HOW TO BECOME A SECURITY ANALYST

Written by CyberDegrees.org Staff Writer

Last Updated: March 3, 2020

Search Programs

SEARCH SCHOOLS

AD

Information security analysts, can expect an estimated 32% increase in employment from 2018-2028,
according to the U.S. Bureau of Labor Statistics (BLS). As a field that evolves alongside technology,
information security analysis requires knowledge of computer networks and systems, security solutions
and protections, and risk assessment protocols.

Security analysts' daily duties may vary, but a bachelor's degree in computer science or information
technology serves as a launch point for the profession. Additional education, experience, and industry
certifications build expertise in the field.

Threats to cybersecurity continue to pervade the marketplace and our personal lives. Security analysts
combat this, offering essential protections across private and public sectors. Security analysts thrive in
financial, business, and technological industries.

In 2018, information security analysts earned a mean annual salary exceeding $102,000 annually. The
computer system design and enterprise management industry employed the most information security
analysts. The pharmaceutical and medicine manufacturing industry offered top salaries, exceeding
$131,000.

WHAT DOES A SECURITY ANALYST DO?

Information security analysts possess comprehensive knowledge of computer systems and information
technologies. They understand cybersecurity threats and how to prevent, stop, and recover from data
incursions. Security analysts monitor computer systems and networks for security violations. They
investigate security breaches and prepare reports about any damage or continued threats.

Security analysts carry out penetration testing to prevent cybersecurity incidents, employing the latest
technologies to counter potential threats. They install and upgrade computer security software, such as
encryption programs and firewalls, to protect data integrity. They also train users to employ security
products and procedures.

Security analysts contribute to the development of an organization's security standards and policies.
They work with executives, managers, and employees to identify and articulate the most efficient and
effective data protection practices. They may recommend upgrades and new hardware or software as
well.

Protecting data from corruption, compromise, or loss remains a chief concern for individuals and groups
alike. Anxiety about cybersecurity threats and damage creates a need for security analysts across the
occupational landscape. Information security analysts work in small- and large-scale business settings.
They also find employment with financial institutions, healthcare organizations, and government
agencies.

STEPS TO BECOME A SECURITY ANALYST

To become a security analyst, individuals need at least a bachelor's degree in computer science,
information technology, or a related discipline. This degree includes coursework in computer software
and hardware, building foundational knowledge for aspiring security analysts. Classes in cybersecurity,
penetration testing, and computer forensics also foster skills applicable to careers in the field.

With 1-2 years of IT experience, individuals can move into security analyst roles. Entry-level positions
that prepare security analysts include computer programmers, computer systems analysts, and software
developers. Experience rests at the core of a successful security analyst career. Working with various
platforms, data transmission processes, and intrusion and detection software programs prepare security
analysts to react quickly and effectively to data security threats.

Experience with an organization's computer systems, policies, and practices also provides valuable
insights into potential risks and how to address them. Experience builds necessary skills to identify risks
and intrusions, implement security protocols, and recover lost data.

Alongside experience, industry certifications boost skills for aspiring security analysts. Cisco's certified

network associate security certificate focuses on the installation, monitoring, and maintenance of Cisco
network technologies, while the certified network professional security program emphasizes security
solutions for network security engineers.

Additional certifications in ethical hacking, penetration testing, and incident handling build advanced
knowledge of specific aspects of the cybersecurity field. Security analysts in the manufacturing industry
benefit from a McAfee Institute certification in eCommerce fraud or retail crime investigation.
Government security analysts can earn certifications in cyber intelligence investigation.

Graduate degrees in cybersecurity, information assurance, and information systems security further
enhance security analysis competencies. Curricula vary by program, allowing individuals to gain
expertise in the subfield of the field that meets their personal and professional goals.

TOP REQUIRED SKILLS FOR A SECURITY ANALYST

Aspiring security analysts completing their bachelor's develop key skills in computer programming,
software development, and system and network administration. Security analysts must possess
knowledge of security solutions, policies, and protections, as well.
Experience, continued education, and industry certifications build knowledge of cybersecurity, risk
management, and information technology infrastructure. Cybersecurity skills include ethical hacking,
penetration testing, and data recovery. Risk management focuses on identifying security risks and
addressing them effectively, while infrastructure competencies allow security analysts to efficiently
monitor for security breaches and risks.

Security analysts use analytical and problem-solving skills in the technical and conceptual aspects of the
job. They integrate knowledge of computer software and hardware with an understanding of data
integrity theory and practice. Creativity helps security analysts apply innovative techniques to security
threats or breaches and anticipate potential problems.

Security analysts need skills in research, auditing, and project management as well. They investigate
which technologies best meet their organizations' security needs, often conducting an audit of defenses,
exposures, and vulnerabilities in the process.

Project management skills facilitate collaboration among information security professionals. Security
analysts may lead teams of information technology security professionals, who must demonstrate time
management, organizational, and communication skills.

Security analysts prioritize threats, allocate resources to handling data breaches and recovery practices,
and relay information about any resulting damage. Through strong written and verbal communication
skills, security analysts prepare reports for executives, managers, and colleagues. They also advise them
on current and future practices.

SECURITY ANALYST SALARY

As of 2018, information security analysts earned an annual mean salary of over $100,000. PayScale
reports that entry-level security analysts earn less than $60,000 annually, but experience, location,
industry, and additional education increase career opportunities and earning potential.

A projected 32% increase in job growth from 2018-2028 bodes well for aspiring security analysts.
Industries employing the most security analysts include computer systems design, enterprise
management, and finance. Pharmaceutical and medical manufacturing, wholesale trading, and legal
services represent the highest-paying industries for security analysis professionals.

Virginia serves as home to the largest number and highest concentration of security analyst
professionals in the United States. Its proximity to Washington, D.C., a top metropolitan area for the
profession, facilitates Virginia's high numbers. New York and New Jersey offer the highest salaries to
security analysts. In New York, security analysts earned an annual mean wage of $122,000 as of 2018.
New Jersey-based security analysts saw comparable salaries of $121,600. Similarly, security analysts in
the New York-Newark metropolitan area earned top salaries among corresponding locations, taking
home $128,420 annually.