Information Security Analysts

What Information Security Analysts Do

Information security analysts plan and carry out security measures to protect an organization’s computer networks and systems.

https://www.youtube.com/watch?v=cVZktAEtWE4

Work Environment

Most information security analysts work for computer companies, consulting firms, or business and financial companies.

How to Become an Information Security Analyst

Most information security analyst positions require a bachelor’s degree in a computer-related field. Employers usually prefer to hire analysts with experience in a related occupation.

Pay

The median annual wage for information security analysts was $99,730 in May 2019.

Job Outlook

Employment of information security analysts is projected to grow 31 percent from 2019 to 2029, much faster than the average for all occupations. Demand for information security analysts is expected to be very high, as these analysts will be needed to create innovative solutions to prevent hackers from stealing critical information or causing problems for computer networks.

Information security analysts plan and carry out security measures to protect an organization’s computer networks and systems. Their responsibilities are continually expanding as the number of cyberattacks increases.

Duties

Information security analysts typically do the following:

  • Monitor their organization’s networks for security breaches and investigate a violation when one occurs
  • Install and use software, such as firewalls and data encryption programs, to protect sensitive information
  • Prepare reports that document security breaches and the extent of the damage caused by the breaches
  • Conduct penetration testing, which is when analysts simulate attacks to look for vulnerabilities in their systems before they can be exploited
  • Research the latest information technology (IT) security trends
  • Develop security standards and best practices for their organization
  • Recommend security enhancements to management or senior IT staff
  • Help computer users when they need to install or learn about new security products and procedures

IT security analysts are heavily involved with creating their organization’s disaster recovery plan, a procedure that IT employees follow in case of emergency. These plans allow for the continued operation of an organization’s IT department. The recovery plan includes preventive measures such as regularly copying and transferring data to an offsite location. It also involves plans to restore proper IT functioning after a disaster. Analysts continually test the steps in their recovery plans.

Information security analysts must stay up to date on IT security and on the latest methods attackers are using to infiltrate computer systems. Analysts need to research new security technology to decide what will most effectively protect their organization.

Information security analysts held about 131,000 jobs in 2019. The largest employers of information security analysts were as follows:

Computer systems design and related services 26%
Finance and insurance 18
Management of companies and enterprises 9
Information 8
Administrative and support services 6

Many information security analysts work with other members of an information technology department, such as network administrators or computer systems analysts.

Work Schedules

Most information security analysts work full time. Information security analysts sometimes have to be on call outside of normal business hours in case of an emergency. Some work more than 40 hours per week.

This table shows a list of occupations with job duties that are similar to those of information security analysts.

Occupation Job Duties Entry-Level Education Median Annual Pay, May 2019

Computer and Information Research Scientists

Computer and information research scientists invent and design new approaches to computing technology and find innovative uses for existing technology.

Master’s degree $122,840

Computer and Information Systems Managers

Computer and information systems managers plan, coordinate, and direct computer-related activities in an organization.

Bachelor’s degree $146,360

Computer Network Architects

Computer network architects design and build data communication networks, including local area networks (LANs), wide area networks (WANs), and Intranets.

Bachelor’s degree $112,690

Computer Programmers

Computer programmers write and test code that allows computer applications and software programs to function properly.

Bachelor’s degree $86,550

Computer Support Specialists

Computer support specialists provide help and advice to computer users and organizations.

See How to Become One $54,760

Computer Systems Analysts

Computer systems analysts study an organization’s current computer systems and find a solution that is more efficient and effective.

Bachelor’s degree $90,920

Database Administrators

Database administrators (DBAs) use specialized software to store and organize data.

Bachelor’s degree $93,750

Network and Computer Systems Administrators

Network and computer systems administrators are responsible for the day-to-day operation of computer networks.

Bachelor’s degree $83,510

Software Developers

Software developers create the applications or systems that run on a computer or another device.

Bachelor’s degree $107,510

Web Developers

Web developers design and create websites.

Associate’s degree $73,760

For more information about computer careers, visit

Association for Computing Machinery

Computing Research Association

IEEE Computer Society

For information about opportunities for women pursuing information technology careers, visit:

National Center for Women & Information Technology

O*NET

Information Security Analysts


Suggested citation:

Bureau of Labor Statistics, U.S. Department of Labor, Occupational Outlook Handbook, Information Security Analysts,
at https://www.bls.gov/ooh/computer-and-information-technology/information-security-analysts.htm (visited ).