How to Become an Information Security Analyst

Get Matched to a Degree for FREE!!

Degree description image

What do Information Security Analysts Do?

Info security analysts keep a company’s computer networks and systems safe. They watch for security breaches and react to cyber attacks.

They also try to prevent attacks from happening, in the first place. That includes using software like firewalls to protect data. And, analysts maintain best practices for keeping info safe. Knowing the latest trends in IT security is key to the role.

Analysts often work in IT departments. 26% work in computer systems design and related services. 18% work in finance and insurance. Many kinds of businesses need to worry about keeping data safe and need these kinds of analysts.

Jobs for info sec analysts should grow 32% from 2022 to 2032. That’s much faster than average. How to stop hackers and protect data has become a growing concern. Financial companies and health care providers may have the biggest cause for worry. So, these industries could need more analysts to stay on top of threats.

Info sec analysts play a key role in today’s world. The job growth and salary potential reflect that. If protecting data from hackers sounds like a good day’s work, learn more about this career path.


What Degree Should I Earn to Become an Information Security Analyst?

If you hope to be an IT security analyst, you should earn at least a Bachelor’s degree.

  • Bachelor’s in Computer Science (CS): The field of CS includes many disciplines. It brings together topics like how to program, software engineering, and networks. You’ll learn how to design and even build computer hardware and software. And, you’ll learn how to maintain computers and IT systems. That includes how to keep them secure.
  • Bachelor’s in Information Systems Security: You’ll learn how to maintain security systems. The program covers computing platforms and software that help a company run. You’ll learn how to find out when hackers try to access company info. And, you’ll prep to deal with many IT threats.
  • Bachelor’s in Cyber security: This program drills down on IT threats. You’ll learn to deal with data breaches and keep hackers at bay. This program may share topics in common with Information Systems Security. But it may place more of a focus on cyber crimes. That includes solving crimes and tracking down cyber criminals.
  • Bachelor’s in Computer Programming: A programming major covers how to write code. The goal is to create computer apps and software that solve problems. You’ll study many languages, like Java and C#. One possible option is to focus on cyber security. Programming skills can help you prep for and combat cyber threats.

Some IT analysts earn an MBA after their Bachelor’s. This can be in an area like Information Systems. In this program, you could focus on management skill areas and with computer courses. You’ll study the tech tools and strategies to solve business problems. And, you’ll learn how to manage a team to achieve goals in IT and beyond.

5 Key Skills for Information Security Analysts

Info sec analysts may learn skills in school and on the job. Most study areas like CS, information assurance, or how to program. And, many work in IT departments before focusing on IT security.

  1. Cyber Security:  Protect computer systems from threats. These could include hacking, damage, data theft, and more.
  2. IT Security & Infrastructure: Keep all parts of an IT system safe. And, understand the physical devices, software, and protocols for IT security
  3. Computer Security: Make sure computers are not hacked, stolen, or damaged. Use measures like firewalls to protect computers.
  4. Security Policies and Procedure: Know methods to maintain a company’s IT systems. Teach other employees to follow procedures.
  5. Security Risk Management: Plan for IT threats before they happen. Be proactive to keep risks low.

Information Security Analyst Careers

One company you could work for as an info sec analyst is CGI Inc., a global IT consulting company. CGI brings tech solutions to a business. That means keeping on top of trends in IT, security, and more.

Booz Allen Hamilton is another global IT consulting company. They serve private and public business and employ over 26,300 people. Or, consider Accenture. They also partner with business to enable IT innovation.

Consulting firms are one kind of employer. Some business have in house IT experts. These include Verizon, a major U.S. employer. As a large U.S. telecom company, cyber security is key to the company. Some roles deal with how to find and defend against cyber threats. Other roles deal with how to design and build secure infrastructure.

Do you have an interest in how IT security could enable fun? Sony Interactive Entertainment employs experts in this field. This global company may be better known as PlayStation. They make video games and digital entertainment.

On the financial side of things, check out Visa. As a global payments company, security is top of mind for Visa. So, they may hire for many kinds of security roles. The same goes for American Express and other finance companies or banks.

And, don’t overlook health care and pharma. Patient privacy makes security a key concern in this industry.  Employer is PharMerica, a Fortune 1000 company that handles seniors’ health needs. Their tech enables their medication programs. So, they need IT security experts on staff!

In short, large employers need info sec analysts. You can learn more about the above companies or start your search.

How Do I Become an Information Security Analyst?

Most analysts earn at least a Bachelor’s degree. This should be in a computer related field. CS and programming are common majors. But you could study cyber security or a similar field.

Your degree program should cover the basics of how IT systems work. You could study things from computer architecture to coding. And, you’ll learn best practices for how to handle cyber threats.

Some employers ask analysts earn a MBA in info systems. This program teaches both business and computer courses. So, it could help you learn the big picture of how IT security benefits companies.

Analysts often have some work experience, too. They may start out in another IT role, and learn the field from the ground up. Later, they may zero in on info sec. Employers look for analysts with experience tailored to the role. For example, employers may prefer someone with data base admin experience data base security role.

Finally, analysts often earn info sec certs. This helps proves their knowledge to employers. You could earn a general cert, like Certified Information Systems Security Professional (CISSP). Other certs cover more specific skill areas, like systems auditing.

Top Industries for Information Security Analysts

Info sec analysts could work in any field where cyber threats are a concern. That said, some top places employ these experts. These include:

IndustryAnnual Mean Wage
Computer systems design$119,270
Finance and insurance$122,810
Management of companies$110,490
Admin and support services$108,440

Top States by Employment for Information Security Analysts

The state of Virginia employs the most Info Sec Analysts – over 14,000! This state also has the highest number of analysts. And, it features one of the highest average salaries for this role: $112,000.

Other states with high employment numbers include:

  • Virginia, with an average salary of $131,340
  • California, with an average salary of $137,600
  • Texas, with an average salary of $115,570
  • Florida, with an average salary of $111,870

Professional Certifications for Information Security Analysts

Many employers want info sec analysts to earn certification. Certification helps prove you have the latest skills in IT security. You could also pursue certification in certain skill areas. Like, ethical hacking or systems auditing.

Each of these agency calls for different steps from you. Let’s go over a few of the top certs you could earn.

CEH: Certified Ethical Hacker

CEH certification proves you have the skills to look for weak spots in IT systems. These ethical hackers have the same skills as malicious hackers. Becoming a CEH means you can help a business plan for strong security to keep hackers out. To earn this cert, you must:

Pursue training. This must be an official EC Council training program. You could take it at an accredited training center, accredited school, or online.


Proceed without training. To be considered, you must apply. You’ll need at least two years of work experience related to information security. The application fee is $100.

Pass an exam. The exam takes four hours and has 125  questions.

Keep learning. Your cert is valid for three years. For renewal, you must take 120 CE credits within this time frame. Learn more about the EC Council Continuing Education (ECE) Program.

ECSA: EC Council Certified Security Analyst

ECSA certification is a potential next step after becoming a CEH. It covers more advanced knowledge. The  focus is doing penetration testing for enterprise clients. To earn the cert, you must:

Complete official training. You should take an EC Council training program. This training covers the material you need to know for your exam.


Skip training. If you don’t want to pursue training, you need to apply to take the exam. You’ll need at least two years of related work experience. And, you must pay a $100 application fee.

Score at least 70% on the exam. This one takes four hours and has 150 questions.

Continue your education. The ECSA cert lasts three years. After that, you must renew. To qualify, you’ll need 120 credits of continuing education each time.

GSEC / GCIH / GCIA: GIAC Security Certifications

GIAC (Global Information Assurance Certification) certifies information security professionals. They award certificates at different levels and focus areas. These include:

GIAC Security Essentials (GSEC): Start with the basics. This cert covers the security skills you need for hands on IT roles. That includes Windows, Linux security, cryptography, and more. You must score at least 73% on a five hour, 180 question exam.

GIAC Certified Incident Handler (GCIH): The GCIH cert also covers basic security skills. Testing your skills for handling security incidents come first. That means knowing hacker methods, how to defend against attacks, and more. You’ll need to score at least 73% on a four hour exam. The exam has between 100 and 150 questions.

GIAC Certified Intrusion Analyst (GCIA): This cert tests for intrusion detection skills. GCIA certification covers network monitoring, traffic analysis, reading log files and more. You must pass a four hour exam with a score of at least 68%. The test has 100 to 150 questions.

GIAC certs are valid for four years. Renewal comes with two options. You could retake the current version of your exam. Or, you could keep up with your Continuing Professional Education credits (CPEs). You must earn 36 CPEs over the four year period. CPE’s are also earned through work experience, industry training, and more.

CISSP: Certified Information Systems Security Professional

CISSP certifies your ability to create effective cyber security programs. Offered by (ISC)², it covers a range of security skills and concepts. So, it may be a good general cert for an info sec analyst. To earn it, you should:

Prep for the exam. You could prep for the CISSP exam in the class, online, or on your own. (ISC)² offers different options. Exam prep is optional but suggested.

Take the exam. It tests you on eight security domains. Security and Risk Management, Asset Security, and Security Operations are a few.

Have enough work experience. You must have at least five years of experience in at least two of the eight security domains. Earning a degree or other credential may count toward a year of work experience. You could even pass the exam while you keep working toward your five years.

Stay current. You must renew every three years. To do so, keep on top of your CPEs.

Professional Organizations

Joining a professional group could help you with your career path. And, it could be a great way to stay on top of trends in tech and security. Here are some to check out.

  • ISSA: ISSA is a global group for cyber security pros. It serves as a forum to network and share insights. You could attend meet ups on a local and global level. Attending some events could even help you earn CPEs. There are many options to join. General membership costs $95 per year, plus chapter dues.
  • ISACA: This group focuses on info systems. That includes best practices and the latest industry knowledge. Those who work in IT auditing, security, and governance / risk may benefit. Local chapter meetings and larger events let you engage with other pros. Membership is $30, or $10 if you apply online.
  • (ISC)²: A global group of cyber security pros, (ISC)2 offers many benefits to members. These include courses, discounts, and an industry magazine. You can also join or start a local chapter. To become a member, you must earn an (ISC)2 cert, like CISSP.
  • IAPP: This group is for privacy pros. That could include anyone who works to keep data private and secure. Benefits include chances to network, learn, and attend web conferences for CPE credits. Membership costs $275. IAAP offers other tiers to students and non profit workers.

Top Salaries by State for Information Security Analysts

StateEmploymentAnnual Mean Wage
New York8,710$140,770
New Hampshire630$139,050

Types of Careers in Information Security Analysis

 Information Security Analyst

Information Security Analysts safeguard computer and IT systems within companies, involving the creation of security plans and threat assessment. They employ firewalls, data encryption, and various tools for protection.

Additionally, they conduct testing to identify vulnerabilities that hackers might exploit. Staying updated on the latest IT security trends is crucial as hackers frequently alter their methods.

According to 2023 BLS data:

Median Salary: $120,360 per year

Job Growth Through 2032: 32% (Much faster than average)

Common Entry level Education: Bachelor’s degree

Computer Systems Analyst

These professionals, also known as systems architects, enhance the speed of computer systems. They merge business acumen with technical expertise to address issues in both realms. This involves collaborating with business managers to comprehend company operations and proposing tech-based solutions that cater to the business’s needs.

According to 2023 BLS data:

Median Salary: $103,800 per year

Job Growth Through 2032:10% (Much faster than average)

Common Entry level Education: Bachelor’s degree

Computer Network Architect

Computer Network Architects design and construct data communication networks, encompassing local area networks (LANs), wide area networks (WANs), and Intranets. Their role involves comprehending a company’s objectives and devising tailored plans to meet those goals. Information security holds significant importance in this planning process.

According to 2023 BLS data:

Median Salary: $129,840 per year

Job Growth Through 2032: 4% (As fast as average)

Common Entry level Education: Bachelor’s degree

Computer Information Systems Manager

These professionals oversee IT operations within a business, evaluating its computing requirements and proposing necessary upgrades or solutions. Their scope of consideration spans from security measures to computer maintenance. Additionally, they might handle hiring staff and collaborate with vendors to fulfill the company’s IT needs.

According to 2023 BLS data:

Median Salary: $169,510 per year

Job Growth Through 2032: 15% (Much faster than average)

Common Entry level Education: Bachelor’s degree

Network and Computer Systems Administrator

Network Administrators handle the day-to-day operations of networks within companies, involving organization, installation, and continuous support. Their routine tasks encompass upgrades, repairs, and addressing daily security requirements. Additionally, they may assist other employees in navigating hardware and software or troubleshooting issues.

According to 2023 BLS data:

Median Salary: $95,360 per year 

Job Growth Through 2032: 2% (As fast as average)

Common Entry level Education: Bachelor’s degree 

© Education Connection 2024. All Rights Reserved.


Sources for school statistics is the U.S. Department of Education’s National Center for Education Statistics.

Disclosure: EducationDynamics receives compensation for the featured schools on our websites (see “Sponsored Schools” or “Sponsored Listings” or “Sponsored Results”).  So what does this mean for you? Compensation may impact where the Sponsored Schools appear on our websites, including whether they appear as a match through our education matching services tool, the order in which they appear in a listing, and/or their ranking.  Our websites do not provide, nor are they intended to provide, a comprehensive list of all schools (a) in the United States (b) located in a specific geographic area or (c) that offer a particular program of study.  By providing information or agreeing to be contacted by a Sponsored School, you are in no way obligated to apply to or enroll with the school.

This is an offer for educational opportunities, not an offer for nor a guarantee of employment. Students should consult with a representative from the school they select to learn more about career opportunities in that field. Program outcomes vary according to each institution’s specific program curriculum. Financial aid may be available to those who qualify. The financial aid information on this site is for informational and research purposes only and is not an assurance of financial aid.

1 You must apply for a new loan each school year. This approval percentage is based on students with a Sallie Mae undergraduate loan in the 2018/19 school year who were approved when they returned in 2019/20. It does not include the denied applications of students who were ultimately approved in 2019/20.

2 This promotional benefit is provided at no cost to borrowers with new loans that disburse between May 1, 2021 and April 30, 2022. Borrowers are not eligible to activate the benefit until July 1, 2021. Borrowers who reside in, attend school in, or borrow for a student attending school in Maine are not eligible for this benefit. Chegg Study® offers expert Q&A where students can submit up to 20 questions per month. No cash value. Terms and Conditions apply. Please visit for complete details. This offer expires one year after issuance.

Sponsored Results

Study anywhere. Study any time.

Join the millions earning their degrees online.

7 million undergraduate and graduate students were enrolled in some form of online education in 2019!*