If you’re interested in information technology, cyber security probably sounds like an appealing career focus. The high demand for these professionals and their impressive earning potential alone is enough to catch your attention.1 But when you add in the fact your work revolves around building IT defense systems and safeguarding valuable information from some of the world’s worst cyber criminals, it’s hard not to get excited.
That being said, you could use some clarification on the details. Even if this career path checks a lot of important boxes, you’ll want to know as much as possible about what you’re getting into and what it takes to become a cyber security analyst.
We dove into the data and secured insider insight from a cyber security professional to help you better understand the cyber security career landscape and what you’ll need to get established in the field.
Why is cyber security important?
If you’ve been at all invested in the world of technology, you know cyber security is a big deal. Even the general population can hardly miss the headlines surrounding cybercrime and data breaches. But shockingly, many organizations and individuals are very slow on the uptake when it comes to protecting their own digital security.
“I was surprised at the level of apathy about cyber security decision-makers,” says Greg Scott, author and cyber security expert. “Even after all the headlines, people still say they aren’t carrying national security secrets, and that nobody cares enough about them to attack them.”
In reality, there are loads of ways a hacker can utilize and monetize even the most innocuous information. Identity theft, intercepting your tax refund or even stealing your health insurance for medical coverage—cyber criminals come up with all sorts of creative ways to profit from information most people don’t take sufficient lengths to protect. This makes everyone a target.
“The public cyber security education gap is larger than the Grand Canyon,” Scott says. “It’s a huge opportunity and a huge threat.” Scott says one of his favorite parts of working in cyber security is seeing people’s reactions when they realize how vulnerable they are without taking precautions. “The most rewarding times are when the message finally gets through and peoples’ eyes light up.”
What does a cyber security analyst do?
Cyber security analysts (also called information security analysts) plan and carry out security measures to protect a company’s computer networks and systems, according to the Bureau of Labor Statistics (BLS).1 They keep constant tabs on threats and monitor their organization’s networks for any breaches in security.
This involves installing software and encryption, reporting breaches or weak spots, researching IT trends, educating the rest of the company on security—and even simulating security attacks to find potential vulnerabilities.
Cyber security analysts will also plan for trouble, creating contingency plans that the company will implement in case of a successful attack. Since cyber attackers are constantly using new tools and strategies, cyber security analysts need to stay informed about the weapons out there to mount a strong defense. Additionally, information security professionals may assist in spreading the word and educating members of an organization about security risks and best practices, which makes perfect sense. Even the most technically sound and secure systems can be undermined by a user with the right access level acting foolishly.
Cyber security analyst salary and job outlook
The BLS projects a 28 percent growth in employment for cyber security analysts—a rate that quadruples the average of seven percent employment growth for all occupations.1
Cyberattacks are becoming more frequent, making it impossible for even smaller businesses to ignore their information security without risk. As companies face bigger threats in this arena, they are hustling to hire professionals who can take charge of their security.
This demand for cyber security analysts translates well when it comes to compensation. The BLS reports that the median annual salary for these professionals was $95,510 in 2017.1
Important skills for cyber security analysts
Cyber security analysts need a hearty mix of technical and soft skills. In our analysis of over 120,000 information security analyst job postings in the last year, employers were commonly looking for the following technical skills:2
- Information systems
- Risk assessment and management
- Project management
Scott emphasizes that no matter what you bring to the table, acquiring new skills will be a constant in your cyber security analyst career. “Of course your tech know-how is important,” Scott says. “If you want success in your career, you’ll learn how to learn for a living. But your soft skills—especially your ability to communicate—are equally as important.”
How to become a cyber security analyst
Now the money question: “How do you actually become a cyber security analyst?” Given that this specialized area of information technology is relatively new, the path to working in this field isn’t quite as clear cut as others. Many information security professionals in the field today started out in more generalized IT roles and made a transition. This route is still pretty common—it makes sense for cyber security analysts to have a strong background in the design and operations of computer networks and systems.
In our analysis of information security analyst jobs, we found that 46 percent of postings preferred candidates with three to five years of experience, and an additional 37 percent were looking for even more experience.2 Needless to say, you’ll probably need to have some solid IT-related work experience under your belt to be eligible for many analyst positions.
Experience is only part of the equation—education level and certifications matter as well. The BLS reports that most cyber security analyst positions will require a Bachelor’s degree in Cyber Security or a similar field.1
Would-be analysts should know that there are also plenty of information security certifications out there that can boost your credibility to potential employers. Information security certification, like the Certified Information Systems Auditor® (CISA) and CompTIA® Cybersecurity Analyst (CySA+) are excellent options for verifying your information security knowledge.
Analyzing your cyber security potential
Do you think this career matches up with what you are looking for? Cyber security analysts are certainly sought after in the Wild West of today’s digital landscape. If you could see yourself delving into the nuts and bolts of building protection for information systems or if you are the kind of person who could become passionate about the best defenses out there—then this might be the perfect choice for you.
But like any big change, embarking on a cyber security analyst career requires some investment and consideration. Take the next step in your research by checking out our article, “Is a Cyber Security Degree Worth It? The Facts You Can’t Ignore.”
1Bureau of Labor Statistics, U.S. Department of Labor, Occupational Outlook Handbook, [career information accessed September 5, 2018] www.bls.gov/ooh/. Salary data represents national, averaged earnings for the occupations listed and includes workers at all levels of education and experience. This data does not represent starting salaries and employment conditions in your area may vary.
2Burning-Glass.com (analysis of 123,164 information security analyst job postings, September 6, 2017 – September 5, 2018)
CompTIA Cybersecurity Analyst (CySA+) is registered trademarks of CompTIA Properties, LLC.
Certified Information Security Auditor (CISA) is a registered trademark of ISACA.