Information Security Analysts
Information security analysts are crucial to data systems. They analyze vulnerabilities and recommend solutions. One often hears the acronym ‘CIA’ used in connection with their work. Security analysts are concerned with the confidentiality, integrity, and availability of data.
Information security and cyber security are closely related. Indeed they overlap. Cyber security can mean more than just protection of data. Information security, meanwhile, can include information that doesn’t exist in cyber form. https://www.cisoplatform.com/profiles/blogs/understanding-difference-between-cyber-security-information The focus, though, is typically on the cyber.
Information security analyst is often considered a cyber security job. The University of San Diego lists it among the top jobs in cyber security (https://onlinedegrees.sandiego.edu/best-jobs-in-cyber-security).
Information security analysts may specialize in ethical hacking/ penetration testing or information systems auditing.
Information security analysts are sought be a wide variety of companies. Many find a role in the public sector. Many are hired by financial institutions. But information security analysts are also in demand by companies that we don’t necessarily think of as having large amounts of sensitive data. Among those seeking in 2021 was a beverage company specializing in sparkling water. Duties would include supplier risk assessment, implementation of controls that protect ‘CIA’, security audits, and collaboration on access validation for business applications.
Career Outlook for Information Security Analysts
Information security analyst is an in-demand field. 31% occupational growth has been projected for 2019 to 2029. Still, it takes some work to get that first position. That’s because companies value experience as well as education. Professionals may enter on the strength of experience in related computer fields. They may, for example, have worked in network administration.
Information security analyst can be part of a multi-stage career path. Some get their start in IT. Some information security officers go on to be chief security officers. A professional may need education at multiple points along the way – whether degree, academic certificate program, or non-degree coursework.
Internships can help provide a foundation.
Information Security Analyst Educational Foundations
Some bachelor’s degree programs include the term “information security” in the title (for example, cyber and information security). However, this is by no means the only route. There are many bachelor’s programs labeled as cyber security. These can provide a very strong foundation. The prospective student will want to take a close look at the coursework sequence. Information security programs are varied. Some are housed in computer science colleges; others in outside units such as business or engineering. Students may opt for degrees in Computer Information Systems; this is more closely related to IT.
Programs may be designated as Centers of Academic Excellence in Cyber Defense Education or Cyber Operations. The CAE designation is awarded by the National Security Agency and the Department of Homeland Security.
Computer professionals may take role-specific courses on a credit or non-credit basis. One can take short courses in a variety of specialized areas (for example, intrusion detection) outside academia.
Many information security programs are master’s level. At this level, there are quite a few specifically in information security.
Some information security programs participate in the Scholarship for Service Program (SFS). Students who are selected for the program receive a generous support package in exchange for future commitment.
Prospective cyber security professionals can use internships to help them break into the field.
Information Security Programs
The University of Texas-Austin offers a Master of Science in Information Security and Privacy (ISP) program geared toward working professionals. Classes are held one weekend a month; students can opt to meet online or in-person. The following are among the courses: Public Policy, Information Security, and Privacy, and Information & Privacy in Society.
George Washington University offers a bachelor’s degree completion program designed for individuals with associate’s degrees in related computer, business, and engineering fields. There are also options for bachelor’s degree holders from non-technical fields and for individuals with at least 60 semester hours of credit; the latter will need to meet core coursework requirements. Among the courses are Information Technology Security System Audits, Topics in IT Security Defense Countermeasures, and Compliance and Risk Management. The program is available at two Virginia campuses. GWU also offers a master’s in Cybersecurity Strategy and Information Management.
Information Security Certifications
There are a number of certifications that information security analysts may want to pursue over the course of their careers.
(ISC)² offers several related certifications. The CAP – Security Assessment and Authorization Certification is referenced by (ISC)² as being relevant to information security (https://www.isc2.org/Certifications/CAP). The SSC-Systems Security Certified Practitioner is noted as relevant to security analyst roles and to IT. The CISSP – Certified Information Systems Security Professional , a very highly regarded security professional certification, is recommended by those in the know for information security professionals who have the requisite experience.
Those who specialize in information systems auditing may want to pursue the ISACA Certified Information Systems Auditor (CISA) credential while those in ethical hacking may vie for the EC-Council Certified Ethical Hacker (CEH).
The Cisco Certified CyberOps Professional and GIAC Security Essentials (GSEC) are also worth considering.
Information Security Analyst Salary and Job Concentration
Information security analysts earned a mean salary of $104,210 in 2019. The 10th percentile was $57,810; the 90th, $158,860. BLS Data May, 2020
Virginia has not only the highest information security job concentration – it has the highest employment levels.