253-235-9172 for questions



Information Security Officer Career Guide

An information security officer – sometimes called an information security manager or an information system manager – protects an organization’s Information Technology (IT) programs from internal and external threats. Specifically, they are charged with the task of making sure viruses, spyware, bots, or other harmful programs are not used to compromise an organization’s computer system.

Information Security Officer Description, Duties, and Common Tasks

Information security officers monitor the organization’s IT system to look for threats to security, establish protocols for identifying and neutralizing threats, and maintain updated anti-virus software to block threats. They are responsible for setting the computer usage protocols for their organization, for facilitating training on minimizing threats to the IT system, and for determining which types of software the organization should use. Information security analysts investigate cases where the IT system has been compromised and take the appropriate action to resolve the problem. Information security analysts work in both the public and the private sectors. Since the nature of their work involves working with computer systems, they work in clean, climate controlled environments and must be able to sit for long periods of time.

How to Become An Information Security Officer: Requirements and Qualifications

Information security analysts generally must have a minimum of a bachelor’s degree in computer science, computer programming, computer engineering, or a similar area. A graduate degree in business administration with an information systems concentration may be a requirement for employment with some organizations. In addition, security officers must attend regular continuing education courses to stay abreast of rapidly changing technology and threats.

Information Security Officer Job Training

Information security is an advanced position, not an entry-level job. Information security analysts typically must have previous experience working in a computer-related position, such as a computer technician, a network administrator, or a systems administrator.

Other Helpful Skills and Experience

Employers generally look favorably on information security analyst candidates who hold an advanced degree, such as a master’s degree in business administration (MBA) with a concentration in information systems. Experience working in a computer-related field is generally necessary before obtaining a position as an information security analyst. Information security analysts can also earn certification to increase their chances of securing a position in the field.

Examples of Possible Job Titles for this Career

  • Information security analyst
  • Information security investigator
  • Information security officer

Career Opportunities and Employers

Information security analysts with experience and an advanced degree, such as an MBA with an information systems specialization, may find advancement opportunities as a chief security officer, an information technology manager, or an information systems manager. Any organization – including the federal and the local government agencies, banks, healthcare organizations, retail stores, and educational institutions – that has a computer system must have the data of its clients and employees protected. As a result, many hire information security analysts.

Information Security Officer Salary and Outlook

As computer technology continues to spread to all aspects of the personal and professional world, the job outlook for information security officers is positive. The US Bureau of Labor Statistics (BLS) reports that information security analysts earn a median salary of $90,120 per year.1 Information security analyst employment is expected to grow much faster than the average occupation, with 18% growth during the decade from 2014 to 2024.1

Frequently Asked Questions About This Career

What kind of schedule do information security investigators work?

Information security analysts generally work full time. Some organizations may require analysts to be on call to respond to emergencies.

Is it possible to work for oneself as an information security analyst?

It is possible but not common to be a self-employed consultant working in information security.

Where are the highest paid opportunities for information security analysts?

According to the BLS, information security analysts earn the highest salaries in the San Jose, California metropolitan area, with a reported average of $127,530 per year.2 Other top-paying metropolitan areas include New York City, Washington DC, and Newark, New Jersey.

What kind of certification is available?

Information security officers can earn general certification as a Certified Information Systems Security Professional (CISSP), which is recognized worldwide.

What does the CISSP exam cover?

Individuals who want to earn certification as a Certified Information Systems Security Professional must first pass an exam, which includes such topics as access control, cryptography, information security governance and risk management, and operations security.

Additional Resources

Featured Online Criminal Justice Schools

Searching for Schools...
Matching School Ads

Related Careers

Research more private-sector, criminal justice careers:

1. US Bureau of Labor Statistics Occupational Outlook Handbook, Information Security Analysts: https://www.bls.gov/ooh/computer-and-information-technology/information-security-analysts.htm
2. US Bureau of Labor Statistics Occupational Employment and Wages, May 2015, Information Security Analysts: https://www.bls.gov/oes/current/oes151122.htm