How to Become a Cyber Security Analyst

A cyber security analyst is an information technology and cyber security professional who uses a wide variety of processes and technologies to safeguard private data and networks from threats. They are responsible for monitoring and responding to security risks and are in charge of selecting and deploying the technologies that will be used to protect the IT infrastructure at a company. In many cases, they also work with other IT staff to develop best practices and processes that will be used by every member of a company to protect infrastructure and data from being accessed or tampered with by cyber criminals.

A cyber security analyst’s role is constantly evolving and typically involves a wide range of responsibilities. But exactly what does a cyber security analyst do? While tasks may vary based on your position and the type and size of your employer organization, here are some general tasks you might perform:
 

Analyzing security systems is one of the primary responsibilities of a cyber security analyst. To do this, they employ a variety of skills such as penetration testing and running security audits. These audits can help them determine who has access to various levels of a network and whether or not their clearance matches their responsibilities. While completing the audit, they also write up reports that communicate their findings and recommend measures to increase or improve security.
 

After analyzing a company’s security systems, a cyber security analyst works on building security protocols. These protocols may include adding firewalls and encryption methods to certain portions of a network or database. They may also include setting up processes for accessing and transferring sensitive data safely.

Cyber security analysts use a variety of tools to keep an organization’s networks safe. They determine whether or not the company will use a VPN and what encryption programs to install, should they be necessary. They also determine what or who can or cannot pass through these barriers.

In the event that their analysis shows a weakness that cannot be fixed with their existing tools, a cyber security analyst will have to petition for upgrades. Upgrading the software and their protocols helps prevent data breaches or upgrading to more effective security software programs.

In the event of a security breach, a cyber security analyst investigates what, how and why it happened in order to construct countermeasures that will prevent similar incidents in the future.

To become a cyber security analyst, you should acquire and sharpen a variety of IT and technological skills, networking being the first among them. Some useful cyber security analyst skills may include:
 

Many businesses use small enterprise networks to maintain their day-to-day communications. Cyber security analysts need to understand how these computer networks work when bolstering network security.

Being a cyber security analyst means being comfortable with a wide range of technologies, and firewalls are among the most important. Strong comprehension of how firewalls work and how to tactically deploy them across a network is important for anyone who wants to become a cyber security analyst.

Having at least a working knowledge of how to code can be a beneficial skill as a cyber security analyst, as you’ll need to be able to look at code and determine whether or not it’s secure or if someone is using programming languages maliciously.
 

Another aspect of a cyber security analyst's job involves selecting the correct software to protect their network. Having a firm grasp on the functionality of different software applications is crucial to performing the duties of this profession.
 

As a technology professional, you'll need to remain aware of the ever-shifting landscape of your field. Being able to do research and quickly evaluate information is essential.
 

A big part of being a cyber security analyst is developing new best practices and communicating them to coworkers and employees. You may also have to regularly speak to higher-ups in order to communicate why certain security protocols have to be changed or technologies need to be updated.
 

While attention to detail is useful in just about any profession, it's vital in the world of cyber security. This soft skill can help you better identify threats and breaches in your security. It's also helpful for pinpointing and resolving areas of weakness in your own work.
 

The world of technology moves fast. Cyber professionals need to be able to stay up to speed with emerging tech, new developments in security, understand evolving cyberthreats and be able to respond swiftly.

Cyber security analysts need to know how to evaluate existing security measures, identify potential vulnerabilities and security issues, and know how to strengthen and improve their defense capabilities against the constant threat of cyberattacks. One way to effectively test a systems’ defenses is to launch an attack. Penetration testing is one method where an internal cyber security utilizes a simulated attack to sus out where there may be gaps in their security systems.

While it’s unlikely that you’ll be familiar with every type of device, as a cyber security analyst you should be able to understand the basic characteristics of a range of devices, how they’re built and how they work with other devices.

An operating system (OS) allows all computers to function. A cyber security analyst understands what could impact these systems and how to correct any issues should an operating system be jeopardized.

Ethical hacking is attempting to break into a network in order to test the strength of a security system. Cyber security analysts use this skill, mimicking the tactics of a malicious hacker, to identify and correct any vulnerabilities in security plans.

A cyber security analyst also needs to know how to set and approve system permissions so that only authorized employees have access to it.

All cyber security analysts need to be familiar with how the internet, digital devices and modern communication methods work together.

While it’s important to restate that there is no single way to become a cyber security analyst, as the field becomes more established, more pathways into the profession may emerge. This is one pathway that you can follow as you prepare to pursue a career as a cyber security analyst or other cyber security professional:
 

Typically, the path to becoming a cyber security analyst begins with earning a degree or certificate in the field. An undergraduate certificate in cyber security is a great way to dip your toes into the world of cyber security without making a commitment to a full associate or bachelor’s degree program.

That said, employers may look for cyber security education that includes a bachelor’s degree in the field, such as a bachelor’s degree with a cyber security specialization, depending on the company and the position itself. A bachelor's degree can help show employers that you're serious about this career path and have taken the time to develop your skills.
 

As the cyber security field evolves to keep pace with new threats presented by cybercriminals, individuals looking to grow in this field are encouraged to earn relevant credentials and certifications. 

Courses within DeVry’s cyber security programs may help you prepare to pursue industry-relevant cyber security certifications like:

Once you’ve earned your degree, or if you are in the process of earning one, you may want to take on an internship. If you’re already working in a related field, that can also be beneficial as some skills may transfer over or provide you additional insight you wouldn’t have gained elsewhere. An internship or other job experience can help you build your skills in a real-world setting while providing the opportunity to develop relationships with people who are in your field and who may be able to connect you to other cyber security job opportunities.

Whether you’re already working in the field as a professional or as an intern, earning some additional credentials may help you stand out in the eyes of employers. In particular, professional certifications such as the CISSP (Certified Information Systems Security Professional), CISA (Certified Information Systems Auditor) and CISM (Certified Information Security Manager) are intermediate-to-advanced certifications that demonstrate your skill and ability to potential employers.

Once you've built up your resume, the next step is to find a cyber security job. This step may take some time, but persistence is key. Keep an eye out for any open job postings in your area, and consider how far you're willing to commute, or even if you'd be willing to move. Since many roles are now remote, you may be able to find work as a cyber security analyst from home.

Based on available data, there is strong evidence to suggest cyber security analysts will continue to play a significant role in cyber security to reinforce information security and protect data systems in government, healthcare, banking and other industries. According to the U.S. Bureau of Labor Statistics (BLS), employment of information security analysts is projected to grow 32% from 2022 to 2032, much faster than the average for all occupations, with about 16,800 job openings each year, on average, over the decade.¹ This growth is projected on a national level and local growth will vary by location. BLS projections are not specific to DeVry University students or graduates and may include earners at all stages of their careers and not just entry level.

The BLS attributes this growth to the increasing frequency of cyberattacks and the resulting focus businesses are placing on enhancing their cyber security measures. They further note contributing factors like the shift to remote work, rise of e-commerce, and strong growth in telehealth that may increase data security risks for healthcare providers.