The growing importance of business intelligence and the rise of data breaches, that now cost a company $3.86 million on average, have created a growing job market for information security analysts.
Looking for a job as an information security analyst? Find it with Computerworld UK jobs.
The average annual salary of an information security analyst is currently about £34,000 per annum, according to Payscale, and that figure is likely to grow in the years to come.
Here's everything you need to know about becoming an information security analyst.
What does an information security analyst do?
Information security analysts protect business information by reviewing an organisation's IT environment to identify its requirements and vulnerabilities and recommend the best methods of securing data and mitigating threats.
Specific responsibilities vary between sectors and organisations but typically include risk assessment, defence planning by installing the necessary protections and updating software, recommending security measures to management, and planning disaster recovery procedures and responding to breaches.
Information security analysts will be expected to monitor their employer's networks, produce reports on security policies and any breaches, research security trends, conduct penetration testing and develop best practices for security.
It is also worth noting that not every job advert will list the role under the title "information security analyst". Similar positions include security analyst, information security consultant and cyber security analyst.
What type of people are suited to being information security analytics?
Information security analysts should be analytically minded, with a passion for cyber security and knowledge about the latest developments.
They are typically technically-minded with strong IT skills but also need to be effective communicators to ensure that staff understand the organisation's security risks and requirements, regardless of their position or level of technical expertise. These will ideally include verbal, presentation skills and writing communication skills.
They will also need multitasking, project management, and problem-solving skills, the ability to work in a team, strong attention to detail and the ability to work under pressure.
What qualifications do information security analysts need?
Most information security analysts have a bachelor's degree in a science, technology, engineering or mathematics (STEM) subject such as computer science or physics, but other routes into the role are also possible.
Some information security analysts begin by accepting an entry-level IT position and working their way up to the position and some graduate schemes for the job accept graduates with non-technical degrees.
What certifications are best for information security analysts?
Some of the top-rated certifications for information security analysts are: Systems Security Certified Practitioner (SSCP), Certified Cyber Professional (CCP), Certified Information System Security Professional (CISSP), Certified Ethical Hacker (CEH) and GCHQ Certified Training (GCT).
What’s the career trajectory like?
The cyber security skills shortage means good career prospects for information security analysts. They will typically begin their careers in entry-level or junior information security roles and can then progress to the positions of information security manager, security architect or information security officer.
There is also the possibility of reaching a cyber security leadership roles, particularly if training is regularly completed and new certifications consistently gained. Some employers may sponsor staff to complete a master's degree in a relevant subject.
How much do information security analysts get paid?
The average annual salary for an information security analyst is £34,179, according to PayScale. Entry-level positions can expect a starting salary of around £27,000 while those at the peak of the profession can earn up £50,000.
Information security analyst jobs: Who is hiring?
Information security analysts are employed by a vast array of organisations, from financial service institutions to public healthcare bodies, either as consultants contracted for specific projects of permanent staff members.
The best places to find job vacancies include specialist IT recruitment sites CWJobs, Cyber Security Jobs, Cyber Security Jobsite, ITJobsWatch, ProTech Recruitment and technojobs and more general job sites such as Indeed, Monster, and Jobsite.
Read next: How to get a job as a network engineer
Read next: How to get a job as a data scientist
Read next: How to get a job as a security engineer
Join the CIO New Zealand group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.