Information Security Officer Career Guide
An information security officer – sometimes called an information security manager or an information system manager – protects an organization's Information Technology (IT) programs from internal and external threats. Specifically, IT officers are charged with the task of making sure viruses, spyware, bots, or other harmful programs are not used to compromise an organization's computer system. Information security analysts with experience and an advanced degree, such as an MBA with an information systems specialization, may find advancement opportunities as a chief security officer, an information technology manager, or an information systems manager. Any organization, including federal and local government agencies, banks, healthcare organizations, retail stores, and educational institutions, that has a computer system must actively protect the data of its clients and employees. As a result, many hire information security analysts.
Career Description, Duties, and Common Tasks
Information security officers monitor the organization's IT system to look for threats to security, establish protocols for identifying and neutralizing threats, and maintain updated anti-virus software to block threats. They are responsible for setting the computer usage protocols for their organization, for facilitating training on minimizing threats to the IT system, and for determining which types of software the organization should use. Information security analysts investigate cases where the IT system has been compromised and take the appropriate action to resolve the problem. Information security analysts work in both the public and the private sectors. Since the nature of their work involves working with computer systems, they work in clean, climate-controlled environments and must be able to sit for long periods of time.
Steps for Becoming an Information Security Officer
According to the Bureau of Labor Statistics, information security analysts must typically have a minimum of a bachelor's degree in a field like computer science, computer programming, or computer engineering. A graduate degree, or more specifically a Master of Business Administration (MBA) in Information Systems, may be a requirement (or at least preferred) for employment with some organizations. In addition, security officers must attend regular continuing education courses to stay abreast of rapidly changing technology and threats. To become an information security analyst, you should expect to undergo some version of the steps below:
- Accumulate the required education and/or acquire experience in a related field.*
- Apply for an available information security analyst position.
- Be interviewed.
- Complete a background check and drug test.*
- Get hired as an information security officer.
- Get trained on the job once hired.
*See the requirements for a specific job for more information.
Information Security Officer Job Training
Positions in information security are advanced ones, not entry-level jobs. Information security analysts typically must have previous experience working in a computer-related position, such as a computer technician, a network administrator, or a systems administrator. Still, they will receive some on-the-job training after being hired to be able to successfully complete their assigned tasks.
Other Helpful Skills and Experience
Employers generally look favorably on information security analyst candidates who hold an advanced degree, such as a master's degree in business administration (MBA) with a concentration in information systems. Experience working in a computer-related field is generally necessary before obtaining a position as an information security analyst. Information security analysts can also earn certification to increase their chances of securing a position in the field.
Possible Job Titles for This Career
- Information Security Analyst
- Information Security Investigator
- Information Security Officer
Information Security Officer Salary and Outlook
As computer technology continues to spread to all aspects of the personal and professional world, the job outlook for information security officers is positive. The Bureau of Labor Statistics (BLS) reports that information security analysts earn a median salary of $95,510 per year.1 Information security analyst employment is expected to grow much faster than the average occupation, with 28% growth during the decade from 2016 to 2026.1
Since you are interested in a career as an information security officer, you may want to research more private-sector, criminal justice careers:
Frequently Asked Questions
Question: What kind of schedule do information security investigators work?
Answer: Information security analysts generally work full time. Some organizations may require analysts to be on call to respond to emergencies.
Question: Is it possible to work for oneself as an information security analyst?
Answer: It is possible but not common to be a self-employed consultant working in information security.
Question: Where are the highest paid opportunities for information security analysts?
Answer: According to the BLS, information security analysts earn the highest salaries in the New York-Newark-Jersey City metropolitan area, with a reported average of $128,420 per year.2 Other top-paying metropolitan areas include Waynesboro, Pennsylvania, San Jose, California, and Midland, Michigan.
Question: What kind of certification is available?
Answer: Information security officers can earn general certification as a Certified Information Systems Security Professional (CISSP), which is recognized worldwide.
Question: What does the CISSP exam cover?
Answer: Individuals who want to earn certification as a Certified Information Systems Security Professional must first pass an exam, which includes such topics as access control, cryptography, information security governance and risk management, and operations security.
- (ISC)2: The Certified Information Systems Security Professional certification can open the door to employment with some employers.
- High Technology Crime Investigation Association: A membership and education resource focused on high technology crimes (those that involve electronic and digital technologies).
- Information Systems Security Association: A global resource for information security analysts.
- International Association of Privacy Professionals: A policy-neutral, not-for-profit association for information security professionals.
1. Bureau of Labor Statistics Occupational Outlook Handbook, Information Security Analysts: https://www.bls.gov/ooh/computer-and-information-technology/information-security-analysts.htm
2. Bureau of Labor Statistics Occupational Employment and Wages, May 2018, Information Security Analysts: https://www.bls.gov/oes/current/oes151122.htm