Information security analysts held about 163,000 jobs in 2021. The largest employers of information security analysts were as follows:
| Computer systems design and related services | 27% |
| Finance and insurance | 15 |
| Information | 14 |
| Management of companies and enterprises | 8 |
| Administrative and support services | 5 |
Many information security analysts work with other members of an information technology department, such as network administrators or computer systems analysts.
Work Schedules
Most information security analysts work full time, and some work more than 40 hours per week. Information security analysts sometimes have to be on call outside of normal business hours in case of an emergency.
Information security analysts typically need a bachelor’s degree in a computer science field, along with related work experience. Employers may prefer to hire analysts who have professional certification.
Education
Information security analysts typically need a bachelor’s degree in computer and information technology or a related field, such as engineering or math. However, some workers enter the occupation with a high school diploma and relevant industry training and certifications.
Work Experience in a Related Occupation
Information security analysts may need to have work experience in a related occupation. Many analysts have experience in an information technology department, often as a network and computer systems administrator.
Licenses, Certifications, and Registrations
Many employers prefer to hire candidates who have information security certification. Some of these certifications, such as Security+, are for workers at the entry level; others, such as the Certified Information Systems Security Professional(CISSP), are designed for experienced information security workers. Certification in specialized areas, such as systems auditing, also is available.
Advancement
Information security analysts may advance to become chief security officers or another type of computer and information systems manager. Information security analysts also may advance within the occupation as they gain experience. For example, they may lead a team of other information security analysts or become an expert in a particular area of information security.
Information security analysts typically have an interest in the Building, Thinking and Organizing interest areas, according to the Holland Code framework. The Building interest area indicates a focus on working with tools and machines, and making or fixing practical things. The Thinking interest area indicates a focus on researching, investigating, and increasing the understanding of natural laws. The Organizing interest area indicates a focus on working with information and processes to keep things arranged in orderly systems.
If you are not sure whether you have a Building or Thinking or Organizing interest which might fit with a career as an information security analyst, you can take a career test to measure your interests.
Information security analysts should also possess the following specific qualities:
Analytical skills. Information security analysts must carefully study computer systems and networks and investigate any irregularities to determine if the networks have been compromised.
Detail oriented. Because cyberattacks can be difficult to detect, information security analysts pay careful attention to their computer systems and watch for minor changes in performance.
Ingenuity. Information security analysts try to outthink cybercriminals and invent new ways to protect their organization’s computer systems and networks.
Problem-solving skills. Information security analysts uncover and fix flaws in computer systems and networks.
The median annual wage for information security analysts was $102,600 in May 2021. The median wage is the wage at which half the workers in an occupation earned more than that amount and half earned less. The lowest 10 percent earned less than $61,520, and the highest 10 percent earned more than $165,920.
In May 2021, the median annual wages for information security analysts in the top industries in which they worked were as follows:
| Information | $128,970 |
| Finance and insurance | 104,790 |
| Management of companies and enterprises | 101,350 |
| Computer systems design and related services | 101,170 |
| Administrative and support services | 95,270 |
Most information security analysts work full time, and some work more than 40 hours per week. Information security analysts sometimes have to be on call outside of normal business hours in case of an emergency.
Employment of information security analysts is projected to grow 35 percent from 2021 to 2031, much faster than the average for all occupations.
About 19,500 openings for information security analysts are projected each year, on average, over the decade. Many of those openings are expected to result from the need to replace workers who transfer to different occupations or exit the labor force, such as to retire.
Employment
High demand is expected for information security analysts. Cyberattacks have grown in frequency, and these analysts will be needed to create innovative solutions to prevent hackers from stealing critical information or creating problems for computer networks.
As businesses focus on enhancing cybersecurity, they will need information security analysts to secure new technologies from outside threats or hacks. A shift to remote work and the rise of e-commerce have increased the need for enhanced security, contributing to the projected employment growth of these workers over the decade.
Strong growth in digital health services and telehealth will also increase data security risks for healthcare providers. More of these analysts are likely to be needed to safeguard patients' personal information and data.
For more information about computer careers, visit
Association for Computing Machinery
Computing Research Association
For information about opportunities for women pursuing information technology careers, visit:
National Center for Women & Information Technology