Employers

Approximately 112,300 information security analysts are employed in the United States. About 26 percent work for computer systems design and related services firms, 18 percent are employed in the finance and insurance sectors, 10 percent work in management of companies and enterprises, and 8 percent work in the information industry.Other major employers include the health care and defense industries, law enforcement agencies, federal government agencies (including the U.S. Department of Defense, the Department of Homeland Security, and the intelligence community), and state and local governments. A small number of analysts are self-employed.

Starting Out

Many people break into the field by first working as network administrators, technical support workers, or systems administrators in information technology departments. Participating in an internship while in college is another excellent way to get your “foot in the door” at a potential employer.

There are many ways to learn about job openings. First of all, you should create a LinkedIn profile and follow computer security groups and employers to learn more about the field. After soaking up some industry knowledge and participating in discussion groups, try reaching out to recruiters to see if they’re willing to participate in an information interview about job-search strategies. These discussions will help the recruiter put a name with a face when a job opening arises that matches your skill and experience level. Other ways to learn about potential jobs include contacting employers directly, visiting job sites such as Dice.com, using the resources of your college’s career services office, networking at industry events and via social media, and reading the job listing sections of industry publications and computer security association Web sites. If you’re interested in working for the federal government, visit https://www.usajobs.gov for job listings.

Information security analysts advance by receiving pay raises and taking on supervisory duties, or by becoming computer and information system managers, chief security officers, chief technology officers, chief information security officers, or other types of executives at their companies or organizations. Those who are employed by small companies can advance by moving to larger firms to manage more employees, oversee larger security budgets, and tackle more complicated security threats. Others become information security consultants or college professors.

Visit the following Web sites for job listings:

• https://www.sei.cmu.edu/careers
• https://htcia.org/careers
• https://issa-jobs.careerwebsite.com/jobs
• http://www.indeed.com/q-Cyber-Security-Consultant-jobs.html
• https://www.linkedin.com

To learn more about the field, read:

• Infosecurity Magazine: http://www.infosecurity-magazine.com
• ISSA Journal: https://www.members.issa.org/page/ISSAJournal
• International Journal of Information Security: https://www.springer.com/journal/10207  
• Computerworld: http://www.computerworld.com

Attend the (ISC)² Security Congress (https://congress.isc2.org) to participate in continuing education classes and network.

Become certified to improve your chances of landing a job, earning higher pay, and being promoted.