Information Security Analyst vs Cyber Security Analyst

What is an information security analyst?

They often do this by taking security measures. And focus these on computer networks and systems. But the number and frequency of cyber attacks is growing. As such, the scope of an info sec’s duties is also changing. For instance, take their daily tasks. Now they do more than check for security breaches. They also craft recovery plans.

Also, new tools emerge all the time. So, an info sec analyst must stay in the know. And up on trends. One thing this means is they must research a lot. And this means knowing not only what types of threats exist. But also, which methods work to stave them off.

As analysts, they also assess situations. For instance, by gauging risks. Or being able to spot weak areas in systems. Yet other skills are technical. So, they must also know how to encrypt data. And, set up firewalls.

Information Security Analyst vs Cyber Security Analyst

An Information Security Analyst is also called an Info Sec Analyst. This role is different than a Cyber Security Analyst. Both have the task of securing data. They work to do this against malicious users and other outside threats.

The Info Sec path is larger, encompassing a larger area of data security. Cyber Security is a sector of Info Sec. Cyber Security focuses on protecting data from cyber related crime. That includes fraud, phishing schemes, and other threats.

The Info Sec Analyst field is larger. The goal is to protect against any type of computer related crime. They manage large and small computer systems. Their goal is to monitor for any trace of invasion or improper access of data. They carefully monitor access to sensitive data.

Why Pursue A Career in Cyber Security?

Cyber attacks are on the rise. There are more threats to companies each year. At the same time, a lack of skilled professionals are available to manage the problem.

There is a strong demand for skilled workers in the InfoSec field. The BLS.gov now predicts 55% more jobs for info sec analysts by 2028. This is just in computer system design. In other areas of info sec, job prospects are also positive. For instance, by 2028 about 32% more jobs are forecast.

Another area of promise is in salaries and wages. An Info Sec Analyst had a median wage of $98,350 with career potential up to $156,580.

Education Requirements for an Information Security Analyst

Most InfoSec Analysts enter the field with a bachelor’s degree. It is usually in one of these fields.

  • Computer Science
  • Information Assurance
  • Programming
  • Cyber Security
  • Computer Information Systems

Many roles exist. Employers may seek out specific skills. Experience also matters. Most often, managerial roles require a master’s degree. An MBA in information systems may be another avenue. Another way to prep yourself is with a tech certificate. These are test based and often help improve a resume.

Levels of Cyber Security Degrees

Cyber security degrees begin with a basic certificate. Associates, bachelor’s, and master’s degrees are available. Here’s a look at some of the possible degree options in each area.

Associates

These two year degrees may serve as a starting point. Some students use this to explore the field to find out if it is a good fit for them.

Some programs (AS / AA) are transfer degrees. This means the goal is for you to earn the credits now and use them for a bachelor’s degree later. AAS preps you to pursue a career following a security certification. The focus is on getting a job.

Possible Degrees:

  • AAS in Cyber Security
  • AS in Cyber Security
  • AA in Cyber Security

Sample Classes:

  • Forensics and Incident Response – In this course the students learn how to detect computer hacking. They then learn how to manage those hacks.
  • Intro to Info Systems – This course looks at the building of computer systems. Students learn about computer hardware and the development of computer systems.
  • Digital Logic Design – This course focuses on basic coding. The students may learn about memory systems and minimization techniques.

Bachelor’s

This is a four year college degree. It dives deeper into info sec and areas within it. Also, the goal is to prep you to pursue a range of entry level jobs. As such, they cover a wider range of concepts including data breaches and security policies.

Possible Degrees:

  • BS in Cyber Security
  • BS in Information Systems
  • BA in Cyber Security
  • BS in Computer Science
  • BS in Computer Forensics

Sample Classes:

  • Network and Security – This course introduces and covers the basics of network security and risk assessment. Students gain a knowledge of protecting as well as designing of computer systems.
  • Web Development – This course introduces students to web design as well as programming languages including JAVA and Python. This course provides a background for students to learn and design web sites.
  • Data Management – In this course students gain a broad understanding of not only managing a database, but how to create and modify one as well. This course is an introduction with a more in depth follow up.
  • IT Fundamentals – This is a basic course to introduce students to the field of IT. In this course students gain a broad range of knowledge regarding the field as well as the different aspects and specialties in it.

Master’s

Many pursue a Master’s in Cyber Security with a specific goal in mind. Some focus on their career taking niche courses in the field. Others move to an area of interest, such as C Suite. Some programs focus on leadership. Master’s degrees take between 18 months and 2 years to complete.

Possible Degrees:

  • MS in Cybersecurity Engineering
  • MS in Computer Science

Sample Classes:

  • Cyberspace and Cyber Security Foundations – Provides knowledge in cybersecurity and its methods for providing protection from things such as malware. Covers security management practices as well as hardware and software.
  • Digital Forensics Technology and Practices – Learn and use the tools in digital forensics. Learn the methods and procedures to take and use when performing a forensic analysis such as penetration testing.
  • Prevention of Cyber Attack Methodologies – Learn the methods and tools used to prevent cyber attacks. Covers firewalls, security systems, software assurance and counter measures.
  • Advanced Cyber Exploitation – Learn how to prevent and detect the intrusion of viruses and hackers. Learn to identify, and resolve and such issues with the system.

PhD

A PhD is a research degree. It is also the highest award you may earn in cyber security. Some take this course to teach. Others aim to publish research. These professionals often are innovators in the field.

Possible Degrees:

  • PhD in Cyber Security
  • PhD in Information Assurance

Sample Classes:

In this type of program, many of the classes will vary and are specific to the focus. This is a research based degree in which almost all of the course work involves actual practice and research which is then presented for evaluation.

How to Get into Cyber Security With no Experience?

There are a few ways to get into field of information security. We covered the degree part, but not everyone has experience or a degree. One way to get started may be to use United States military training. Some military friendly schools may offer college credit for it.

Another is to look into cyber security scholarships. These may cover the costs of college or even a certification. You might also take some community college classes. While you do this, you might want to work in a related field. For instance, as a Computer Support Specialist. Or another starter job like Apple Genius.

What Skills Do You Need to Become an Information Security Analyst?

You may need two sets of skills to become an Info Sec Analyst. One set is technical. The other is personality and job related. Here are three examples of each.

3 Tech Skills

  • Web development platform software
  • Network monitoring software
  • Operating system software

3 Job Skills

  • Complex problem solving
  • Quality control analysis
  • Decision making

Many of these skills are key to everyday duties. One way to validate these skills is through an industry credential or certification. These are shortcut resume boosts. So, here are a few to think about.

CISSP – Certified Information Systems Security Professional

A CISSP certification is a common option. It allows individuals to become an (ISC)² member. This is a well recognized professional in this field.

CISM – Certified Information Security Manager

This certification focuses on information security governance. It also includes program development certification. Management and risk management is also recognized in this area.

CISA – Certified Information Systems Auditor

This focus is on meeting global standards for those working in information systems. The key focus here is in auditing, control, and security.

SANS / GIAC Certification

GIAC creates a range of cybersecurity certifications. These are ever-changing. They help professionals stay up to date in the industry.

These certifications are not a guarantee. But they may enhance a resume. This can help people to stand out in careers such as cyber security analyst.

How to start a career as an Information Security Analyst

How Much Do Cyber Security Analysts Make?

The BLS.gov compiles salary data for cyber security analysts. Per May 2018 figures, the median annual wage for info sec analysts was $98,350. Of course, as an average, some people earned less and others more. In this field, the lowest 10% earned less than $56,750. And the highest 10 % earned more than $156,580.

Where to Find a Job

There are many places to look for info sec jobs. In 2019, for instance, Information security analysts held about 131,000 jobs as per the BLS.

These jobs take place in many companies. Here is a look at some of those areas.

Computer systems design and related services26%
Finance and insurance18%
Management of companies and enterprises9%
Information8%
Administrative and support services6%

That said, each state has different jobs. And opportunities.

States with highest InfoSec Analyst employment level

The following is a list by state of the employing of an information security analyst. This data is from the Bureau of Labor Statistics (BLS). Overall an information security analyst salary is $115,800 per year on average across the entire United States. The growth rate projected through 2029 is at 31% with a total of 40,900 new jobs being created.

StateJobsAnnual Mean Wage
Alabama1,570$88,750
Alaska70$97,000
Arizona3,630$97,470
Arkansas780$83,930
California9,200$114,620
Colorado3,980$104,510
Connecticut850$101,510
Delaware680$113,000
District of Columbia2,020$119,160
Florida6,630$91,580
Georgia4,010$99,420
Hawaii340$104,910
Idaho470$90,610
Illinois4,120$102,780
Indiana1,210$82,350
Iowa830$87,080
Kansas840$87,920
Kentucky900$83,390
Louisiana600$75,250
Maine220$87,590
Maryland5,860$108,300
Massachusetts4,290$106,550
Michigan1,970$91,750
Minnesota2,230$102,190
Mississippi400$75,980
Missouri2,890$86,360
Montana110$74,250
Nebraska570$91,150
Nevada500$102,770
New Hampshire520$102,770
New Jersey4,120$121,570
New Mexico960$109,550
New York7,120$121,750
North Carolina6,020$101,130
North Dakota120$87,090
Ohio3,910$96,550
Oklahoma950$81,900
Oregon1,020$98,550
Pennsylvania3,340$101,390
Rhode Island350$95,450
South Carolina1,630$82,180
South Dakota320$91,130
Tennessee1,920$86,190
Texas10,430$108,810
Utah930$88,480
Vermont120$83,490
Virginia15,010$114,760
Washington3,120$112,540
West Virginia250$91,010
Wisconsin1,590$82,950
Wyoming50$79,010

Similar Information Security Job Titles

There are many job titles for info sec analysts. Be flexible when considering job opportunities. Here are a few examples sourced on O’Net.

  1. Information Security Officer
  2. IT Security Analyst
  3. Network Security Analyst
  4. Database Administrator
  5. Computer Network Architect
  6. Network and Computer Systems Administrator

Another thing that impacts job title is the level of the position. As an example, take Computer and Information Systems Managers. These pros plan and direct computer activities in a company full time and may do less analysis.

Top Paying States

StateEmploymentMean Salary
New York6,930$122,000
New Jersey3,480$121,600
DC1,660$118,080
Connecticut980$112,900
Virginia14,180$111,780

Top Paying Industries

According to the BLS, pharma is the highest paying industry for Cyber Security degree holders. That’s because their industry is most under attack. In fact, over 300 cyber-attacks occurred in pharma and healthcare last year.

is the next highest paying industry. That’s because of its enormous customer base. It’s no surprise that 34% of phishing attacks hit their industry.

Third in the top highest paying trio, Legal Services. That is due to cyber crime. It causes major legal issues that only an expert can handle.

Professional Resources

Many professional agencies for info sec pros exist. So, to narrow it down, here are a few to think about.

Association for Computing Machinery

The ACM promotes computer professions as a science. And do this with honors like the Turing award. They also grant many prizes for those at the top of their profession.

CompTIA

There are two branches to CompTIA. The first is membership. It grants access. For instance, to IT channel education and research. Also, it connects members with vendors and distributors. Second are certifications which are training programs that come with tests.

GMIS International

The GMIS is part of the of US gov’t. And for IT leaders works as a home for their data. Members are thus able to share their metrics. Plus, they hold conferences and events.

It is a place to network. They also grant awards and accreditation.

Digital Defense, Inc. (DDI) 

Digital Defense, Inc. (DDI) trains students to measure security risk. They are also expert at security assessments. SecurED® is their main service. It is also an industry known training program.

Infosec Institute 

InfoSec Institute provides high quality training since 1998. The institute also offers a diverse lineup of relevant courses. The website is a solid source for cyber security data.

Johns Hopkins University

John Hopkins University is a large organization known world wide. A lot of the work they do is in research and teaching in the field. The organization offers students a range of benefits. This includes industry leading education.

MIS Training Institute

Launched 1978, MIS specializes in audits and information security training. This is a large, global company. They maintain offices in the USA, UK, and Asia. As such, they’ve trained more than 200,000 across five continents.

EC-Council CCISO Program

CCISO Certification is also an industry-leader. The organization focuses on the highest level of skill set development. For instance, they unite the main skills for C-suite positions. This may include how to perform an audit. Also, how to work with laws and privacy is included.