Education needed: Information security analysts usually need at least a bachelor’s degree in
computer science, programming, or a related field. As information security continues to develop
as a career field, many schools are responding with information security programs for
prospective job seekers. These programs may become a common path for entry into the
occupation. Currently, a well-rounded computer education is preferred.
Employers of information security analysts sometimes prefer applicants who have a Master's of
Business Administration (MBA) in information systems. Programs offering the MBA in
information systems generally require 2 years of study beyond the undergraduate level and
include both business and computer-related courses.
Information security analysts generally need to have previous experience in a related occupation.
Many analysts have experience in an information technology department, often as a network or
systems administrator. Some employers look for people who have already worked in fields
related to the one in which they are hiring. For example, if the job opening is in database
security, they may look for a database administrator. If they are hiring in systems security, a
computer systems analyst may be an ideal candidate.
Educational Attainment: The College of Western Idaho offers an Associate of Applied Science
in Information Security and Digital Forensics, as well as, an Advanced Technical Certificate in
Information Security and Digital Forensics. For more information, follow the link.
Boise State University offers a bachelor’s in computer science with an emphasis in
cybersecurity. For more information, follow the link. They also offer a bachelor’s in Information
Technology Management in which information security is incorporated into the program,
although it is not emphasized. For more information, follow the link.
Soft skills description: Information security analysts need excellent analytical and problem
solving skills in order to assess risk, improve protocols, uncover and fix flaws in computer
systems and networks, and respond to security alerts. They are detailed oriented and inventive in
order to anticipate information security risks and implement new ways to protect their
organization's computer systems and networks.