Information Security Analysts

Career, Salary and Education Information

Top 3 information security analyst Jobs

  • Information Security Analyst II - Fhlb Des Moines - Des Moines, IA

    Monitor, analyze and report on the security of information systems. •Provide specialized security training to technology teams. •Collaborate with IT

  • Information Security Analyst - Utah Transit Authority - Salt Lake City, UT

    Participates in incident response activities. Also supports other security focused tools and services. EDUCATION/TRAINING: • Bachelor's Degree

  • Sr. Information Security Analyst - UPS - Mahwah, NJ

    The Senior Information Security Analyst in Risk Management identifies, investigates, analyzes, and recommends information security guidance to ensure

See all information security analyst jobs

What Information Security Analysts Do[About this section] [To Top]

Information security analysts plan and carry out security measures to protect an organization’s computer networks and systems. Their responsibilities are continually expanding as the number of cyberattacks increases.

Duties of Information Security Analysts

Information security analysts typically do the following:

  • Monitor their organization’s networks for security breaches and investigate a violation when one occurs
  • Install and use software, such as firewalls and data encryption programs, to protect sensitive information
  • Prepare reports that document security breaches and the extent of the damage caused by the breaches
  • Conduct penetration testing, which is when analysts simulate attacks to look for vulnerabilities in their systems before they can be exploited
  • Research the latest information technology (IT) security trends
  • Help plan and carry out an organization’s way of handling security
  • Develop security standards and best practices for their organization
  • Recommend security enhancements to management or senior IT staff
  • Help computer users when they need to install or learn about new security products and procedures

Information security analysts must continually adapt to stay a step ahead of cyberattackers. They must stay up to date on the latest methods attackers are using to infiltrate computer systems and on IT security. Analysts need to research new security technology to decide what will most effectively protect their organization. This may involve attending cybersecurity conferences to hear firsthand accounts of other professionals who have experienced new types of attacks.

IT security analysts are heavily involved with creating their organization’s disaster recovery plan, a procedure that IT employees follow in case of emergency. These plans allow for the continued operation of an organization’s IT department. It includes preventive measures such as regularly copying and transferring data to an offsite location. It also involves plans to restore proper IT functioning after a disaster. Analysts continually test the steps in their recovery plans.

Because information security is important, these workers usually report directly to upper management. Many information security analysts work with an organization’s computer and information systems manager or chief technology officer (CTO) to design security or disaster recovery systems.

Work Environment for Information Security Analysts[About this section] [To Top]

Information security analysts hold about 82,900 jobs. The industries that employ the most information security analysts are as follows:

Computer systems design and related services 26%
Information 10
Management of companies and enterprises 8
Depository credit intermediation 7
Management, scientific, and technical consulting services 5

Many information security analysts work with other members of an information technology department, such as network administrators or computer systems analysts.

Information Security Analyst Work Schedules

Most information security analysts work full time. Information security analysts sometimes have to be on call outside of normal business hours in case of an emergency at their organization. About 1 in 4 work more than 40 hours per week.

How to Become an Information Security Analyst[About this section] [To Top]

Get the education you need: Find schools for Information Security Analysts near you!

Most information security analyst positions require a bachelor’s degree in a computer-related field. Employers usually prefer analysts to have experience in a related occupation.

Information Security Analyst Education

Information security analysts usually need at least a bachelor’s degree in computer science, programming, or a related field. As information security continues to develop as a career field, many schools are responding with information security programs for prospective job seekers. These programs may become a common path for entry into the occupation. Currently, a well-rounded computer education is preferred.

Employers of information security analysts sometimes prefer applicants who have a Master's of Business Administration (MBA) in information systems. Programs offering the MBA in information systems generally require 2 years of study beyond the undergraduate level and include both business and computer-related courses.

Work Experience in a Related Occupation

Information security analysts generally need to have previous experience in a related occupation. Many analysts have experience in an information technology department, often as a network or systems administrator. Some employers look for people who have already worked in fields related to the one in which they are hiring. For example, if the job opening is in database security, they may look for a database administrator. If they are hiring in systems security, a computer systems analyst may be an ideal candidate.

Licenses, Certifications, and Registrations

There are a number of information security certifications available, and many employers prefer job candidates to have one. Certification validates the knowledge and best practices required from information security analysts. Some are general information security certificates, such as the Certified Information Systems Security Professional, and others have a narrow focus, such as penetration testing or systems auditing.

Advancement for Information Security Analysts

Information security analysts can advance to become chief security officers or another type of computer and information systems manager.

Important Qualities for Information Security Analysts

Analytical skills. Information security analysts must carefully study computer systems and networks and assess risks to determine how security policies and protocols can be improved.

Detail oriented. Because cyberattacks can be difficult to detect, information security analysts pay careful attention to their computer systems and watch for minor changes in performance.

Ingenuity. Information security analysts anticipate information security risks and implement new ways to protect their organizations’ computer systems and networks.

Problem-solving skills. Information security analysts respond to security alerts and uncover and fix flaws in computer systems and networks.

Information Security Analyst Salaries[About this section] [More salary/earnings info] [To Top]

The median annual wage for information security analysts is $88,890. The median wage is the wage at which half the workers in an occupation earned more than that amount and half earned less. The lowest 10 percent earned less than $50,300, and the highest 10 percent earned more than $140,460.

The median annual wages for information security analysts in the top industries in which they work are as follows:

Management, scientific, and technical consulting services $95,530
Information 94,000
Depository credit intermediation 92,930
Computer systems design and related services 88,680
Management of companies and enterprises 85,720

Most information security analysts work full time. Information security analysts sometimes have to be on call outside of normal business hours in case of an emergency at their organization. About 1 in 4 work more than 40 hours per week.

Job Outlook for Information Security Analysts[About this section] [To Top]

Employment of information security analysts is projected to grow 18 percent over the next ten years, much faster than the average for all occupations.

Demand for information security analysts is expected to be very high. Cyberattacks have grown in frequency, and analysts will be needed to come up with innovative solutions to prevent hackers from stealing critical information or creating problems for computer networks.

The federal government is expected to greatly increase its use of information security analysts to protect the nation’s critical information technology (IT) systems. In addition, as the healthcare industry expands its use of electronic medical records, ensuring patients’ privacy and protecting personal data are becoming more important. More information security analysts are likely to be needed to create the safeguards that will satisfy patients’ concerns.

Employment of information security analysts is projected to grow 36 percent in computer systems design and related services over the next ten years. The increasing adoption of cloud services by small- and medium-sized businesses that do not have their own dedicated IT departments could increase the employment of information security analysts in those establishments.

Information Security Analysts Job Prospects

Job prospects for information security analysts should be good. Information security analysts with related work experience will have the best prospects. For example, an applicant with experience as a database administrator would have better prospects in database security than someone without that experience.

Employment projections data for Information Security Analysts, 2014-24
Occupational Title Employment, 2014 Projected Employment, 2024 Change, 2014-24
Percent Numeric
Information security analysts 82,900 97,700 18 14,800


*Source: Some content used by permission of the Bureau of Labor Statistics, U.S. Department of Labor.

Explore more careers: View all Careers or Browse Careers by Category

Search for jobs: