How to Become a Cybersecurity Analyst | Skills, Roles, and Salaries

Considering a career in cyber? Apply to our online course and chat with admissions.

Learn More

Now more than ever there is an increased demand for information security. If the U.S. government has countless vulnerabilities, it’s safe to say your average private business does, too.

And while sensitive data leaking is almost always a bad thing (Edward Snowden would like a word), it’s also produced lots of lucrative demand for cyber security experts.

Penetration testers, compliance analysts, threat intel analysts, cyber security engineers, and many other cyber job titles see higher demand now than they ever have. And even despite a COVID-19 economic downturn, there's no slowing down in sight.

Many of these jobs fall under what you’d call ‘cyber security analysts,’ the people whose job it is to keep our data safe from intruders.

  • But what exactly do cyber security analysts do?

  • What are their responsibilities?

  • What skills do they need?

  • How much do make?

  • What's the future job outlook?

And most importantly: how do you become a cyber security analyst?

Ladybugs crawling on a computer graphic

What is a cyber security analyst?

Broadly, ‘cyber security analyst’ refers to people responsible for monitoring computer infrastructure, databases, computer networks, and information networks to ensure they’re protected. Sometimes also referred to as information security analysts or threat intel analysts,  cyber security analysts are tasked with many things:

  • Triaging security incidents

  • Developing policies and best practices

  • Protecting networks and computer systems from unauthorized access

  • And developing counters to any breaches that might occur — while securing as much data as possible

They’re also someone with the ability to work across departments, using their expertise to advocate cyber compliance across the business.

People who focus on cyber security analytics are not penetration testers, sometimes called ethical hackers. Penetration testing is when “pen testers” try to break into systems (and not steal anything valuable) to expose safety vulnerabilities. Ethical hacking is highly technical and is considered to be more along the lines of cyber security engineering than analysis.

Graphic showing where cyber analysts fit in the cyber security field. There are more senior than techinicans and investigators, but less senior than administrators, engineers, and architects.

What do security analysts do?

Security analysts work across a variety of areas to ensure safety for businesses and clients. Cyber security analyst jobs often include:

  • Keeping tabs on a business or individual's security and monitoring access. Analysts can operate as a systems administrator to evaluate what’s going on throughout a company’s systems.

  • Preventing breaches. An analyst is an information systems auditor, examining security architecture, security clearances, and more.

  • Monitoring networks and managing software. This includes monitoring for potential threats as well as auditing flaws in existing systems to prevent a potential security breach. 

  • Running security assessments. Threat intel analysts are often analyzing data vulnerabilities and run a wide variety of risk analysis to keep an eye on impending threats.

  • Ensuring compliance. There are a lot of regulatory standards that need to be met for the sole purpose of protecting data. Compliance analysts make sure their company — or the company they’re working with — is compliant.

  • Developing security plans and disseminating them to employees. This involves research and establishing processes. This can be as small as reporting phishing emails or as large as implementing a complete cyber security training program companywide.

  • Working incident response and disaster recovery. If a data breach does occur, cyber security analysts work with a company’s Security Operations Center (SOC team) to act as fast as possible.

Most of the time, a cyber security analyst is looking for flaws in computer and information networks to protect a company's programs, applications, security systems, personal information, and more. They also do a lot of research and reporting given how often hacking and cyber security changes.

Security analyst job description 

Security analysts' job descriptions can vary widely but there are several themes you’ll see when applying for cyber security positions.

Most will list explicitly the items listed above, and mention conducting threat and risk analysis and providing variable solutions to business. Designing and developing security tools and features are often listed, too. Lastly, some specific skills like encryption, firewall, and malware. 

How much do cyber security analysts make?

According to ZipRecruiter, the national average salary for security analysts in the USA is $100k. According to the Bureau of Labor Statistics (BLS), the 2019 median pay was also $100k. For entry-level security analysts, that number is around $83k on ZipRecruiter.

As with any job, these numbers can also vary based on location and experience.

  • In Chicago, the average is $100k 

    • On Indeed, it’s $90k for an Information Security Analyst

    • On PayScale, it’s $79k

    • On Glassdoor, it’s $73k for a Security Analyst

  • In Atlanta, the average is $97k

    • On Indeed, it’s $89k for a Security Analyst

    • On PayScale, it’s $71k

    • On Glassdoor, it’s $73k

Like with many information technology fields, cyber security is both future-proof and high-paying. ZipRecruiter offers salaries for almost any location, so we recommend checking out the location that interests you the most.

Career outlook and potential growth

The current outlook for a career as a cyber security analyst is extremely positive. According to the BLS, information security analyst jobs are expected to grow by 31% between 2019 and 2029. Traditionally, cyber security analysts worked in niche industries, but as consumer companies and everyday brands need to protect client data the roles are becoming more mainstream.

What skills do you need to a be a cyber security analyst?

It is key to have a mix of both hard and soft skills for a successful career as a cyber security analyst. Some soft skills to focus on include, customer success, problem-solving, ability to troubleshoot, and public speaking/presenting. On the technical side, analysts usually know Linux, network security, and Python. Additionally, it is also important to learn information assurance, cryptography, and the NIST cybersecurity framework. 

Some analysts — though it's certainly not a requirement — know cybersecurity programming languages like Python, JavaScript, Go, or C.

A chart showing the most popular languages in cyber security. JavaScript is the most popular, follinwed by Python, C/C++, PowerShell, Go, Ruby, Java, PHP, and Shell scripting.

How to become a cybersecurity analyst

There are two routes you can take when starting your cybersecurity career path. One of those is to get your computer science degree or other cyber-related four-year bachelor's degree. The other route is to obtain training through boot camps and certifications that do not require a four-year degree. And both work! College is better for some people, and bootcamps are better for others.

Below we outline the steps to starting a career in cybersecurity if of course, it turns out to be the right fit for you. 

Step 1: Dabble in cyber to see if it's interesting to you

Before you dive headfirst into trying to obtain certifications and formal training in cyber security it is important to see if it is the right fit for you. There are several introductory courses you can take to gauge your interest level and see if this is a career passion. Some courses to check out include:

Step 2: Go headfirst and attend a full-time cybersecurity course

Once step one is out of the way it is time to dive headfirst into cybersecurity learning. You can do this by attending a full-time cyber security bootcamp or pursuing a degree in computer science. Both have pros and cons. 

College courses will typically provide you with a more philosophical (and longer) education. They’ll usually take you 2–4 years to get the skills you need to break into the cyber industry. College tuitions of course vary greatly.

At bootcamps, your education is more practical and hands-on. They’re also much shorter than the 2-4 years at a college — cyber bootcamps are usually around 12-15. A good cyber bootcamp will usually run you around $15k–$20k.

Not sure where to go for one of these bootcamps? Below we outline some of the best bootcamp options. It is important to fully research which bootcamp you choose. The bootcamp should teach both hard and soft skills as well as offer career coaching to help place you with a job upon graduation from the program. 

A woman on her computer, sitting on a green couch
The best in-person cyber security courses to change your career

Evolve Cyber Security Academy

  • With a part-time schedule, this program can be completed in 20 weeks. It’s offered in-person in Chicago or remotely. 

  • The program offers CompTIA Security + Voucher, financing options, job preparation, and an apprenticeship program. 


  • The CORE cyber security bootcamp offered by Secureset is a 20-week program consisting of 400 instruction hours and 400 Lab hours. The program is offered in Colorado Springs and Denver, Colorado.

  • Some areas of learning during the program: Network Security, Security Culture, System Security, and Threat Intelligence to name a few. 

Flatiron School’s Cybersecurity Engineering 

  • The cyber security engineering program offered by Flatiron School can be completed in as little as 15 weeks. It is designed for students with a technical background to help start a career in cyber security engineering and launch you into the forefront of global tech growth.

  • This program is offered in NYC and D.C. As mentioned earlier, this program is more technical than the analytics course, and is more in line with pen testers.

The best online cyber security courses to change your career


  • BrainStation offers a part-time course available completely online. During this course, you will learn cyber security fundamentals, threat landscape, and security strategy, and risk management. The program prides itself on including renowned guest speakers. 

Level Effect

  • Like Brain Station, Level Effect prides itself on speakers and instructors like offensive and defensive cyber operators from U.S. Intelligence, Department of Defense, and private sector.

  • The course content is focused on the real-world practical application of skill by learning the latest cyber security tactics, techniques and procedures. 

Step 3: Get your certifications

Obtaining certifications help you to gain experience in the industry and demonstrates your knowledge. We typically recommend getting the Sec+ certification. From there it’s best to get some perspective by working in the industry before committing to a specialty, which most certifications represent. 

Three other popular certifications
  1. Certified Information Systems Security Professional certification, or CISSP, is the most in-demand professional certification

  2. The second most crucial professional certification is the Certified Information Security Manager certification (CISM)

  3. CISA certification is the third most sought-after professional qualification for cyber security positions.

Step 4: Execute an effective job search

There’s one more step after you learn everything you need to know — the job search. One of the perks of attending a bootcamp is the career services they offer. This is one of the most important attributes to look at when deciding which bootcamp program is right for you as some do not offer career services. 

Flatiron School offers full comprehensive career services to all graduates to help them find their job and successfully start their new careers. Some tips for nailing your interview include Practicing eye contact along with posture during the interview and after following up with a thank-you note to help stand out. Whatever you do, remember: don’t be scared.


  1. Cyber security is an ever-growing career and is more in demand than ever as retail and in-person businesses shift to completely or mostly online operations. 

  2. To get started it’s best to dabble with some introductory and informational courses to see if this is a path for you. 

  3. Once you know this is the career path for you, we recommend taking a cyber security course. This will teach you the skills needed to land a job in the industry. There are a variety of avenues to the type of work you may specialize in when becoming a cyber security analyst which leads to certifications.

  4. Certifications can help you bolster your résumé when you are applying to jobs or also give you additional, specific training you may need for what niche you land in. 

  5. To secure the job after you’ve completed your training it is helpful to lean on your program’s career services to help find available openings. Being sure to have a diverse mix of soft and hard skills will also help at nailing the interview and being successful in your career.

For more background on cyber basics, watch our Network Securty 101 workshop from our sister school, SecureSet. It discusses the vital role of cyber security and other computer-related IT fields, as well as talks about some of their coursework.

Headshot of Katie Gillen

Katie Gillen


Read More Cybersecurity Articles

Since we opened our doors in 2012, thousands of students have joined Flatiron School to launch new careers in tech.

Explore our Courses

Find the perfect course for you across our in-person and online programs designed to power your career change.

Explore Our Courses
Join a Community

Connect with students and staff at meetups, lectures, and demos – on campus and online.

Join the Community
Schedule a Chat

Have a question about our programs? Our admissions team is here to help.

Schedule a Chat