Everything You Need to Know About Becoming a Cyber Security Analyst
For someone who’s interested in technology, cyber security probably sounds like an appealing career focus. The much-faster-than-average projected employment growth and above average earning potential as reported by the Bureau of Labor Statistics (BLS) is enough to catch your attention.1
But when you add in the fact that your work would revolve around building IT defense systems and safeguarding valuable information from some of the world’s worst cyber criminals, it’s hard not to get excited about the cyber security analyst job description.
That being said, you may need some clarification on the details. Even if this career path checks a lot of important boxes, you’ll want to know as much as possible about what you’re getting into and what it takes to become a cyber security analyst.
We dove into the data and secured insider insight from a seasoned expert to help you understand everything you need to know about cyber security analyst jobs and how to get established in this growing field.
Why is cyber security so important?
If you’ve been at all invested in the world of technology, you know cyber security is a big deal. Even the general population can hardly miss the headlines surrounding cybercrime and data breaches. But shockingly, many organizations and individuals are very slow on the uptake when it comes to protecting their own digital security.
“I was surprised at the level of apathy about cyber security decision-makers,” says Greg Scott, author and cyber security expert. “Even after all the headlines, people still say they aren’t carrying national security secrets, and that nobody cares enough about them to attack them.”
In reality, there are loads of ways a hacker can utilize and monetize even the most innocuous information. Through identity theft, intercepting your tax refund or even stealing your health insurance for medical coverage, cyber criminals come up with all sorts of creative ways to profit from information most people don’t take sufficient lengths to protect. This makes everyone a target.
“The public cyber security education gap is larger than the Grand Canyon,” Scott says. “It’s a huge opportunity and a huge threat.” He says one of his favorite parts of working in cyber security is seeing people’s reactions when they realize how vulnerable they are without taking precautions. “The most rewarding times are when the message finally gets through and people’s eyes light up.”
What does a cyber security analyst do?
Cyber security analysts (also called information security analysts) plan and carry out security measures to protect a company’s computer networks and systems, according to the BLS.1 They keep constant tabs on threats and monitor their organization’s networks for any breaches in security.
A typical cyber security analyst job description includes installing firewall and encryption tools, reporting breaches or weak spots, researching IT trends, educating the rest of the company on security—and even simulating security attacks to find potential vulnerabilities.
Cyber security analysts will also plan for trouble, creating contingency plans that the company will implement in case of a successful attack. Since cyber attackers are constantly using new tools and strategies, cyber security analysts need to stay informed about the weapons out there to mount a strong defense.
Additionally, information security professionals may assist in spreading the word and educating members of an organization about security risks and best practices, which makes perfect sense. Even the most technically sound and secure systems can be undermined by a user with the right access level acting foolishly.
Cyber security analyst salary and job outlook
With the prevalence of threats and breaches out there today, it’s no surprise that cyber security jobs are on the rise. What might surprise you is just how fast these opportunities are projected to grow. The BLS projects cyber security analyst jobs to grow 31 percent through 2029, which is more than seven times faster than the average for all occupations!1
This demand translates well when it comes to a typical cyber security analyst salary. The BLS states the median annual salary for these professionals in 2019 was $99,730.1
Important skills for cyber security analysts
Cyber security analysts need a healthy mix of hard and soft skills. We used real-time job analysis software to examine more than 170,000 cyber security analyst jobs posted over the past year.2 This data helped us determine what skills employers are seeking in candidates.
Top technical skills for cyber security analysts2
- Information systems
- Network security
- Project management
- Information assurance
- NIST Cybersecurity Framework
- Vulnerability assessment
- Penetration testing
Top transferable skills for cyber security analysts2
- Problem solving
- Attention to detail
- Microsoft Office®
Scott emphasizes that no matter what you bring to the table, acquiring new skills will be a constant in your cyber security analyst career. “Of course your technical know-how is important. If you want success in your career, you’ll learn how to learn for a living,” he says. “But your soft skills—especially your ability to communicate—are equally as important.”
How to become a cyber security analyst
If you’re liking what you’re hearing about the cyber security job description, projected growth and earning potential, the next logical question is “How do you become a cyber security analyst?”
Given that this specialized area of information technology is relatively new, the path to working in this field isn’t quite as clear cut as others. Many information security professionals in the field today started out in more generalized IT roles and made a transition. This route is still pretty common—it makes sense for cyber security analysts to have a strong background in the design and operations of computer networks and systems.
Professionals in this field usually have at least a bachelor’s degree in Cyber Security or a related field, according to the BLS.1 Our analysis of cyber security analyst jobs supports this claim, with 85 percent of employers seeking candidates with a bachelor’s degree.3
Aspiring analysts should know that there are also plenty of information security certifications out there that can boost your credibility to potential employers. Information security certification, like the Certified Information Systems Auditor® (CISA) and CompTIA® Cybersecurity Analyst (CySA+) are excellent options for verifying your cyber security knowledge.
Analyzing your cyber security potential
Do you think this career matches up with what you are looking for? Cyber security analysts are certainly sought after in the Wild West of today’s digital landscape. If you could see yourself delving into the nuts and bolts of protecting information systems, or if you are the kind of person who could become passionate about the best defenses out there, then this might be the perfect choice for you.
But like any big change, embarking on a cyber security analyst career requires some investment and consideration. Take the next step in your research by checking out our article, “Is a Cyber Security Degree Worth It? The Facts You Can't Ignore.”
1Bureau of Labor Statistics, U.S. Department of Labor, Occupational Outlook Handbook, [career information accessed October 2020] www.bls.gov/ooh/. Salary data represents national, averaged earnings for the occupations listed and includes workers at all levels of education and experience. This data does not represent starting salaries and employment conditions in your area may vary.
2Burning-Glass.com (analysis of 170,700 information security analyst job postings, Oct. 01, 2019 – Sep. 30, 2020).
3Burning-Glass.com (analysis of 117,978 information security analyst job postings by education level, Oct. 01, 2019 – Sep. 30, 2020).
CompTIA Cybersecurity Analyst (CySA+) is a registered trademark of CompTIA Properties, LLC.
Certified Information Systems Auditor (CISA) is a registered trademark of ISACA.
Microsoft Office is a registered trademark of Microsoft, Inc.
Python is a registered trademark of the Python Software Foundation, Inc.
EDITOR'S NOTE: This article was originally published in 2018. It has since been updated to include information relevant to 2020. Insight from Greg Scott remains from original article.