If you’re one of many who to start a new career in the cybersecurity industry or become a full-time cybersecurity analyst all on your own, congratulations. You’re on your first step to learning what it takes to become a cybersecurity pro.
If you want to learn the skills to become a cybersecurity analyst, you don’t necessarily need a bachelor’s degree in information technology. Most of the technical skills by earning cybersecurity certifications or enrolling in cybersecurity bootcamps. From there, you can learn and grow into almost any role in the industry.
Below you’ll discover the responsibilities, skill sets, career path, and job outlook of a cybersecurity analyst. Plus, you’ll explore what it takes to become a cybersecurity analyst without any experience and how to successfully navigate your cybersecurity career.
1. Get Cybersecurity Certifications
Getting cybersecurity certifications is critical to securing any cybersecurity role. They demonstrate that you have the technical know how to do the job. “Certifications are more important than degrees in IT, and that’s even more true in cybersecurity,” said Terrell Seaines-Taylor, an IT systems engineer at edX.
If you’re looking to earn an entry-level cybersecurity position, some of the best certificates to consider are:
CompTIA Security+:The Security+ certification requires no prerequisites, which makes it truly ideal for early-career cybersecurity professionals or security administrators who are looking to transition into the cybersecurity field.
CompTIA CYSA+: The CYSA+ exam is a fairly new certificate that demonstrates an individual has mastered core cybersecurity concepts to become a cybersecurity analyst. However, keep in mind that the CYSA+ is an intermediate certification.
CompTIA Network+: Networking is a fundamental skill in cybersecurity. The Network+ certification validates that you are able to establish and maintain networks.
There are many free resources designed to help you pass whichever cybersecurity certification you choose, but ultimately you need a very strong foundation in computer science basics such as programming languages, familiarity with operating systems such as Linux, and network security. Learning all of this information from scratch can take years of experience, but fortunately, you can fast-track what you need to learn through accredited cybersecurity courses or bootcamps.
NYUx's Cybersecurity Fundamentals MicroBachelors® Program covers much of the material on the CompTIA Security+ Exam.
2. Develop soft skills
Once you have a healthy list of certifications on your resume, you’ll want to hone your soft skills. Cybersecurity professionals have to communicate with stakeholders with little technical knowledge. Imagine explaining to c-suite members of a large enterprise why they should upgrade their security systems. You’ll need excellent communication skills.
3. Network with Cybersecurity Professionals
Attending conferences and connecting with fellow professionals isn’t just about making connections, although that’s a big part of it. Another benefit of networking is staying updated on the latest trends and cybersecurity job opportunities. In a fast-paced, constantly evolving industry like this, any tool that can help you keep a finger on the pulse is worth your time and energy.
4. Gain IT Experience
It’s very common for those with IT experience to eventually make the transition into cybersecurity. If you aren’t able to land an entry-level cybersecurity job immediately, consider getting an internship or a part-time job in desktop support. Although these positions aren’t necessarily glamorous, they do help you get an understanding of how your decisions can affect a business, and teach you how to effectively communicate with non-technical people.
What Does a Cybersecurity Analyst Do?
A cybersecurity analyst scours a company’s programs, applications, security systems, networks, and more to identify any defects or flaws that could leave this information vulnerable or prone to cyber attacks. Then, they communicate with leadership and employees to improve security measures across the business.
The daily responsibilities of a cybersecurity analyst are more proactive, engineered to avoid security issues before they even happen. The job description includes:
- Developing policies, procedures, and best practices
- Training employees
- Encrypting data
- Maintaining systems, software, firewalls, and operating systems
- Monitoring networks and network access
- Risk analysis
- Ensuring compliance with regulations
- Developing security plans
- Researching the latest trends in security and IT (which are constantly evolving)
Of course, it’s also part of the job to identify and respond to external threats such as malware, ransomware, hacking, phishing, or social engineering attacks and leaking of sensitive information. There is a lot to learn, so be patient: you will have to cut your teeth before advancing to more hands-on roles like ethical hacking and penetration testing.
A penetration tester, or “pen tester,” searches digital systems and computer networks for potential vulnerabilities that could be exploited by cyber criminals. Learn more about the role and career path of this exciting and lucrative job.
“A common misconception is that it takes a long time to get started in cybersecurity and you’ve got to know a lot about everything,” said Jonathan S. Weissman, senior lecturer in the Computing Security Department at Rochester Institute of Technology (RIT) and instructor for RITx’s MicroMasters® Program in Cybersecurity.
"A common misconception is that it takes a long time to get started in cybersecurity and you've got to know a lot about everything."
“There is some degree of truth to it, but it's a gradual process. The more time you take to practice and refine your craft, the more successful you're going to be.”
How Much Does a Cybersecurity Analyst Make?
Because digital threats have grown rapidly in recent years, the job outlook is strong, with thousands of opportunities paying an average salary between $70K to $100K per year or even more. Cybersecurity positions are expected to continue on a growth trajectory, expanding by 29% by 2030.
According to the US Bureau of Labor Statistics, the median annual wage for information security analysts was $103,590 in May 2020, while network and computer systems administrators typically earn a bit less ($84,810 annually, on average, in the US).
What Skills Do Cybersecurity Analysts Need? Top Hard and Soft Cybersecurity Skills
As a cybersecurity professional, you have the option to work in a wide variety of fields: Corporate databases, banking and office networks, military intelligence, and more. But for any of these, you will need to learn critical cybersecurity hard and soft skills to succeed.
“A security mindset makes you go through the world a little bit paranoid, which is how we have to be,'' said Aspen Olmsted, adjunct professor at New York University’s Tandon School of Engineering and instructor for the Cybersecurity Fundamentals MicroBachelors® Program from NYUx.
"A security mindset makes you go through the world a little bit paranoid."
“We say in cybersecurity, ‘trust no one.’ Once you get into that mindset, you start to see vulnerabilities everywhere, and that comes back to the ethical side of it. Once you see these vulnerabilities everywhere, you can't take advantage of them. You have to have the ethical framework that your job is to make the world better, because you've opened up a lot of opportunities to cheat the system.”
What Is the Career Path for a Cybersecurity Analyst?
A typical cybersecurity career path is not linear, but it does have stepping stones.
Your cybersecurity career path will likely begin with a role like cybersecurity associate or analyst, where you’ll spend your days looking at network traffic that’s coming in from outside the organization. Other entry-level positions include cybersecurity specialist/technician, cybercrime analyst/investigator, incident analyst/responder, or even an IT auditor.
Then, you may advance to a role like penetration tester, where you will look for ways to break the systems you previously worked to build and defend. By discovering vulnerabilities, you can help your employer shore up its defenses for when the real attackers come knocking. You can also grow into roles like cybersecurity consultant, manager or administrator, cybersecurity engineer, or cybersecurity architect. At the c-suite level, you can become an information security officer.
Wherever your career path takes you, learn more about how edX courses and programs can help you get there.