What Does a Cybersecurity Analyst Do? 2024 Job Guide

Cybersecurity analysts protect computer networks from cyberattacks and unauthorized access. They do this by trying to anticipate and defend against cyber threats, and responding to security breaches when they do happen. In this job, you play a key role in protecting your organization’s valuable data.

In this article, we’ll take a closer look at what working as a cybersecurity analyst is like, why you might choose to pursue a career in cybersecurity, and how to get started in this in-demand field. Afterward, if you'd like to start working towards a career as a cybersecurity analyst, you might also consider enrolling in Microsoft's Cybersecurity Analyst Professional Certificate.

Cybersecurity analyst job description

As a cybersecurity analyst, you’re tasked with protecting your company’s hardware, software, and networks from theft, loss, or unauthorized access. At a small company or organization, you might expect to perform a variety of cybersecurity tasks. At larger organizations, you might specialize as one part of a larger security team. 

While the day-to-day tasks of a cybersecurity analyst will vary from company to company, here are a few tasks and responsibilities pulled from real job listings:

• Monitor network traffic for security incidents and events.

• Investigate incidents and respond to events in real time.

• Write detailed incident response reports.

• Install and operate firewalls, encryption programs, and other security software.

• Fix vulnerabilities.

• Develop and promote best practices for information security.

• Conduct threat research.

• Perform periodic risk assessments and penetration tests.

Cybersecurity analysts need to understand the latest cyber threat landscape, as well as their company’s IT infrastructure. Depending on where you work, this might mean having familiarity with Windows, Mac, and Linux operating systems and experience with firewalls, VPNs, and proxies, as well as security and information event management systems (SIEMs). 

Cybersecurity analyst vs. information security analyst: What’s the difference?

Information security and cybersecurity overlap, and the terms are sometimes used interchangeably. While cybersecurity analysts and information security analysts might perform similar tasks, their roles are somewhat different. 

Information security is a broader term that refers to the protection of data. Cybersecurity refers to the protection of data in its digital form. A cybersecurity analyst is responsible for data security for any data stored on computers, hard drives, or the internet. An information security analyst would also consider the security of data stored elsewhere, like documents in a filing cabinet or insider knowledge possessed by some employees.

Read more: How to Become an Information Security Analyst: Salary, Skills, and More

Why pursue a career in cybersecurity

Ask a cybersecurity professional why they chose this as a career, and you might get a variety of answers. You can have an impact on your organization by keeping valuable data protected. With new threats and sophisticated attacks emerging all the time, there’s always something new to learn. Staying one step ahead of cybercriminals can be an exciting job where no two days are the same.

Learn more about what it's like to be cybersecurity professional in this lecture from Microsoft's Cybersecurity Professional Certificate:

Cybersecurity analyst salary

The average annual salary quoted in US job listings for cybersecurity analysts from May 2022 through April 2023 was $107,517, according to CyberSeek [1]. This is nearly twice as high as the national median salary for all occupations, $61,900 [2].

Cybersecurity job outlook

Another benefit of seeking a career in cybersecurity is job security. The US Bureau of Labor Statistics (BLS) anticipates 32 percent job growth between 2022 and 2032—much faster than the national average [3]. There are more cybersecurity jobs than there are people with the right skills to fill them. Develop those skills, and you can make yourself a more competitive candidate for the tens of thousands of open cybersecurity analyst jobs in the US.

Cybersecurity career path

Many cybersecurity professionals start out as junior cybersecurity analysts before advancing to more specialized positions. Depending on your interests, you’ll find a variety of cybersecurity career paths you can take. 

Interested in strategy? Maybe you’ll want to move toward security engineering and architecture. Curious about law enforcement? Consider becoming a digital forensics investigator. You could build leadership skills to move into IT security management, or take an offensive approach to security with a job as a penetration tester or ethical hacker.

Expert advice

"If you're interested in entering a new career, it means learning," said Amy Kardel, Senior Vice President of Strategic Workforce Relationships at CompTIA, during Coursera's virtual panel, "How can online learning accelerate cybersecurity careers and talent?"

"The important thing is to understand that you're looking for a company that's going to invest in your growth. You're looking for a role that puts you in the right environment to learn and grow."

How to become a cybersecurity analyst

Starting a career in cybersecurity—or switching from another field—typically involves developing the right skills for the job. If you’re interested in getting a job as a cybersecurity analyst, here are some steps you can take to get on your way.

1. Learn the basics of cybersecurity.

The field of cybersecurity has its own set of jargon, tools, and best practices. It can help to get an overview of it all by taking some introductory courses in cybersecurity. While it’s totally possible to teach yourself through books, blogs, podcasts, and other resources, you may find a course helpful in giving structure and context to what you’re learning.

Wondering where to start? The Microsoft Cybersecurity Analyst Professional Certificate is designed to introduce the skills and knowledge you’ll need for an entry-level role as a cybersecurity analyst.

Do I need a degree to be a cybersecurity analyst?

According to Zippia, 61 percent of cybersecurity analysts hold at least a bachelor’s degree. Another 19 percent have an associate degree, and 15 percent have a master's [4].

While earning a degree isn’t strictly necessary to get a job, earning one could mean more job opportunities and a more competitive resume.

2. Develop your cybersecurity skills.

While cybersecurity analysis is a technical role with some job-specific skills, you’ll also want to develop your workplace skills—some of these may even transfer from your previous experiences. These are some skills to focus on as you get yourself job-ready.

Cybersecurity technical skills

• Intrusion detection: While the ultimate goal of cybersecurity is to prevent attacks, you’ll need to know how to detect them when they do happen. This can include network monitoring, event log analysis, and familiarity with SIEMs.

• Endpoint management: As more and more people work from home, companies need security professionals who know how to secure multiple endpoints, like computers, phones, and Internet of Things devices. Tools might include firewalls, antivirus software, network access controls, and virtual private networks (VPNs).

• Data security: Data represents a valuable resource for most organizations. Knowing how to protect it involves understanding encryption, access management, transmission control and internet protocols (TCPs and IPs), and the CIA Triad (confidentiality, integrity, accessibility).

• Networking and network security: Most attacks occur on networked systems. To protect against these types of threats, you’ll need to know how networks work, as well as their particular vulnerabilities.

• Programming: While advances in technology are enabling cybersecurity analysts to perform their work without having to write code, a foundational understanding of languages like JavaScript, Python, and C/C++ could give you a competitive edge.

Looking for a place to start? IBM's Introduction to Cybersecurity Tools & Cyber Attacks course describes key cybersecurity concepts, best practices, and tools.

Cybersecurity workplace skills

• Attention to detail: Noticing a small anomaly could mean saving your company from a big data loss. 

• Communication: When security events happen, you’ll need to coordinate with your security team and document the process of investigation and recovery. You may be tasked with training your fellow employees in best security practices.

• Critical thinking: Whether you’re responding to a threat, patching a vulnerability, or recommending new security protocols, critical thinking skills empower you to make data-driven decisions.

• Curiosity: Technology continues to evolve, and cybercriminals continue to come up with new ways to steal or destroy data. Curiosity will help you stay up to date on new threats and security best practices.

• Calm under pressure: Responding to a security event means acting fast and prioritizing the tasks that will shut down the attack or isolate the data breach quickly to minimize damage. 

Want to hone your communication skills? The University of Pennsylvania's Improving Communication Skills course offers insight into effective communication.

3. Get a cybersecurity certification.

Over half (59 percent) of all cybersecurity positions require at least one certification, according to data from Burning Glass Technologies [5]. Earning a cybersecurity certification can be a great way to validate your skills to recruiters and potential employers. Preparing for an exam doubles as a way to learn more about the field and build your skills. Take a look at some of the most popular cybersecurity certifications companies are hiring for.

4. Apply for jobs or internships.

Once you’ve built your cybersecurity skill set, start applying for jobs or internships in the field. Depending on your professional and educational background, you may start in an entry-level information technology (IT) job or as a junior data analyst, before advancing into more specialized positions. 

As you’re searching for jobs, expand your search beyond general sites like LinkedIn and Indeed, and include some job sites specific to cybersecurity:

• Clearedjobs.net

• NinjaJobs

• Dice

Read more: How to Get a Cybersecurity Internship

Have career questions? We have answers.

Subscribe to Coursera Career Chat on LinkedIn to receive our weekly, bite-sized newsletter for more work insights, tips, and updates from our in-house team.

Get started in cybersecurity

If you’re interested in starting a career in cybersecurity, consider the Microsoft Cybersecurity Analyst Professional Certificate on Coursera. This program is designed ​​to help individuals with no previous experience prepare for Microsoft’s SC-900 exam and a first job in cybersecurity, all at their own pace.

Frequently asked questions (FAQ)