Possible Job Titles - Cyber, Data, or Information Security Architect, Analyst, or Engineer; Governance Risk & Compliance Auditor; Information Security Administrator; Chief Information Security Officer; Information Security Director, Manger, or Supervisor.
What they do - Information security analysts plan and carry out security measures to protect an organization’s computer networks and systems. Their responsibilities are continually expanding as the number of cyber attacks increases. They must stay up to date on the latest methods attackers are using to infiltrate computer systems and on IT security. Analysts need to research new security technology to decide what will most effectively protect their organization.
IT security analysts are heavily involved with creating their organization’s disaster recovery plan (a procedure that IT employees follow in case of emergency). These plans allow for the continued operation of an organization’s IT department. It includes preventive measures such as regularly backing up data to an offsite location and the plans to restore proper IT functioning after a disaster. Some examples of job functions of IT security include:
- Protect corporate and governmental computer networks against security breaches
- Install firewalls, encryption programs and other security software to protect digital information
- Assess breaches when they occur and prepare reports documenting the breach and making recommendations to management
- Perform regular penetration testing and simulate cyber attacks to find any vulnerabilities that could be exploited by hackers and cyber-attackers
- Stay on top of the latest security trends
- Develop information technology security standards and protocols
- Make IT security recommendations to management
Education - Earning a master’s degree in Business Administration with an undergraduate degree in computer science is an attractive combination since many employers are seeking candidates with expertise in both business management and information security. Earning a MBA typically requires an additional two years of schooling beyond a bachelor's degree. Alternatively, a bachelor's degree in Business Administration with a minor in Computer Science is a good pathway.
Certifications - One of the more common certifications within the field of information systems security is the Certified Information Systems Security Professional (CISSP) as well as the CompTIA Security+
Pay - The median annual wage for information security analysts was $90,120 in May 2015. The median wage is the wage at which half the workers in an occupation earned more than that amount and half earned less. The lowest 10 percent earned less than $51,280, and the highest 10 percent earned more than $143,770.*
Job Outlook - Employment of information security analysts is projected to grow 18 percent from 2014 to 2024, much faster than the average for all occupations. Demand for information security analysts is expected to be very high. Cyberattacks have grown in frequency, and analysts will be needed to come up with innovative solutions to prevent hackers from stealing critical information or creating problems for computer networks.*