer system design and enterprise management industry employed the most information security analysts. The pharmaceutical and medicine manufacturing industry offered top salaries, exceeding $131,000.
What Does a Security Analyst Do?
Information security analysts possess comprehensive knowledge of computer systems and information technologies. They understand cybersecurity threats and how to prevent, stop, and recover from data incursions. Security analysts monitor computer systems and networks for security violations. They investigate security breaches and prepare reports about any damage or continued threats.
Security analysts carry out penetration testing to prevent cybersecurity incidents, employing the latest technologies to counter potential threats. They install and upgrade computer security software, such as encryption programs and firewalls, to protect data integrity. They also train users to employ security products and procedures.
Security analysts contribute to the development of an organization's security standards and policies. They work with executives, managers, and employees to identify and articulate the most efficient and effective data protection practices. They may recommend upgrades and new hardware or software as well.
Protecting data from corruption, compromise, or loss remains a chief concern for individuals and groups alike. Anxiety about cybersecurity threats and damage creates a need for security analysts across the occupational landscape. Information security analysts work in small- and large-scale business settings. They also find employment with financial institutions, healthcare organizations, and government agencies.
Steps to Become a Security Analyst
To become a security analyst, individuals need at least a bachelor's degree in computer science, information technology, or a related discipline. This degree includes coursework in computer software and hardware, building foundational knowledge for aspiring security analysts. Classes in cybersecurity, penetration testing, and computer forensics also foster skills applicable to careers in the field.
With 1-2 years of IT experience, individuals can move into security analyst roles. Entry-level positions that prepare security analysts include computer programmers, computer systems analysts, and software developers. Experience rests at the core of a successful security analyst career. Working with various platforms, data transmission processes, and intrusion and detection software programs prepare security analysts to react quickly and effectively to data security threats.
Experience with an organization's computer systems, policies, and practices also provides valuable insights into potential risks and how to address them. Experience builds necessary skills to identify risks and intrusions, implement security protocols, and recover lost data.
Alongside experience, industry certifications boost skills for aspiring security analysts. Cisco's certified network associate security certificate focuses on the installation, monitoring, and maintenance of Cisco network technologies, while the certified network professional security program emphasizes security solutions for network security engineers.
Additional certifications in ethical hacking, penetration testing, and incident handling build advanced knowledge of specific aspects of the cybersecurity field. Security analysts in the manufacturing industry benefit from a McAfee Institute certification in eCommerce fraud or retail crime investigation. Government security analysts can earn certifications in cyber intelligence investigation.
Graduate degrees in cybersecurity, information assurance, and information systems security further enhance security analysis competencies. Curricula vary by program, allowing individuals to gain expertise in the subfield of the field that meets their personal and professional goals.
Top Required Skills for a Security Analyst
Aspiring security analysts completing their bachelor's develop key skills in computer programming, software development, and system and network administration. Security analysts must possess knowledge of security solutions, policies, and protections, as well.
Experience, continued education, and industry certifications build knowledge of cybersecurity, risk management, and information technology infrastructure. Cybersecurity skills include ethical hacking, penetration testing, and data recovery. Risk management focuses on identifying security risks and addressing them effectively, while infrastructure competencies allow security analysts to efficiently monitor for security breaches and risks.
Security analysts use analytical and problem-solving skills in the technical and conceptual aspects of the job. They integrate knowledge of computer software and hardware with an understanding of data integrity theory and practice. Creativity helps security analysts apply innovative techniques to security threats or breaches and anticipate potential problems.
Security analysts need skills in research, auditing, and project management as well. They investigate which technologies best meet their organizations' security needs, often conducting an audit of defenses, exposures, and vulnerabilities in the process.
Project management skills facilitate collaboration among information security professionals. Security analysts may lead teams of information technology security professionals, who must demonstrate time management, organizational, and communication skills.
Security analysts prioritize threats, allocate resources to handling data breaches and recovery practices, and relay information about any resulting damage. Through strong written and verbal communication skills, security analysts prepare reports for executives, managers, and colleagues. They also advise them on current and future practices.
Security Analyst Salary
As of 2018, information security analysts earned an annual mean salary of over $100,000. PayScale reports that entry-level security analysts earn less than $60,000 annually, but experience, location, industry, and additional education increase career opportunities and earning potential.
A projected 32% increase in job growth from 2018-2028 bodes well for aspiring security analysts. Industries employing the most security analysts include computer systems design, enterprise management, and finance. Pharmaceutical and medical manufacturing, wholesale trading, and legal services represent the highest-paying industries for security analysis professionals.
Virginia serves as home to the largest number and highest concentration of security analyst professionals in the United States. Its proximity to Washington, D.C., a top metropolitan area for the profession, facilitates Virginia's high numbers. New York and New Jersey offer the highest salaries to security analysts. In New York, security analysts earned an annual mean wage of $122,000 as of 2018. New Jersey-based security analysts saw comparable salaries of $121,600. Similarly, security analysts in the New York-Newark metropolitan area earned top salaries among corresponding locations, taking home $128,420 annually.
Looking for More Cyber Degree Programs?
- Bachelor's in Cyber Security Programs
- Become a Security Administrator
- How Much Does a Security Analyst Make?