computer screen

Career Outlook: Information Security Analyst


As digital networks across the world continue to expand rapidly, the information assurance industry is also expected to grow as well. In 2015, for instance, the industry grossed $75 billion, and by 2020, it’s estimated that the industry will gross $170 billion. Individuals considering a career in the thriving cybersecurity industry may find the role of an information security analyst to be an ideal fit, as the need for trained cybersecurity professionals is expected to increase with each passing year. Those considering this career option should have in-depth knowledge of the responsibilities, duties and education required in order to provide the high level of digital protection needed to secure critical digital networks.

Responsibilities and Duties

Information security analysis is crucial to the integrity of organizations that deal with highly sensitive data in a digital format, such as financial organizations or legal firms. To preempt the risk of data being breached by the attacks of hostile cyber criminals, organizations will hire a team of information security analysts who will continually examine the integrity of the organization’s networks and databases to limit the potential for cyber attacks. Information security analysts typically identify, contain and eradicate any network security breaches, preferably before they can cause any lasting damage. They accomplish this by drafting rules and regulations for use by non-security personnel within the organization, training employees and members of the organization to comply with regulations meant to improve information safeguarding, as well as installing and implementing important security software, such as firewalls and data encryption programs. Additionally, information security analysts may also investigate recorded network security violations when they’re discovered, develop detailed reports that fully describe the breach, including details like the involved parties, the extent of damage caused and who was affected, in order to strategize the most effective prevention plan for helping guarantee an organization’s cybersecurity.

Penetration testing is another duty that information security analysts may perform. This common practice involves simulating attacks against the organization’s own systems to discover network vulnerabilities before they can be exploited in malicious attacks. Along with this, information security analysts will need to participate in disaster recovery planning so that the organization has protocols that help keep networks operating when cyber attacks occur. These plans generally consist of regularly backing up important data in remote locations, as well as steps to restore full network functionality after an attack takes place.

The list of responsibilities for an information security analyst is constantly expanding due to the increased amount of pressure being placed onto organizations by the ever-growing number of cyber crimes. With this in mind, it’s essential for information security analysts to remain active in developing novel techniques and uncovering industry trends. This can be largely done through consistent study and research, as well as experimentation through practice scenarios.

Education & Skills

Organizations expect their information security analysts to have a thorough understanding of the platforms they interact with, therefore a dynamic educational background, along with previous experience in the field, should prove beneficial to candidates working in the field. In particular, information security analysts typically have a bachelor’s degree in computer science, programming or information assurance, along with a master’s degree in information assurance. Additionally, general analytical skills and extensive attention to detail can be essential for establishing a long-lasting professional career in cybersecurity analysis. Senior-level security positions, such as chief information security officers, often require a specialized background. Most chief officers boast dozen years of information technology (IT) experience, and many feature at least a master’s degree in IT or cybersecurity and assurance. For those seeking senior-level positions, entering the industry as an information security analyst is a strong first step towards achieving a successful long-term career in information assurance.


Outside of formal education, advanced credentials are a great means of attaining practical knowledge and technical skills that employers are constantly searching for in their IT staff. Certifications can be earned by completing accredited certification courses either online or in person. The following is a list of some of the top certifications for information security analysts.

Offensive Security Certified Professional (OSCP) – The OSCP is an ethical hacking exam designed for individuals hoping to demonstrate to employers that they are fully capable of gathering information across a network and identifying vulnerabilities that they can successfully exploit. The first step to obtaining this certification includes completion of the Penetration Test Training course. The final step is an exam, which entails exploiting systems, completing a full penetration test, and submitting the finished report.

Cisco Certified Entry Networking Technician (CCENT) – Leading digital technology company, Cisco, offers a long list of certification examinations that complement a career in cybersecurity. The CCENT is generally the first program an aspiring networking professional would complete, as it supplies them with the knowledge and skills to install, operate, and troubleshoot small enterprise branch networks.

Cisco Certified Network Associate (CCNA) – After the CCENT, it is suggested that individuals acquire a CCNA. The CCNA can be earned with an emphasis on one of several different categories, including security, cloud, collaboration, security operations, design, data center technologies, industrial plants, service providers, and wireless. This associate level certification is widely accepted as proof of ability by most IT employers. The certification process consists of two sections, Interconnecting Cisco Networking Devices (ICND) 1 and 2: ● ICND1 – This section covers the fundamentals of network types, network media, switching fundamentals, TCP/IP, addressing and routing, WAN technologies, configuring iOS devices and managing network environments. ● ICND2 – The second section focuses on developing skills that involve LAN switching, infrastructure services and maintenance, and other routing technologies.

CompTia Security+ – The Security+ certification is a credential that is accepted globally as evidence of foundational, vendor-neutral IT security knowledge and skills. Due to the principles of network security and risk management covered in this course, security professionals with a CompTia Security+ certification under their belt are highly sought after for information security analyst positions.

Salary and Job Growth Trends

According to the U.S. Bureau of Labor Statistics, the median pay for information security analysts in the United States is $90,120 per year. Given the growth of the information assurance industry, employment opportunities for information security analysts is estimated to grow 18 percent between 2014 and 2024, a rate that is nearly double the average in most lines of work. Additionally, there are many opportunities for advancement and promotion from this role, including positions related to cybersecurity engineering, security architecture, and security management.

Focusing on gaining an education and experience in information security analysis can pave the way to securing a flexible, fulfilling, and challenging career. Effectively protecting an organization from cyber crime entails developing functional safeguards that can’t be easily bypassed, observing them for disruption or instability, and updating them with new protocols that are suited to the organization’s current needs or circumstances.

Learn More

As the nation’s oldest private military college, Norwich University has been a leader in innovative education since 1819. Through its online programs, Norwich delivers relevant and applicable curricula that allow its students to make a positive impact on their places of work and their communities.

At Norwich University, we extend a tradition of values-based education, where structured, disciplined, and rigorous studies create a challenging and rewarding experience. Online programs, such as the Master of Science in Cybersecurity, have made our comprehensive curriculum available to more students than ever before.

Norwich University has been designated as a Center for Academic Excellence in Cyber Defense Education by the National Security Agency and Department of Homeland Security. Through your program, you can choose from five concentrations that are uniquely designed to provide an in-depth examination of policies, procedures, and overall structure of an information assurance program.

Recommended Readings
Top Cyber Security Conferences
5 TED Talks on Information Assurance
Infrastructure: The Greatest Cyber Attack Vulnerability


Information Security Analysts, Bureau of Labor Statistics
Security Analyst, Infosec Institute
Offensive Security Certified Professional (OSCP) Report,
Training & Certifications, CISCO

Learn More Today

Complete the form on the next page to request more information about our online programs.

Request Info