In today’s age where big data has played an increasingly larger role in many industries, information security analysts play pivotal roles in preventing data hacks and breaches. The twenty-first century has already seen large information breaches at big companies in which sensitive data—including the credit card numbers, passwords, and social security numbers of hundreds of millions of users—were compromised.
Information security analysts work to protect organizations from similar threats, and can have deeply rewarding careers.
Here’s what you need to know about becoming an information security analyst.
An information security analyst keeps an organization’s data and computers safe from cyberattacks and data breaches.
The median salary of an information security analyst in the US is $99,730. And job prospects for information security analysts are good—the position is expected to grow by 31 percent over 2019 to 2029, according to the US Bureau of Labor Statistics (BLS) .
Many employers ask for at least a bachelor’s degree in computer science for information security analyst positions. But they’re not always necessary. Professional certificates can be another way to build needed experience and skills.
Read on for more on what information security analysts do, how much they make, and paths to becoming one.
An information security analyst protects an organization's computer networks, systems, and databases from cyberattacks and data breaches.
An information security analyst’s job description might include:
Detecting, monitoring, and mediating various aspects of security—including physical security, software security, and network security
Performing compliance control testing
Developing recommendations and training programs to minimize security risk in the company
Being aware of evolving threats in cybersecurity space by communicating with external sources
Collaborating with other teams and management within a company to implement best security practices
Information security analysts are needed in companies that keep sensitive data and information. This can include almost any field—including business, governance, technology, finance, energy, and many more.
Information security refers specifically to the protection of sensitive data against breaches and modification. It also means making sure data is accessible to those who are authorized to use it.
Information security is often confused with cybersecurity—which is understandable, because there is significant overlap, and many use the two interchangeably. Cybersecurity however refers more broadly to preventing cyberattacks that come from unauthorized electronic sources. Information security focuses specifically on protecting the data and information of an organization, employees, or users, which can exist in both physical and electronic form.
Job prospects in the information security field are expected to grow rapidly in the next decade. The BLS estimates that information security analyst positions will grow by 31 percent from 2019 to 2029. That’s much faster than the average for all occupations.
You can take several paths to become an information security analyst. Ultimately, you’ll need to have certain skills, both hard and soft. These include:
Fundamental understanding of computer networks and systems
Knowledge of firewalls, routers, and other security infrastructure
Knowledge of risk management frameworks
Ethical hacking or penetration testing experience
Industry knowledge to stay on top of evolving security threats
Attention to detail
Ability to thrive in a team setting
You can build out these skills through the following means.
Professional certificates: Several professional certificate offer training courses that don’t require previous experience. Earning a certificate can give you a solid knowledge base in security issues, while also giving you the credentials to show employers your competency.
These can include IT certifications. Look for certifications in the following fields:
These might include the Cisco Certified Network Associate (CCNA) certification, the Google IT Support Certificate, or the CompTIA Security+ certification. Take a look at entry-level IT certifications to see what might fit your needs.
Degrees: Information security analyst positions typically call for at least a bachelor’s degree. Majoring in computer science or computer engineering can set you up to be a competitive job candidate for information security jobs upon graduation.
If you don’t have a bachelor’s degree in a computer-related field, make sure you have relevant skills and look for entry-level positions that don’t call for specific degrees. You can work your way up to being an analyst from there. With a few years of experience under your belt, hiring managers may waive degree requirements. Getting a professional certificate instead may also give you the experience needed.
Being able to keep organizations safe from ill-intentioned players can make a career as an information security analyst deeply rewarding—and not just financially. Getting the proper training, through professional certificates or otherwise, can be the first step to getting your career started. Look up information security analyst job postings in your area to see what specific skills local companies are looking for, and cater your resume and training around those.
Don’t know where to begin? Check out Coursera’s job search resources for information on planning your job search, honing your resume, and more.
1. US Bureau of Labor Statistics. "Information Security Analysts, https://www.bls.gov/ooh/computer-and-information-technology/information-security-analysts.htm." Accessed March 26, 2021.