Information security analysts

What Information Security Analysts Do

Information security analysts plan and carry out security measures to protect an organization's computer networks and systems. Their responsibilities are continually expanding as the number of cyberattacks increase.

Duties

Information security analysts typically do the following:

  • Monitor their organization’s networks for security breaches and investigate a violation when one occurs
  • Install and use software, such as firewalls and data encryption programs, to protect sensitive information
  • Prepare reports that document security breaches and the extent of the damage caused by the breaches
  • Conduct penetration testing, which is when analysts simulate attacks to look for vulnerabilities in their systems before they can be exploited
  • Research the latest information technology (IT) security trends
  • Help plan and carry out an organization’s way of handling security
  • Develop security standards and best practices for their organization
  • Recommend security enhancements to management or senior IT staff
  • Help computer users when they need to install or learn about new security products and procedures

Information security analysts must continually adapt to stay a step ahead of cyberattackers. They must stay up to date on the latest methods attackers are using to infiltrate computer systems and on IT security. Analysts need to research new security technology to decide what will most effectively protect their organization. This may involve attending cybersecurity conferences to hear firsthand accounts of other professionals who have experienced new types of attacks.

IT security analysts are heavily involved with creating their organization’s disaster recovery plan, a procedure that IT employees follow in case of emergency. The plan lets an organization’s IT department continue functioning. It includes preventative measures such as regularly copying and transferring data to an offsite location. It also involves plans to restore proper IT functioning after a disaster. Analysts continually test the steps in their recovery plans.

Because information security is important, these workers usually report directly to upper management. Many information security analysts work with an organization’s computer and information systems manager or chief technology officer (CTO) to design security or disaster recovery systems.

How to Become an Information Security Analyst

Most information security analysts have a bachelor’s degree in a computer-related field. They also usually need experience in a related occupation.

Education

Information security analysts usually need at least a bachelor’s degree in computer science, programming, or a related field. As information security continues to develop as a career field, many schools are responding with information security programs for prospective job seekers. These programs may become a common path for entry into the occupation. Currently, a well-rounded computer education is preferred.

Employers of information security analysts sometimes prefer applicants who have a Master’s of Business Administration (MBA) in information systems. Programs offering the MBA in information systems generally require 2 years of study beyond the undergraduate level and include both business and computer-related courses.

Work Experience in a Related Occupation

Information security analysts generally need to have previous experience in a related occupation. Many analysts have experience in an information technology department, often as a network or systems administrator. Some employers look for people who have already worked in fields related to the one in which they are hiring. For example, if the job opening is in database security, they may look for a database administrator. If they are hiring in systems security, a computer systems analyst may be an ideal candidate.

Licenses, Certifications, and Registrations

There are a number of information security certifications available and many employers prefer job candidates to have one. Some are general information security certificates, such as the Certified Information Systems Security Professional, while others have a narrow focus, such as penetration testing or systems auditing.

Advancement

Some information security analysts can advance to become a chief security officer or another type of computer and information systems manager.

Important Qualities

Analytical skills. Information security analysts must carefully study computer systems and networks and investigate any irregularities to determine if the networks have been compromised.

Detail oriented. Because cyberattacks can be difficult to detect, information security analysts pay careful attention to their computer systems and watch for minor changes in performance.

Ingenuity. Information security analysts try to outthink cybercriminals and invent new ways to protect their organization’s computer systems and networks.

Problem-solving skills. Information security analysts uncover and fix flaws in computer systems and networks.

Job Outlook

Information Security Analysts

Percent change in employment, projected 2012-22

Information security analysts

37%

Computer occupations

18%

Total, all occupations

11%

 

Employment of information security analysts is projected to grow 37 percent from 2012 to 2022, much faster than the average for all occupations.

Demand for information security analysts is expected to be very high. Cyberattacks have grown in frequency and sophistication over the last few years, and many organizations are behind in their ability to detect these attacks. Analysts will be needed to come up with innovative solutions to prevent hackers from stealing critical information or creating havoc on computer networks.

The federal government is expected to greatly increase its use of information security analysts to protect the nation’s critical information technology (IT) systems. In addition, as the healthcare industry expands its use of electronic medical records, ensuring patients’ privacy and protecting personal data are becoming more important. More information security analysts are likely to be needed to create the safeguards that will satisfy patients’ concerns.

Job Prospects

Job prospects for information security analysts should be good. Information security analysts with related work experience will have the best opportunities. For example, an applicant with experience as a database administrator would have better prospects in database security than someone without that experience.

Employment projections data for Information Security Analysts, 2012-22
Occupational Title SOC Code Employment, 2012 Projected Employment, 2022 Change, 2012-22 Employment by Industry
Percent Numeric

SOURCE: U.S. Bureau of Labor Statistics, Employment Projections program

Information security analysts

15-1122 75,100 102,500 37 27,400
  Occupation Description Entry-Level Education 2012 Median Pay
Computer and information research scientists Computer and information research scientists

Computer and information research scientists invent and design new approaches to computing technology and find innovative uses for existing technology. They study and solve complex problems in computing for business, medicine, science, and other fields.'

Doctoral or professional degree $102,190
Computer and information systems managers Computer and information systems managers

Computer and information systems managers, often called information technology (IT) managers or IT project managers, plan, coordinate, and direct computer-related activities in an organization. They help determine the information technology goals of an organization and are responsible for implementing computer systems to meet those goals.'

Bachelor's degree $120,950
Computer programmers Computer programmers

Computer programmers write code to create software programs. They turn the program designs created by software developers and engineers into instructions that a computer can follow.'

Bachelor's degree $74,280
Computer support specialists Computer support specialists

Computer support specialists provide help and advice to people and organizations using computer software or equipment. Some, called computer network support specialists, support information technology (IT) employees within their organization. Others, called computer user support specialists, assist non-IT users who are having computer problems.'

Education requirements vary $48,900
Computer systems analysts Computer systems analysts Computer systems analysts study an organization’s current computer systems and procedures and design information systems solutions to help the organization operate more efficiently and effectively. They bring business and information technology (IT) together by understanding the needs and limitations of both.' Bachelor's degree $79,680
Database administrators Database administrators

Database administrators (DBAs) use specialized software to store and organize data, such as financial information and customer shipping records. They make sure that data are available to users and are secure from unauthorized access.'

Bachelor's degree $77,080
Network and computer systems administrators Network and computer systems administrators

Computer networks are critical parts of almost every organization. Network and computer systems administrators are responsible for the day-to-day operation of these networks.'

Bachelor's degree $72,560
Software developers Software developers

Software developers are the creative minds behind computer programs. Some develop the applications that allow people to do specific tasks on a computer or other device. Others develop the underlying systems that run the devices or control networks.'

Bachelor's degree $93,350
Web developers Web developers

Web developers design and create websites. They are responsible for the look of the site. They are also responsible for the site’s technical aspects, such as performance and capacity, which are measures of a website’s speed and how much traffic the site can handle. They also may create content for the site.'

Associate's degree $62,500
  • Information Security Analyst

    NANA Family of CompaniesSilver Spring, MD

    Information Security Analyst Description Description Qivliq Federal Group provides business management, policy support, and technology engineering services to federal civilian and Department of Defense clients. Our mission is to leverage our advanced IT capabilities to...

  • Information Security Analyst, Sr.

    LeidosGaithersburg, MD

    It's a great time to join the Leidos Defense & Intelligence team!! We are searching for a dynamic Information Security Analyst, Sr.. As the Information Security Analyst, you will be the primary Information Assurance (IA) officer responsible for the management and...

  • Information Security Analyst, Sr.

    LeidosGaithersburg, MD

    Job Description: Description:It's a great time to join the Leidos Defense & Intelligence team!! We are searching for a dynamic Information Security Analyst, Sr.. As the...

  • Information Security Analyst

    Apex SystemsFalls Church, VA

    Role: Information Security Analyst Location: Falls Church, DC Schedule: 40 hours / week Overview: Apex Systems , the nation s second largest IT staffing and technology...

  • Information Security Analyst

    CYGRUArlington, VA

    Job Description ADVISORY: You must be a United States citizen to be considered for this position. Role and Responsibilities Maintain operational security posture for the...

  • Information Security Analyst

    Comparative InnovationsWashington, DC

    Job Description CI is looking for a collaborative team member that can contribute to planning, implementing, and monitoring security measures for the protection of...

  • Information Security Analyst

    VisaAshburn, VA

    Common Purpose, Uncommon Opportunity. Everyone at Visa works with one goal in mind making sure that Visa is the best way to pay and be paid, for everyone everywhere. This is our global vision and the common purpose that unites the entire Visa team. As a global payments...

  • Information Security Analyst

    LeidosFairfax, VA

    This position is in support of a Federal law enforcement agency. This position will be in an advisory role to the customer in the information assurance area. Ability to work in a professional environment, have problem solving and organization skills is required, as are...

  • Information Security Analyst

    General Dynamics ITGermantown, MD

    The Incident Response Analyst supports agency efforts to provide incident response capabilities to an enterprise wide cybersecurity program. The Incident Response Analyst provides technical knowledge and is experienced with Incident Response procedures. The successful...

  • Information Security Analyst

    CGI GroupArlington, VA

    CGI is seeking an experienced and highly-motivated security professional to help CGI protect one of our Federal clients within its Regulated Agency Programs (RAP) business unit, responsible for the overall security posture of the agency. The Information Security Analyst...

  • Information Security Analyst

    TcgWashington, DC

    Open Position: Information Security Analyst TCG ?is an award-winning government IT solutions provider. We are seeking an? Information Security Analyst , currently residing in metropolitan DC, to join our team at a?high profile agency of the Federal government. US...

  • Information Security Analyst

    General Dynamics ITFort Belvoir, VA

    Contract: I2TS 3 Position: Analyst, Information Security - Cybersecurity-Information Assurance/Security Assessor (L2) Location: Fort Belvoir, VA General Summary: GDIT is seeking candidates to support the US Army Intelligence and Security Command (INSCOM). Under the I2TS...

  • Information Security Analyst

    Truebridge ResourcesSuitland, MD

    Information Security Analyst SKILLSET Information Technology: Operations & Maintenance LOCATION Suitland, Maryland JOB TYPE Contract to Hire ID 23810 Information Security Analyst CELEBRATE YOUR PERSONALITY AND TEAM SPIRIT. GROW THROUGH YOUR CHOICES. MAKE YOUR MARK. North...

  • Information Security Analyst

    General Dynamics ITFort Meade, MD

    Contract: I2TS 3 Position: Analyst, Information Security - Cybersecurity-Information Assurance/Security Assessor (L2) Location: Fort Meade, MD General Summary: GDIT is seeking candidates to support the US Army Intelligence and Security Command (INSCOM). Under the I2TS 3...

  • Information Security Analyst

    Clutch GroupWashington, DC

    Job Description: Combining Morae Legal and Clutch to launch Morae Global marks a continued reinvention of the way legal consulting services are provided to law...

Ref: bls.gov
Back to top