What Does a Cybersecurity Analyst Do? 2021 Job Guide

Written by Coursera • Updated on Oct 12, 2021

Cybersecurity analysts are often the first line of defense against cybercrime.

A cybersecurity analyst sits in a wheelchair looking at the camera with a laptop on their lap in a brightly lit room

Cybersecurity analysts protect computer networks from cyberattacks and unauthorized access. They do this by trying to anticipate and defend against cyber threats, and responding to security breaches when they do happen. In this job, you play a key role in protecting your organization’s valuable data.

In this article, we’ll take a closer look at what working as a cybersecurity analyst is like, why you might choose to pursue a career in cybersecurity, and how to get started in this in-demand field.

Cybersecurity analyst job description

As a cybersecurity analyst, you’re tasked with protecting your company’s hardware, software, and networks from theft, loss, or unauthorized access. At a small company or organization, you might expect to perform a variety of cybersecurity tasks. At larger organizations, you might specialize as one part of a larger security team. 

While the day-to-day tasks of a cybersecurity analyst will vary from company to company, here are a few tasks and responsibilities pulled from real job listings:

  • Monitor network traffic for security incidents and events

  • Investigate incidents and respond to events in real time

  • Write detailed incident response reports

  • Install and operate firewalls, encryption programs, and other security software

  • Fix vulnerabilities

  • Develop and promote best practices for information security

  • Conduct threat research

  • Perform periodic risk assessments and penetration tests

Cybersecurity analysts need to understand the latest cyber threat landscape, as well as their company’s IT infrastructure. Depending on where you work, this might mean having familiarity with Windows, Mac, and Linux operating systems and experience with firewalls, VPNs, and proxies, as well as security and information event management systems (SIEMs). 

Cybersecurity analyst vs. information security analyst: What’s the difference?

Information security and cybersecurity overlap, and the terms are sometimes used interchangeably. While cybersecurity analysts and information security analysts might perform similar tasks, their roles are somewhat different. 

Information security is a broader term that refers to the protection of data. Cybersecurity refers to the protection of data in its digital form. A cybersecurity analyst is responsible for data security for any data stored on computers, hard drives, or the internet. An information security analyst would also consider the security of data stored elsewhere, like documents in a filing cabinet or insider knowledge possessed by some employees.

Placeholder

Read more: How to Become an Information Security Analyst: Salary, Skills, and More

Why pursue a career in cybersecurity

Ask a cybersecurity professional why they chose this as a career, and you might get a variety of answers. You can have an impact at your organization by keeping valuable data protected. With new threats  and sophisticated attacks emerging all the time, there’s always something new to learn. Staying one step ahead of cybercriminals can be an exciting job where no two days are the same.

Cybersecurity analyst salary

The average annual salary quoted in US job listings for cybersecurity analysts from April 2020 to March 2021 was $95,000, according to CyberSeek, a job search tool from analytics company Burning Glass Technologies [1]. This is over twice as high as the national median salary for all occupations, $41,950 [2].

Cybersecurity job outlook

Another benefit of seeking a career in cybersecurity is job security. The US Bureau of Labor Statistics (BLS) anticipates 31-percent job growth between 2019 and 2029—much faster than the national average. There are more cybersecurity jobs than there are people with the right skills to fill them. Develop those skills, and you can make yourself a more competitive candidate for the tens of thousands of open cybersecurity analyst jobs in the US.

Cybersecurity career path

Many cybersecurity professionals start out as junior cybersecurity analysts before advancing to more specialized positions. Depending on your interests, you’ll find a variety of cybersecurity career paths you can take. 

Interested in strategy? Maybe you’ll want to move toward security engineering and architecture. Curious about law enforcement? Consider becoming a digital forensics investigator. You could build leadership skills to move into IT security management, or take an offensive approach to security with a job as a penetration tester or ethical hacker.

How to become a cybersecurity analyst

Starting a career in cybersecurity—or switching from another field—typically involves developing the right skills for the job. If you’re interested in getting a job as a cybersecurity analyst, here are some steps you can take to get you on your way.

1. Learn the basics of cybersecurity.

The field of cybersecurity has its own set of jargon, tools, and best practices. It can help to get an overview of it all by taking some introductory courses in cybersecurity.. While it’s totally possible to teach yourself through books, blogs, podcasts and other resources, you may find a course helpful in giving structure and context to what you’re learning.

The IBM Cybersecurity Analyst Professional Certificate is designed to introduce the skills and knowledge you’ll need for an entry-level role as a cybersecurity analyst.

Do I need a degree to be a cybersecurity analyst?

According to CyberSeek, 74 percent of job listings for cybersecurity analysts requested at least a bachelor’s degree. Another 16 percent requested a graduate degree, and 10 percent requested something less than a bachelor’s degree (a high school diploma or an associate’s degree, for example).

While earning a degree isn’t strictly necessary to get a job, earning one could mean more job opportunities and a more competitive resume.

Placeholder

2. Develop your cybersecurity skills.

While cybersecurity analysis is a technical role with some job-specific skills, you’ll also want to develop your workplace skills—some of these may even transfer from your previous experiences. These are some skills to focus on as you get yourself job-ready.

Cybersecurity technical skills

  • Intrusion detection: While the ultimate goal of cybersecurity is to prevent attacks, you’ll need to know how to detect them when they do happen. This can include network monitoring, event log analysis, and familiarity with SIEMs.

  • Endpoint management: As more and more people work from home, companies need security professionals who know how to secure multiple endpoints, like computers, phones, and internet of things devices. Tools might include firewalls, antivirus software, network access controls, and virtual private networks (VPNs).

  • Data security: Data represents a valuable resource for most organizations. Knowing how to protect it involves understanding encryption, access management, transmission control and internet protocols (TCPs and IPs), and the CIA Triad (confidentiality, integrity, accessibility).

  • Networking and network security: Most attacks occur on networked systems. To protect against these types of threats, you’ll need to know how networks work, as well as their particular vulnerabilities.

  • Programming: While advances in technology are enabling cybersecurity analysts to perform their work without having to write code, a foundational understanding of languages like JavaScript, Python, and C/C++ could give you a competitive edge.

Cybersecurity workplace skills

  • Attention to detail: Noticing a small anomaly could mean saving your company from a big data loss. 

  • Communication: When security events happen, you’ll need to coordinate with your security team and document the process of investigation and recovery. You may be tasked with training your fellow employees in best security practices.

  • Critical thinking: Whether you’re responding to a threat, patching a vulnerability, or recommending new security protocols, critical thinking skills empower you to make data-driven decisions.

  • Curiosity: Technology continues to evolve and cybercriminals continue to come up with new ways to steal or destroy data. Curiosity will help you stay up to date on new threats and security best practices.

  • Calm under pressure: Responding to a security event means acting fast and prioritizing the tasks that will shut down the attack or isolate the data breach quickly to minimize damage. 

3. Get a cybersecurity certification.

Well over half (59 percent) of all cybersecurity positions require at least one certification, according to data from Burning Glass Technologies [3]. Earning a cybersecurity certification can be a great way to validate your skills to recruiters and potential employers. Preparing for an exam doubles as a way to learn more about the field and build your skills. Take a look at some of the most popular cybersecurity certifications companies are hiring for.

4. Apply for jobs or internships.

Once you’ve built your cybersecurity skill set, start applying for jobs or internships in the field. Depending on your professional and educational background, you may start in an entry-level information technology (IT) job or as a junior data analyst, before advancing into more specialized positions. 

As you’re searching for jobs, expand your search beyond general sites like LinkedIn and Indeed, and include some job sites specific to cybersecurity:

Read more: How to Get a Cybersecurity Internship

Get started in cybersecurity

If you’re ready to take the next step toward a rewarding career in cybersecurity, enroll in the IBM Cybersecurity Analyst Professional Certificate. Learn from industry experts at IBM as you scan networks and respond to security incidents in a virtual lab environment. Learn at your own pace, and finish with a career credential for your resume in less than six months.

Placeholder

IBM Cybersecurity Analyst

IBM

PROFESSIONAL CERTIFICATE

Frequently asked questions (FAQ)

Is cybersecurity analytics hard?

Cybersecurity involves several technical skills, and the fast-paced work environment can be challenging. Having said that, it’s completely possible to gain the required knowledge and learn the right skills with some time and dedication.

Set aside a little time for your cybersecurity learning each day, and consider setting up your own virtual environment to practice those skills. 

What does an entry-level cybersecurity analyst do on a day-to-day basis?

Your daily tasks in an entry-level role will depend on the company you’re working for. Generally, day-to-day tasks might include:

  • Monitoring a SIEM tool for anomalies

  • Responding to alerts and escalating where appropriate

  • Checking for proper firewall configuration

  • Basic penetration testing

  • Preparing security incident reports

  • Researching new threats and attack methods

  • Automating repetitive security tasks

What are the work hours in cybersecurity jobs?

Most cybersecurity analysts work full time, but they don’t always work typical 9-to-5 hours. Since cyber attacks can happen at any time, come organizations and security companies keep security analysts on-call outside of typical business hours. If you’re looking for a job with the flexibility to work evenings or weekend hours, cybersecurity could be a good fit.

Article sources

1. CyberSeek. "Cybersecurity Career Pathway, https://www.cyberseek.org/pathway.html." Accessed August 3, 2021.

2. US Bureau of Labor Statistics. "Information Security Analysts, https://www.bls.gov/ooh/computer-and-information-technology/information-security-analysts.htm." Accessed August 3, 2021.

3. Burning Glass Technologies. "Recruiting Watchers for the Virtual Walls: The State of Cybersecurity Hiring, https://www.burning-glass.com/research-project/cybersecurity/." Accessed August 3, 2021.

Written by Coursera • Updated on Oct 12, 2021

This content has been made available for informational purposes only. Learners are advised to conduct additional research to ensure that courses and other credentials pursued meet their personal, professional, and financial goals.

Learn without limits