Information security analyst jobs

Information security analyst jobs DEFAULT

Cyber Security Analyst jobs

Upload your resume - Let employers find you

Sort by: relevance - date

Page 1 of 7,073 jobs


IT Security Analyst II

Open Access Technology International, Inc.

Minneapolis, MN 55418


Junior Security Analyst

Security Analyst


Denver, CO 80112•Remote

IT Security Analyst (Work from Anywhere)

Security Analyst

Cyber Security Analyst


Cyber Security Analyst


Cyber Security Analyst - CO or MN

Cyber Security Analyst (Entry-Level)

Be the first to see new Cyber Security Analyst jobs

By creating a job alert, you agree to our Terms. You can change your consent settings at any time by unsubscribing or as detailed in our terms.


Security Analyst Career Overview

Security analysts monitor, prevent, and stop attacks on private data. These digital professionals create and implement firewalls and software systems to protect data and network infrastructures. As the world increasingly relies on technology and digital interfaces to store and share information, security analysts enjoy higher demand.

Security analysts may work in the public sector, as freelance consultants, or for businesses and corporations. Typically, these professionals hold at least a bachelor’s degree in their field; however, some employers seek for analysts with master’s degrees.

According to the Bureau of Labor Statistics (BLS), information security analysts earn a median annual salary of $99,730 — more than double the national median wage for all occupations. On this page, we explore this growing industry, covering topics like how to become a security analyst and frequently asked questions about the career.

What Does a Security Analyst Do?

As the job title implies, security serves as security analysts’ primary goal. These analysts aim to identify weaknesses in networks’ security systems, patch or respond to issues, and prevent future breaches from occurring. Security analysts may use various software, including programs designed to encrypt and protect data, to increase and strengthen the security of digital data.

Within larger companies and organizations, security analysts may work with teams of network, information technology (IT), and computer specialists. They often work with these other professionals to design security protocols and systems, and to protect company data from hacks and breaches.

As evidenced by recent data breaches in major companies, security analysts play crucial roles within these structures. They empower businesses and organizations to better protect customer and user data, in turn maintaining the integrity and reputation of those organizations.

Security analysts may take on new roles as they advance within the field. For example, entry-level security analysts may assume lower-level roles in IT teams, helping users navigate new systems and installing new software. More experienced analysts may design and implement entire security systems and firewalls, overseeing teams of security and IT professionals.

  • Key Soft Skills for Security Analysts

    • Critical Thinking: Security analysts must possess strong critical thinking skills to work through complex coding and software troubleshooting issues.
    • Collaboration: Security analysts often work within larger teams of IT professionals, so they should possess strong skills in teamwork and collaboration.
    • Communication: Working in technology requires both verbal and written communication skills. Security analysts must be able to clearly explain their work to people without tech backgrounds.
    • Learning: Jobs in security analysis require a willingness to continually learn, as the field continually changes. Security analysts must demonstrate adaptability and the ability to grow with their field.

  • Key Hard Skills for Security Analysts

    • Networking: Security analysts need expertise in diverse systems and networks. They need broad knowledge of various elements of network systems, along with how each element can impact security.
    • Scripting: A working knowledge of computer scripts, like Java or C++, benefits security analysts. This knowledge allows professionals to understand encoded threats and write and rewrite software.
    • Hacking: Security analysts must understand hacking processes to block and prevent cyberattacks. Ethical hacking certifications help prepare analysts to understand threats and protect systems.
    • Operating Systems: Analysts must be able to work on all types of operating systems and platforms, including iOS, Windows, and Linux.

A Day in the Life of a Security Analyst

The typical day for a security analyst can vary greatly depending on the specific position. They may begin their day by looking over reports from the previous day or shift, including checking for any new threats and identifying malware that may have infiltrated the system.

Security analysts may also prepare for and respond to system breaches or attacks. These processes might differ between workplaces and employers, but they generally include responding to hacks or network insecurities and working to prevent new ones. On a typical day, a security analyst may meet and connect with other IT professionals at their workplace to collaborate on efforts to protect data and network infrastructure.

The following list details a few common security analyst responsibilities:

Security Analyst Main Responsibilities

Monitor Networks
Security analysts must stay informed of all activity taking place within the networks they work to protect. They must pay attention to incoming code, identify negative activity, and respond to it accordingly.
Manage Software
Security analysts install, manage, and update software on the systems and networks they monitor. They ensure all software used on the network has adequate security measures in place.
Analysts may compile ongoing reports about the safety of the networks they work on. These reports often document security issues, along with measures the analyst took in response.
Develop Security Plans
Security analysts for companies and businesses may thoroughly analyze their organizations’ networks, providing suggestions and best practices for employees and users to maintain data security.
Security analysts typically research new trends and advances in security and information technology to stay updated on software, potential threats, and best practices for network security.

Top Online Programs

Explore programs of your interests with the high-quality standards and flexibility you need to take your career to the next level.

Security Analyst Salary

Like many other tech professionals, security analysts tend to earn strong wages. Even the lowest-earning 10% of information security analysts earned a median annual wage of $57,810 as of May 2019, according to the BLS; those in the 90th percentile took home $158,860 per year. Keep in mind that these numbers reflect analyst salaries in a variety of industries and roles, working at all experience levels.


Security Analysts


Several factors may influence earning potential, such as location. BLS data reports that information security analysts earned the highest wages in New York, where their annual mean wage was $121,750 as of May 2019. New Jersey trailed closely behind, at $121,570.

Education and experience also impact salary. A bachelor’s degree serves as the typical minimum requirement for security analysts; however, some employers may seek analysts with master’s degrees, which may afford higher salaries. Experience level can also influence earnings, as outlined in the chart below.

Average Annual Salary Of Security Analysts By Experience, 2020
Entry LevelEarly CareerMidcareerExperienced
Average Salary$59,410$65,420$75,600$95,000

Where Can I Work as a Security Analyst?

Security analysts enjoy plenty of mobility, as jobs in the field cover many geographic areas, industries, and employers. Where analysts choose to work can impact their earning potential, as can the types of roles they take on. Security analysts work in all sectors, including computer and software engineering, management, and finance. This section introduces the industries and employers that commonly employ security analysts, plus which cities offer the highest salaries.


Where you live can impact your career and earning potential. For instance, smaller, more rural towns might feature fewer job opportunities in the tech and IT fields, while more metropolitan and suburban areas offer more positions in these fields.

Even if a city boasts higher-than-average salaries for security analysts, the cost of living in that city may outweigh the higher pay. For example, New York pays the highest median salary for information security analysts, according to the BLS, but the cost of living in the state is nearly 40% higher than the national average, according to the World Population Review.

The table below outlines the top-paying metropolitan areas for security analysts.

Top-Paying Cities for Security Analysts, 2019

Top-Paying CitiesAverage Annual Wage
Washington, DC$117,810
New York, NY$127,850
Dallas, TX$114,100
Boston, MA$106,650
Atlanta, GA$100,810


Your industry can also impact the daily tasks and duties you perform in your career. Different industries require different responsibilities, and they may require security analysts to work alongside different types of professionals.

Most security analysts work in the computer and information technology industries. The next-largest group of security analysts works in finance and management. Other security analysts work in administrative roles. All kinds of companies and organizations employ security analysts and other IT professionals, so these administrative roles vary by employer.

Employers and industry can impact earning potential, as well; certain industries and jobs may offer higher salaries and more advancement opportunities than others.

Major Employers

Northrup Grumman
Northrup Grumman specializes in designing and creating technology for the aerospace, land, sea, and cyber industries. In the cyber field, Northrup Grumman develops cyber infrastructure, provides security and training, and offers cybersecurity support for military branches. Security analysts may work in cyber-related roles at this growing company.
Dell Technologies designs electronics and digital products, including computers, laptops, gaming systems, software, workstations, and servers. Dell employs security analysts to assist in the design and development of new programs and products, and to protect the company’s own servers and data.
A global company with hubs around the United States, Accenture provides consulting and management services in a variety of professions and industries. Accenture employs security analysts to provide these digital consulting services and help plan and implement programs and software for clients.

How to Become a Security Analyst

The process of becoming a security analyst may look slightly different from person to person; however, some standards and requirements remain universal. Typically, security analysts must hold a bachelor’s degree in information security or a related field. However, some security analysts learn the necessary skills on their own, or through online “bootcamps,” which offer crash courses and workshops in coding and security. These workshops often lead to certifications.

How long it takes to become a security analyst depends on your chosen educational path. The steps below offer an example pathway to starting your career.

Steps to Becoming a Security Analyst

  • Earn a Degree: A bachelor’s degree serves as the standard minimum education requirement for security analysts. However, some employers seek applicants with a graduate education. Research your industry of choice to determine which degree level you should pursue. Common areas of study include cybersecurity, information security, computer programming, and related fields.
  • Get Certified in Specialty Areas: Many security analysts hold certifications in IT fields, including operating systems, coding languages, and software. You may earn certain certifications as part of your undergraduate or graduate program or after you graduate.
  • Gain Field Experience: Aspiring security analysts should gain experience working in security analysis and closely related fields. This experience bolsters your resume and helps you stand out to future employers.

Security Analyst Requirements

Becoming a security analyst typically involves meeting some specific requirements, like education, certification, and experience requirements. The sections below explain these requirements in further detail.

  • Education Requirements For Security Analysts

    Aspiring security analysts typically pursue studies in fields closely related to security analysis, such as cybersecurity, computer science, information technology, systems analysis, or software development. These majors often allow learners to specialize in security analysis.

    Other education options exist for this field, as well. For instance, many computer professionals learn new scripts, codes, programs, and platforms on their own. A recent survey of computer programmers found that 85.5% of respondents reported teaching themselves a new tool, framework, or coding language without taking an actual course.

    The same survey reported that 45% of respondents earned bachelor’s degrees, with the vast majority pursuing majors in computer science, computer engineering, or software engineering. Some analysts may pursue master’s and doctoral degrees in cybersecurity. Graduate degrees can lead to higher salary potential and more advanced roles in the IT field.

    Employers often seek candidates with specific educational backgrounds, which may determine whether you self-teach or earn a degree. Research your areas of interest to see which credentials those employers prefer.

    Learn more about available certificates and degrees through the links below.

    Cybersecurity Certificates
    Associate Degree in Cybersecurity
    Bachelor’s Degree in Cybersecurity
    Master’s Degree in Cybersecurity
    Ph.D. in Cybersecurity

  • License And Certification Requirements For Security Analysts

      Earning certifications in various programs, software, and operating systems can help you stand out to employers. Some popular certifications for security analysts include:

    • CompTIA Security+ This certification indicates foundational skills in cybersecurity and qualifies holders for intermediate careers in the field. The 90-credit certifying exam covers topics like threats and vulnerabilities, risk management, architecture and design, and cryptography.
    • Certified Information Systems Security Professional The CISSP indicates expertise in designing, building, and implementing security systems. Topics on the certifying exam include security and risk management, communication and network security, security operations, and software development security.
    • Certified Information Security Manager This certification, offered by the Information Systems Audit and Control Administration, indicates expertise in areas including risk management, program development, incident management, and information security.
    • Explore More Cybersecurity Certifications

  • Required Experience For Security Analysts

    Before becoming a security analyst, candidates often earn experience in the field, which may include academic courses and cybersecurity internships. Experience provides aspiring security analysts with useful knowledge and skills prior to entering the job market.

    As previously discussed, some analysts pursue knowledge and skills through self-teaching, or through bootcamps and workshops that hone skills in limited timeframes. Some employers specifically seek candidates with accredited academic experience, while others may accept candidates with self-taught skills.

    Either way, gaining experience in the field can increase earning potential and help candidates stand out to employers.

The Security Analyst Job Hunt

The rapidly expanding tech industry has made way for thousands of lucrative careers for qualified, skilled professionals. Job fairs, professional organizations, annual conferences, and online boards help job-seekers find leads on available positions in security analysis. The following list outlines several online job boards for security analysts.

This online job board offers resources for those seeking jobs in cybersecurity, including online job listings, virtual and in-person career fairs, and news and advice for job-seekers and employers.

This website provides straightforward, easy-to-navigate listings of available cybersecurity jobs around the world. Users can search by location, job title or keyword, and company.

NinjaJobs, a community-run job-posting platform, posts jobs in fields like information security management, security product development, and digital forensics.

This website offers an easily searchable database of jobs in tech. Users can search by keyword or location. They can also create profiles and upload resumes for easy applying.

Security Analyst Upward Mobility

Security analysts enjoy opportunities for upward mobility. As you work longer in security analysis and gain more experience and knowledge, you qualify for higher positions and more advanced roles, like the ones outlined below.


Chief information security officers oversee security teams within companies and organizations. These professionals manage all security and IT issues alongside other IT professionals. Generally, they have a bachelor’s degree and extensive experience in the field.


Security engineers create and implement security systems to protect companies and organizations’ private data and systems. Their duties closely mirror those of security analysts, but at more advanced levels. They typically possess at least 1-5 years of experience in the field, and they sometimes hold an advanced degree.


Frequently Asked Questions

  • How long does it take to become a security analyst?

    The time it takes to become a security analyst varies, but a bachelor’s degree, the typical entry-level education requirement for the job, takes about four years of full-time study to complete.

  • What degree is needed to be a security analyst?

    Typically, security analysts hold a bachelor’s degree at minimum. However, some employers may seek candidates with graduate degrees or advanced certifications.

  • How much does a security analyst make?

    According to the BLS, information security analysts earn an annual median wage approaching $100,000 as of May 2019. However, salary can vary based on a variety of factors, including workplace, education, and experience.

  • What requirements are there to become a security analyst?

    Requirements vary depending on specific job and employer, but they generally include some level of formal education, certifications, and some experience in the field.

  • Is security analyst a good job?

    Yes, this industry continues to rapidly grow and expand, creating a demand for qualified professionals. Many jobs in this industry offer competitive salaries and room for upward mobility.

Professional Organizations for Security Analysts

  • Information Systems Security Association The ISSA is a nonprofit organization for cybersecurity professionals around the world. It aims to improve the profession and promote effective systems and practices. Members gain access to chapter meetings and educational programs.
  • (ISC)² Founded in 1988, this international nonprofit offers a variety of certifications and professional development programs in cybersecurity. Members also gain access to networking opportunities.
  • Internet Security Alliance This organization emphasizes the intersection between technology, public policy, and economics. The alliance advocates for cybersecurity policies and aims to create awareness for best practices in cybersecurity.
  • Center for Internet Security This nonprofit organization aims to make the internet safer for all users. It offers a variety of membership options for both individuals and businesses. The website also offers a job board.

Related Careers

Additional Reading

School Rankings

Useful Resources

  1. 2020 subaru wrx owners manual
  2. Yukon ok sales tax rate
  3. Movies like primal fear
  4. Bristol myers squibb net worth

Security Analyst

You may be wondering: What is information security analysis? It is an incredibly important field in today’s business environment, since most organizations rely heavily on information systems in their daily work. Information security analysts work to secure information networks and systems in many different types of organizations. They protect computer networks by monitoring for and responding to threats.

This page provides guidance on how to become an information security analyst. Below you can also explore information on information security analyst careers, salaries, educational requirements, professional resources, and daily job responsibilities.

What Does an Information Security Analyst Do?

Information security analysts protect computer networks at companies, nonprofits, and government agencies. They work in computer systems design services, as well as in finance, insurance, and administration support services. To become an information security analyst, individuals typically need a bachelor’s degree in information technology or another computer-related major. Employers sometimes prefer candidates who hold a master’s degree.

Information security analysts oversee computer network systems to stave off potential security breaches. They maintain systems by updating software and recommending security updates to management. Information security analysts also work one on one with employees to help them understand new programs and hardware. With the growing prevalence of hackers, more companies need information security analysts.

The U.S. Bureau of Labor Statistics (BLS) projects 32% employment growth in the field of information security analysis from 2018-2028, much faster than average. This guide covers how to become an information security analyst, what you can potentially earn, and how to advance your career.

Top Online Programs

Explore programs of your interests with the high-quality standards and flexibility you need to take your career to the next level.


Hard skills are teachable, specific technical skills that a person needs to excel in a particular line of work. For a computer programmer, for example, the ability to code in a variety of computer languages qualifies as an essential hard skill. Below you can learn about important hard skills of information security analysts.

  • Tableau Software: Tableau Software, a business intelligence and analytics software program, helps information security analysts understand their data and allows them to share content. Some information security analyst degrees include courses on this data visualization software, or graduates can take Tableau certification courses.
  • Cybersecurity: Cybersecurity requires a fundamental skill set that applies to all information security analysts. Every company needs a cybersecurity expert who understands risk management and mitigation. Information security analysts with solid cybersecurity skills often hold certifications such as CompTIA security+, certified ethical hacker, and certified information systems security professional. They must also have a background in IT fundamentals and coding.
  • Network Security Management: Network security management involves implementing strategies to improve the security of a company’s interconnected computer systems. Proper management involves consistently testing new security software and responding promptly to potential risks. Network security managers oversee teams of IT specialists and analysts. These professionals must translate computer-related problems to upper management.
  • Security Testing and Auditing: Information security analysts perform security testing and audits to identify vulnerabilities in the infrastructure of computer networks. These analysts conduct these processes as preventative measures to determine the strength of the IT system’s defenses and expose and resolve any weaknesses.
  • IT Security and Infrastructure: Information security analysts must know how to navigate their company’s IT infrastructure, including firewalls and routers. They monitor the computer system’s infrastructure and traffic on a continual basis to find security breaches and potential risks. Information security analysts provide solutions, such as configuring security tools, when vulnerabilities threaten IT security and computer infrastructure.
  • Project Management: Information security analysts need excellent project management skills to help them stay organized. Project management skills include overseeing teams who collect data and monitoring systems to identify security threats. A successful information security analyst needs solid communication skills to see projects through from inception to completion.
  • Security Risk Management: An information security analyst must monitor activity and determine the difference between permissible and impermissible risks. Through security risk management, these analysts can identify high- and low-level security risks. These professionals then create strategies to effectively address these threats.


Most jobs, even highly technical positions, require great soft skills. Well-honed soft skills are essential for any person who needs to work with others and communicate effectively. Strong computer, problem-solving, communication, and analytical abilities can help students pursue a career as an information security analyst.

  • Analytical Thinking: Information security analysts need to meticulously analyze their organization’s computer networks and systems on a regular basis. They need strong attention to detail and analytical skills in order to spot weak points, evaluate possible threats, and determine the most appropriate security measures to implement.
  • Communication Skills: Professionals across industries need strong communication skills to collaborate with coworkers and explain their ideas clearly in person and in writing. Information security analysts must possess the skills to effectively describe technical issues to their fellow information technology workers and to non-technical employees.
  • Problem-solving: Many computer-related occupations require strong problem-solving skills, whether for software engineering, information technology management, or computer systems design. As part of their daily responsibilities, cybersecurity workers need to quickly and proactively identify security issues and address problems.


What does an information security analyst do every day? The daily tasks of a cybersecurity worker vary depending on their specialty and employer. Information security analysts at banks typically work to secure financial transactions, while those working at technology companies may spend time protecting sensitive user data.

Wherever they work, information security analysts use their network security, critical thinking, and analysis skills to detect security breaches, test current security measures, install software, and plan for possible cyber attacks.


  • Can anyone be an information security analyst?

    Most information security analyst jobs require specific training, skills, and job experience. With the right qualifications, education, and talents, anybody can become an information security analyst.

  • What education do I need to be an information security analyst?

    Information security analyst education requirements typically include a bachelor’s degree in a field such as information assurance, information technology, or computer science.

  • How long does it take to become an information security analyst?

    It takes approximately four years to earn an information security bachelor’s degree and begin looking for a job. Some employers require related work experience or an MBA.

  • How much does an information security analyst make?

    The mean information security analyst salary is $102,470 per year. Salary depends on factors such as professional experience, industry, and location.

  • What do entry-level information security analysts do?

    Early career information security analysts plan penetration tests, research developments in information security, recommend new security measures, and install new firewalls and encryption programs.

Information Security Analyst Salary Information

Information security analysts enjoy high salaries, even when compared with other computer and information technology professionals. According to the BLS, the national median salary for computer occupations is $86,320, while the median pay for information security analysts is close to $100,000.

Many factors can affect an information security analyst’s yearly pay. The BLS reports that the top 10% of information security analysts earn at least $156,580 per year, while the top 25% of earners take home more than $126,870 annually. Variations in income among information security analysts can be attributed to an analyst’s geographic location, on-the-job experience, and employer.

The top paying industries for cybersecurity analysts include pharmaceutical and medicine manufacturing, legal services, and electronic component manufacturing, where these professionals earned mean annual salaries of $131,150, $120,580, and $117,870, respectively, as of May 2018. The highest paying states for the occupation are New York, New Jersey, and Washington, D.C.


Entry Level (0-12 Months)$59,073
Early Career (1-4 Years)$66,372
Mid-Career (5-9 Years)$81,351
Experienced (10-19 Years)$92,546

Source: PayScale

How to Become an Information Security Analyst


To work in the field, graduates typically need a minimum of a bachelor’s degree in computer science or another computer-related field. Graduates do not necessarily need to hold a degree specializing in information security analysis, and certain entry-level jobs only require an associate degree or certification. While graduates can find work with a bachelor’s degree, an advanced information security analyst degree can help graduates land management positions with more responsibility and higher salaries.


Most employers prefer hiring information security analysts who have some relevant IT work experience. For new graduates, this can pose a challenge. Those with less work experience can customize their resumes or CVs to highlight their skills rather than their limited work experience. Furthermore, many bachelor’s programs provide students with internship opportunities where they can gain valuable work experience. Some programs feature internships built into the programs, requiring students to complete field work for class credit. In addition to internships, graduates can obtain certifications and take continuing professional education courses to enhance their resumes.


Earning certifications can bolster a graduate’s resume. Employers often indicate the specific certifications that they prefer an information security analyst candidate to have, but employers do not always require these certifications. Many employers see certifications as a bonus rather than a prerequisite.

Graduates can stand out by earning certifications in specialty areas. Students can find these certifications online through professional organizations. Popular certifications employers look for include the certified information systems security professional, certified ethical hacker, certified information security manager, certified information systems auditor, and GIAC certified intrusion analyst certification.

Certifications boost an information security analyst’s salary potential and employment opportunities, since employers value specialized training. To learn about more certifications available to information security analysts, visit the International Information Systems Security Certification Consortium, known as (ISC)².

Types of Careers in Information Security Analysis

Information security analyst online courses help graduates pursue a variety of high-paying careers in the information technology sector. Many factors — such as desired industry, location, education, and experience — can affect the types of jobs an information security degree-holder can pursue.

Information security bachelor’s programs equip students with the skills they need to land a job in database administration, computer programming, and software development. An advanced degree or more experience in the field boosts job opportunities and may lead to a more senior-level job in IT management or computer systems design. The median yearly salary for information security analysts is $98,350 per year, and a master’s degree may increase an analyst’s earning potential.


Computer Programmer

Computer programmers use coding languages such as C++, Java, and Python to create new applications and update existing ones. They typically need at least an associate degree to find work in the field.

Median Annual Salary: $84,280

Computer and Information Systems Manager

Computer and information systems managers need a bachelor’s degree and at least five years of work experience. They oversee an organization’s computer operations and supervise employees such as information security analysts.

Median Annual Salary: $142,530

Software Developer

These professionals generally need a bachelor’s degree in computer science, software engineering, or a similar field. They design and develop new applications and operating systems.

Median Annual Salary: $105,590

Computer Network Architect

Most employers require computer network architects to hold a bachelor’s degree and significant experience in network administration. They plan, build, and maintain computer networks such as intranets and local area networks.

Median Annual Salary: $109,020

Where Can I Work as an Information Security Analyst?

Information security analysts find employment in many different industries. Large corporations and small startups alike demand skilled information security workers, and some cybersecurity professionals even work as independent contractors. Read on to learn about the locations and settings where information security analysts work.


Cities and towns across the U.S. vary in terms of job availability and earning potential for information security professionals. Areas with many computer systems design or finance firms may have an elevated need for cybersecurity analysts. Moreover, areas with high living costs tend to pay workers more.

According to data from the BLS, Virginia, Texas, California, and New York employ the most information security analysts. Some of the best-paying states for information security analysts are Washington, New Mexico, Massachusetts, and Virginia.

New York6,930


Information security analysts find work in organizations of all sizes, from the smallest technology startups to the largest multinational enterprises. Some analysts may prefer the personal atmosphere of a small company, while others may wish to take advantage of the vast resources of a big corporation.

Likewise, the approximately 112,000 information security analysts in the country can find employment in many different industries. Graduates should consider their interests and career goals when choosing an industry.

Professional Spotlight

Portrait of Chinmayee Paunikar

Chinmayee Paunikar

Chinmayee Paunikar is a Cybersecurity Analyst at Fractional CISO. She assists in developing and managing cybersecurity programs for companies. Chinmayee has helped multiple companies achieve their SOC 2 compliance goals. She also performs vulnerability assessments and quantitative risk assessments for organizations. Additionally, she writes security policies and procedures for companies.

Chinmayee has passed the Systems Security Certified Practitioner (SSCP) exam (waiting for approval by (ISC)²) and is also a Cisco Certified Network Associate (CCNA). Chinmayee received a Master of Science degree in computer engineering from New York University and a bachelor’s degree in electronics engineering from the University of Mumbai.

  • Why did you decide to pursue information security analysis?

    I took a course in Network Security with the aim to improve my skills and knowledge in network design and architecture. I realized that solutions to network security problems weren’t always “network” related. Numerous things have to go right for a network to be secure. That prompted me to study and work on other aspects of the field.

    Apart from the skills I gained, I learned that solutions to every problem are unique. That keeps you on your toes. You won’t run out of problems to address or skills to learn.

    There are also a surprisingly large number of things that go on under the cybersecurity covers providing a variety of areas for you to focus on. You could specialize in network security, penetration testing, compliance and governance, risk analysis, application security, operations, incident management and many more aspects of data security.

    Lastly, the career prospects and compensation are also a great motivator.

  • What are the biggest challenges of working as an information security analyst?

    Communicating risks to clients properly is perhaps the most challenging part of the job, as this also involves bursting people’s bubbles about their security, and sometimes they don’t take it well. That is definitely a skill to acquire and work on.

    Another thing about security is that it is inconvenient, and we don’t want to disrupt productivity with our suggested changes to technology and processes. Things get rolled out slowly, and there is nothing you can do about it except hope and pray that nothing goes wrong in the meantime. So, it is important to plan and prioritize such changes.

  • The most rewarding aspects?

    Knowing that your work has a real-world impact — you are helping protect individuals and businesses. You’re fighting the good fight against the bad actors that are out there wanting to profit off people’s data and wanting to disrupt businesses. I’m always working for a purpose. Things are constantly evolving, and we need to stay ahead of the criminals. It does not feel like I’m doing archaic or unnecessary work.

    I feel good that we are adding value for our clients so they can focus on their business.

  • Was it challenging to find a job in the field?

    Given that cybersecurity is in the news all the time as breach after breach hit the headlines, people are getting more and more aware of the importance of security. Companies need and want cybersecurity help. So, there are a lot of jobs in the government and private sector, even entry-level. Companies are willing to get in junior candidates with little or no experience and train them.

    Focusing on information security as your primary role, you can qualify for a number of related positions in operations and maintenance, protection and defense, or investigation to name a few. It doesn’t look like the need for information security professionals is going to decrease anytime soon. And the best part is that no matter where you live, your cybersecurity skills will be needed.

  • What kind of job settings have you worked in?

    I have worked as an intern at a small firm that provided strategic consulting and Information Technology (IT) services to government, industry, non-profits, and academia. At my current job, I work as a consultant with various small- to mid-sized companies in the education, manufacturing, and high-tech space solving all cybersecurity challenges they do or might face.

  • What did your career trajectory look like?

    I earned a bachelor’s degree in electronics engineering. During this time, I also was an R&D intern at two organizations working on their product. My next step was getting a master’s degree in computer engineering. This is when I focused on developing my information security skills. I went on to get a network associate certification from Cisco (CCNA). I spent half a year as a cybersecurity analyst intern, soon after which I joined my current organization to work as a cybersecurity analyst. I have been here for almost a year and a half and recently passed the Systems Security Certified Practitioner (SSCP) exam by (ISC)².

  • How do you organize, plan, and prioritize your work?

    I normally have a to-do list for the week and day. It depends on the deliverables that I have at hand. Usually, it helps to break it down into smaller tasks to be completed one after the other. If a new task pops up, I add it to my list and adapt the order in which I do things. I also find it helpful to time box some activities in order to not spend a lot of time on it and focus on doing things that would create more value.

    Sometimes things come up that are truly urgent like investigative activities, or answering customer questions. Then I have to drop everything and work on that. Once that’s done, I go back to checking things off my to-do list.

  • Advice for newcomers to the profession?

    Work on translating your analysis and solutions for a less technical, more business-oriented audience.

    The information security field requires constant learning, so be prepared. Don’t be afraid to expand into areas that are not strictly security-related.

    Read the cybersecurity news. You can learn a lot from other people’s mistakes.

  • What are some of the best ways you gained experience outside of primary education?

    Playing around with network and security tools like Wireshark, Nmap, Nessus, and Burp Suite. Trying these tools on your home network is the cheapest, easiest way to get comfortable using those tools.

    Get certified. You’ll be forced to dig into the topics, giving you a solid understanding. Certifications will also add to your credibility as an information security professional. Sign up for hackathons. They are a great learning opportunity and usually don’t require a lot of background knowledge. Besides, it looks great on a resume.

  • What direction do you see your career path trending in?

    I have successfully transitioned from being an electronics engineer to a cybersecurity analyst. The field of cybersecurity is constantly evolving and will become more important as more and more data is collected and will need protection. The beauty of this field is that it is needed everywhere. This will result in a lot of exciting opportunities that I hope to take advantage of.

Continuing Education for Information Security Analysts

In many job fields, especially highly technical professions, it is crucial to stay appraised of the latest industry trends, research, and tools. The best information security analysts keep building new skills and knowledge long after they graduate from a bachelor’s or master’s program.

Through training programs and information security analyst schools, entry-level, mid-career, and senior-level analysts can develop the marketable skills they need to perform at a high level. For example, Global Information Assurance Certification (GIAC) offers training in areas including cyber defense, penetration testing, and incident response. CompTIA boasts self-directed and instructor-led continuing education opportunities for IT professionals.

  • Global Information Assurance Certification GIAC boasts over 30 cybersecurity certification paths in areas such as management, auditing, software, and administration. Candidates complete preparation courses and take an exam to become certified. Credentials range from beginner to advanced.
  • EC-Council More than 200,000 information security workers have pursued certification through EC-Council. The organization offers training across fields such as ethical hacking, forensic investigation, penetration testing, and encryption.
  • CompTIA CompTIA offers certification and training programs in core IT skills, infrastructure, cybersecurity, and project management. Candidates may complete training in various formats, including through videos and through instructor-led classes.
  • Center for Internet Security CIS, a nonprofit that seeks to protect public and private organizations from cyber attacks, offers access to informative newsletters, videos, webinars, case studies, and whitepapers.

How Do I Find a Job in Information Security Analysis?

You should begin searching for jobs before you graduate from an information security bachelor’s program to take advantage of all the career resources your university has to offer. College career centers can often help you land a summer internship, which may turn into a full-time analyst position after graduation.

Professional organizations offer networking opportunities and conferences that allow aspiring information security analysts to establish connections with experienced professionals. Additionally, keep in mind that you can expand your job options by participating in professional development programs.


Founded in 1987, FISSEA helps federal government bodies train and educate their information systems security workers. The organization aims to build information security knowledge among federal workers.

Learn More


This nonprofit scientific organization aims to promote research in cryptology and similar disciplines. Through the IACR website, information security analysts can access publications and a job board.

Learn More


Cyber, Space, & Intelligence Association fosters collaboration and communication among security experts in government and the private sector. It offers helpful resources and tips on pursuing a career in cybersecurity.

Learn More


Established in 1989, this organization reaches over 30,000 security professionals annually through its training programs. Through the SANS Institute, information security workers can pursue certification and access free research reports.

Learn More

Professional Resources for Information Security Analysts

Professional organizations provide immensely valuable tools for information security students, young professionals, and seasoned industry veterans alike. Members of professional organizations gain access to a wealth of resources and events that can help them grow their career and stay up to date on their profession. For example, information security associations may keep members informed through newsletters, research, and continuing education courses. They may help professionals develop through networking events, job boards, and scholarships for further education.

  • (ISC)² Over 140,000 members take advantage of this organization's certification and education opportunities. The association also offers a magazine, scholarships, cybersecurity research, webinars, and news updates.

  • Information Systems Security Association ISSA supports information security workers through education, networking opportunities, and advocacy efforts. The organization boasts scholarships, a journal, web conferences, a job board, and local chapter events.

  • Information Systems Audit and Control Association Founded in 1969, ISACA joins 140,000 security professionals worldwide. It develops and sets best practices for information systems workers. Members benefit from training, education, certifications, research insights, and a conference.

  • CompTIA CompTIA offers both professional and student memberships. Student members may take advantage of awards, scholarships, and advice on career development. Professional members can pursue discounted certifications and continuing education programs.

  • IEEE Computer Society This organization supports technology professionals through international conferences, an extensive digital resource library, academic publications, and career development webinars. It boasts a special technical community dedicated to cybersecurity.

IT Security Analyst - How to become IT Security Analyst - Responsibilities - Career Prospects - Fee

Information Security Analyst jobs

Upload your resume - Let employers find you

Sort by: relevance - date

Page 1 of 7,496 jobs

Senior Analyst, Information Security

PHH Mortgage

United States•Remote

Information Security Analyst


Information Security Analyst

Security Analyst


Denver, CO 80112•Remote


Junior Security Analyst


Information Security Analyst

Be the first to see new Information Security Analyst jobs

By creating a job alert, you agree to our Terms. You can change your consent settings at any time by unsubscribing or as detailed in our terms.


Jobs analyst information security

Cyber security analysts help to protect an organisation by employing a range of technologies and processes to prevent, detect and manage cyber threats

As a cyber security analyst, you will protect IT infrastructure (including networks, hardware and software) from a range of criminal activity. You will monitor networks and systems, detect security threats ('events'), analyse and assess alarms, and report on threats, intrusion attempts and false alarms, either resolving them or escalating them, depending on the severity.

Broadly, you can work in one of the following areas:

  • consulting, offering advisory services to clients
  • working to protect the security of the organisation you work for.

Job titles vary and may include information security analyst, security analyst, information security consultant, security operations centre (SOC) analyst and cyber intelligence analyst.


As a cyber security analyst, you'll need to:

  • keep up to date with the latest security and technology developments
  • research/evaluate emerging cyber security threats and ways to manage them
  • plan for disaster recovery and create contingency plans in the event of any security breaches
  • monitor for attacks, intrusions and unusual, unauthorised or illegal activity
  • test and evaluate security products
  • design new security systems or upgrade existing ones
  • use advanced analytic tools to determine emerging threat patterns and vulnerabilities
  • engage in 'ethical hacking', for example, simulating security breaches
  • identify potential weaknesses and implement measures, such as firewalls and encryption
  • investigate security alerts and provide incident response
  • monitor identity and access management, including monitoring for abuse of permissions by authorised system users
  • liaise with stakeholders in relation to cyber security issues and provide future recommendations
  • generate reports for both technical and non-technical staff and stakeholders
  • maintain an information security risk register and assist with internal and external audits relating to information security
  • monitor and respond to 'phishing' emails and 'pharming' activity
  • assist with the creation, maintenance and delivery of cyber security awareness training for colleagues
  • give advice and guidance to staff on issues such as spam and unwanted or malicious emails.


  • Starting salaries for cyber security analysts typically fall between £25,000 and £35,000.
  • Experienced and senior cyber security analysts can expect to earn from around £35,000 to in excess of £60,000.
  • In higher-level leadership or managerial roles, you may receive salaries up to, and in excess of, £70,000.

Salaries vary depending on a range of factors including your skills, experience and qualifications, your location, the type of employer you work for (e.g. in-house or consultancy) and the sector you work in (e.g. financial services).

You'll usually receive a range of employee benefits that may include a bonus, company pension scheme, private medical insurance, gym membership, and sponsored training and development opportunities.

Income figures are intended as a guide only.

Working hours

Working hours are typically 35 to 40 hours per week, Monday to Friday. You may need to work outside of 9am until 5pm depending on projects and the specific nature of the work.

Some companies may require you to work on a shift basis, which can include evenings, nights and weekends. You may need to work as part of a 24/7 call-out rota, to allow for quick responses to cyber security incidents.

Job sharing and part-time work are not common. However, some companies offer flexible working arrangements.

Short-term contract work is possible, particularly through recruitment agencies or if you work on a self-employed basis as a consultant.

What to expect

  • Work is likely to be office-based and you'll typically be using a computer for extended periods of time. However, if you are a consultant then you may need to travel to meet with clients.
  • Self-employment is an option for experienced analysts. You could set up your own cyber security company or work as an independent cyber security consultant. You could also work as a contractor through an agency.
  • Some roles will require you to have security clearance, particularly if they're for a government agency or private organisation which handles highly-sensitive information. You may also be restricted in terms of what you can say about your work.
  • There are a higher proportion of roles in major cities, with many roles based in the South East of England (including London). In Scotland, many roles are found in Edinburgh and Glasgow. In Wales, roles are typically found in Cardiff, Swansea and Newport. However, as a consultant working for a company you'll have to travel within the UK and possibly internationally. Independent consultants can be based anywhere and travel to meet clients.
  • Women and ethnic minority groups are underrepresented in the profession. However, there are organisations which aim to promote greater workforce diversification, such as the Cyber Challenge Foundation. Other examples of initiatives aimed at attracting women into the industry include WISE (Women into Science, Technology, Engineering and Mathematics), WeAreTechWomen and Women in International Security (WIIS).


It's possible to enter the cyber security profession without a degree by starting in an entry-level IT position. You could then work your way up to a cyber security role by gaining experience and industry certifications.

Alternatively, you could undertake an apprenticeship in cyber security, where you combine employment and study to work towards a recognised qualification. Apprenticeships are available at various levels, including degree-level. Tech Partnership Degrees, for example, accredits the Digital and Technology Solutions Degree Apprenticeship, some of which have a cyber security analyst specialism.

Employers recruiting for a graduate position may require, or prefer, a degree in a science, technology, engineering or mathematics (STEM) subject. Exact requirements vary between employers. Relevant degree subjects include:

  • cyber/information/network security
  • computer science
  • computing and information systems
  • software/electrical/network engineering
  • mathematics
  • physics
  • other IT/security/network-related degrees.

It's also possible to enter the profession with a non-technical/unrelated degree. Some graduate schemes or graduate roles, for example, welcome graduates from any degree discipline.

As you gain experience, your degree subject will be less important, and employers will be more interested in what you've done professionally.

There are also opportunities to move into a cyber security role after gaining experience in a more general IT role.

Although study at Masters level isn't essential, you could choose to undertake further study in a relevant subject area, particularly if your degree is in an unrelated subject. The National Cyber Security Centre - NCSC-certified degrees lists certified Masters degrees in cyber security and closely related fields. Some employers may sponsor you to undertake a relevant Masters course.

Search for postgraduate courses in cyber security.


You'll need to have:

  • a passion for cyber security and a keen interest in IT
  • excellent IT skills, including knowledge of computer networks, operating systems, software, hardware and security
  • an understanding of the cyber security risks associated with various technologies and ways to manage them
  • a good working knowledge of various security technologies such as network and application firewalls, host intrusion prevention and anti-virus
  • analytical and problem-solving skills to identify and assess risks, threats, patterns and trends
  • teamworking skills in order to collaborate with team members and clients
  • verbal communication skills, including presentation skills, with an ability to communicate with a range of technical and non-technical team members and other relevant individuals
  • written communication skills, for example to write technical reports
  • time-management and organisational skills to manage a variety of tasks and meet deadlines
  • the ability to multi-task and prioritise your workload
  • excellent attention to detail
  • an ability to work under pressure, particularly when dealing with threats and at times of high demand.

Work experience

You'll usually need relevant pre-entry work experience to get a job. However, there are a number of graduate schemes and internships (at student and graduate level) in cyber and information security which don't require pre-entry experience. Employers will expect you to demonstrate a passion for, and an understanding of, the cyber/information security field.

If it's an option on your course, you could undertake a 12-month industrial placement in a cyber security role. You could also contact an organisation which employs cyber security analysts and ask to undertake a period of work experience or shadowing. However, there may be restrictions on what you're allowed to do and see.

Making connections with those in the industry and attending relevant cyber and information security events could help you to access opportunities, which may not always be advertised.

You can join BCS, The Chartered Institute for IT as a student member for a small fee to access networking opportunities, mentoring and industry information. Other organisations you can join as a student include the Chartered Institute of Information Security.

The Cyber Security Challenge UK, a series of competitions designed to test your cyber security skills, is another source of opportunities including virtual areas designed to support and enhance cyber talents through gamification. This initiative has been set up to try and attract more individuals to this type of work.

Find out more about the different kinds of work experience and internships that are available.


Cyber security professionals are employed by a variety of organisations across both the public and private sector. You may be working on the security of your organisation and/or offering security services or consultancy to other companies.

These are just a few examples of the types of organisations you could work for:

  • professional services
  • security consultancies
  • information technology companies and network providers
  • financial services institutions
  • government
  • energy
  • transport companies, e.g. airlines
  • the media
  • schools, colleges and universities.

Look for job vacancies at:

There are also vacancies advertised on more general (non-specialist) job search sites. Keep an eye on LinkedIn and social media pages of potential employers as they may advertise roles this way.

There are graduate scheme opportunities related to cyber and information security. Do your research well in advance so you don't miss out on application windows.

Where no suitable job is advertised, you can make a speculative application to a company using a CV and cover letter. Seek support from your careers service and, ideally, have your application checked before sending it off.

Latest graduate jobs

Cyber-Security Consultant

  • Samurai Digital Security
  • Chesterfield
  • £29,501-£32,000

Digital Trust & Cyber Security Graduate

  • PA Consulting Group
  • London
  • Competitive salary

Cyber Security Graduate Programme

  • Tesco
  • Welwyn Garden City
  • £27,001-£29,500
View more IT jobs

Professional development

Training often takes place on the job and you may receive mentoring support and advice from more experienced colleagues.

Once you're working in the field, it's important to keep up to date with developments. You may be able to access industry information, events and networking opportunities through, for example:

Some employers, such as those offering graduate training schemes, may fund you to complete an MSc in information/cyber security while you're on the programme.

The NCSC lists bodies which they have certified to assess information assurance professionals. The NCSC Certified Training scheme offers courses delivered by a range of training providers at different levels: an 'awareness' level for those new to cyber security and an 'application' level which is more in-depth.

There are also various industry-related qualifications, such as:

  • Systems Security Certified Practitioner (SSCP) - anentry-level, IT certification for those with at least one year of experience.
  • Certified Professional (CCP) scheme -the UK government's approved standard of competence for cyber security professionals. The scheme also provides those working in cyber security with a clearly defined career development path. There are different levels you can apply to - practitioner (entry level), senior practitioner and lead practitioner.
  • Certified Information System Security Professional (CISSP) - for experienced security practitioners and managers.

For those wanting to develop leadership, management and supervisory capabilities, there are a number of different certifications, such as the Certified Information Security Manager (CISM) certification.

Other relevant courses include Certified Ethical Hacker (CEH), Cloud Security, Cyber Incident, Planning and Response (CIPR) and General Data Protection Regulation (GDPR) awareness.

It's a good idea to look at job adverts for cyber security analyst roles to get a feel for which certifications employers are looking for and to speak to your employer before choosing a certification.

Career prospects

Cyber security is a fast-growing field and cyber security skills are in demand. Career prospects are good for people with the right combination of skills, knowledge and experience.

You'll typically start in an entry-level or junior cyber security role. After building up several years of experience you could progress into roles such as senior cyber security analyst or consultant.

After significant experience in the field, you may be able to progress into higher-level leadership and managerial roles, eventually progressing to become a director or head of cyber security. Achieving relevant certifications is helpful for your development and progression as many employers specify these as role requirements.

There is likely to be more scope for career progression within larger organisations and financial services institutions.

Self-employment is an option, but most people first gain experience in the field. You could set up a cyber security company or work as an independent cyber security consultant.


See how well you match this job profile and over 400 others.

Alternative careers

Related jobs and courses

Auto trader

graduate scheme

Graduate Software Developer

View job
NFU Mutual

graduate scheme

IT Technical Specialist Graduate Scheme 2022

  • NFU Mutual (6 other jobs)
  • £27,001-£29,500
  • Stratford upon Avon
View job
PA Consulting Group

graduate scheme

Business Transformation Graduate Scheme

View job
Samurai Digital Security

graduate job

Cyber-Security Consultant

  • Samurai Digital Security (32 other jobs)
  • £29,501-£32,000
  • Chesterfield
View job
Information Security Analyst Interview Questions with Answer Examples

Anatole asked anxiously - Do not be afraid Tolik if we do everything right we will fuck every day - Mikhalych hissed. - Look, you will come in only when I persuade. said Mikhalych and, throwing off his clothes, went into the dressing room. Anatole was looking forward to hiding in the dark. Finally the door creaked and a hairy old man with a protruding member appeared in the door of the bathhouse, his head swayed regularly.

You will also be interested:

Through the eyelashes lowered from shame, she saw that Seryozha, dumbfounded, was looking THERE, and, apparently, fell into prostration. A hot wave unexpectedly was born directly from her being, and, rising up the body, reached the very top of her head. The doctor saved them from their awkward position, who finally looked up from the papers and, finding the embarrassment, strictly ordered the young man to leave.

The office and continue to knock.

981 982 983 984 985