Summary Report for:
15-1122.00 - Information Security Analysts
Plan, implement, upgrade, or monitor security measures for the protection of computer networks and information. May ensure appropriate security controls are in place that will safeguard digital files and vital electronic infrastructure. May respond to computer security breaches and viruses.
Sample of reported job titles: Computer Security Specialist, Computer Specialist, Data Security Administrator, Information Security Analyst, Information Security Manager, Information Security Officer, Information Security Specialist, Information Systems Security Analyst, Information Technology Security Analyst, Information Technology Specialist
Tasks | Tools & Technology | Knowledge | Skills | Abilities | Work Activities | Detailed Work Activities | Work Context | Job Zone | Education | Credentials | Interests | Work Styles | Work Values | Related Occupations | Wages & Employment | Job Openings | Additional Information
- Encrypt data transmissions and erect firewalls to conceal confidential information as it is being transmitted and to keep out tainted digital transfers.
- Develop plans to safeguard computer files against accidental or unauthorized modification, destruction, or disclosure and to meet emergency data processing needs.
- Review violations of computer security procedures and discuss procedures with violators to ensure violations are not repeated.
- Monitor use of data files and regulate access to safeguard information in computer files.
- Monitor current reports of computer viruses to determine when to update virus protection systems.
- Modify computer security files to incorporate new software, correct errors, or change individual access status.
- Perform risk assessments and execute tests of data processing system to ensure functioning of data processing activities and security measures.
- Confer with users to discuss issues such as computer data access needs, security violations, and programming changes.
- Train users and promote security awareness to ensure system security and to improve server and network efficiency.
- Coordinate implementation of computer system plan with establishment personnel and outside vendors.
- Document computer security and emergency measures policies, procedures, and tests.
- Maintain permanent fleet cryptologic and carry-on direct support systems required in special land, sea surface and subsurface operations.
Tools & Technology
Tools used in this occupation:
- Desktop computers
- Mainframe computers
- Network analyzers — Local area network LAN analyzers
- Notebook computers
- Protocol analyzers
Technology used in this occupation:
- Access software — Access management software; Citrix software; IBM Tivoli Access Management TAM
- Analytical or scientific software — SAS software
- Authentication server software — Akoura SmartToken; Diameter *; IBM Tivoli Identity Management TIM; Remote authentication dial-in user service RADIUS software (see all 5 examples)
- Backup or archival software — Backup and archival software; System and data disaster recovery software
- Charting software — Microsoft Office Visio
- Configuration management software — Automated installation software; Patch and update management software
- Data base management system software — Microsoft SQL Server; MySQL software; Oracle software
- Data base user interface and query software — Microsoft Access; Structured query language SQL
- Desktop communications software — Secure shell SSH software
- Development environment software — C; Microsoft .NET Framework
- Document management software — Microsoft Office SharePoint Server MOSS
- Electronic mail software — Email software
- Enterprise application integration software — Extensible markup language XML
- Enterprise resource planning ERP software — SAP software
- Enterprise system management software — ArcSight Enterprise Threat and Risk Management; Splunk
- Filesystem software — Computer forensic software
- Internet directory services software — Active directory software; Berkeley Internet Domain Name BIND software; Domain name system DNS software; Network directory services software
- License management software
- Network monitoring software — Cisco Systems CiscoWorks software; Hewlett-Packard HP OpenView software; Sun Microsystems NetManage; Wireshark (see all 10 examples)
- Network security and virtual private network VPN equipment software — Cryptographic key management software; Firewall software
- Network security or virtual private network VPN management software — Intrusion prevention system IPS software; Network and system vulnerability assessment software; Network security auditing software; Snort intrusion detection technology (see all 6 examples)
- Object or component oriented development software — C#; C++; Oracle Java; Python (see all 5 examples)
- Office suite software — Microsoft Office software
- Operating system software — Linux; Microsoft Windows; UNIX
- Point of sale POS software — Smart card management software
- Presentation software — Microsoft PowerPoint
- Program testing software — Conformance and validation testing software; System testing software
- Project management software — Microsoft Project
- Spreadsheet software — Microsoft Excel
- Transaction security and virus protection software — Honeypot; McAfee VirusScan; Ping Identity software; Stack smashing protection SSP software (see all 18 examples)
- Word processing software — Microsoft Word
* Software developed by a government agency and/or distributed as freeware or shareware.
- Computers and Electronics — Knowledge of circuit boards, processors, chips, electronic equipment, and computer hardware and software, including applications and programming.
- Telecommunications — Knowledge of transmission, broadcasting, switching, control, and operation of telecommunications systems.
- Administration and Management — Knowledge of business and management principles involved in strategic planning, resource allocation, human resources modeling, leadership technique, production methods, and coordination of people and resources.
- English Language — Knowledge of the structure and content of the English language including the meaning and spelling of words, rules of composition, and grammar.
- Education and Training — Knowledge of principles and methods for curriculum and training design, teaching and instruction for individuals and groups, and the measurement of training effects.
- Engineering and Technology — Knowledge of the practical application of engineering science and technology. This includes applying principles, techniques, procedures, and equipment to the design and production of various goods and services.
- Public Safety and Security — Knowledge of relevant equipment, policies, procedures, and strategies to promote effective local, state, or national security operations for the protection of people, data, property, and institutions.
- Communications and Media — Knowledge of media production, communication, and dissemination techniques and methods. This includes alternative ways to inform and entertain via written, oral, and visual media.
- Customer and Personal Service — Knowledge of principles and processes for providing customer and personal services. This includes customer needs assessment, meeting quality standards for services, and evaluation of customer satisfaction.
- Critical Thinking — Using logic and reasoning to identify the strengths and weaknesses of alternative solutions, conclusions or approaches to problems.
- Reading Comprehension — Understanding written sentences and paragraphs in work related documents.
- Complex Problem Solving — Identifying complex problems and reviewing related information to develop and evaluate options and implement solutions.
- Speaking — Talking to others to convey information effectively.
- Active Listening — Giving full attention to what other people are saying, taking time to understand the points being made, asking questions as appropriate, and not interrupting at inappropriate times.
- Writing — Communicating effectively in writing as appropriate for the needs of the audience.
- Judgment and Decision Making — Considering the relative costs and benefits of potential actions to choose the most appropriate one.
- Time Management — Managing one's own time and the time of others.
- Active Learning — Understanding the implications of new information for both current and future problem-solving and decision-making.
- Monitoring — Monitoring/Assessing performance of yourself, other individuals, or organizations to make improvements or take corrective action.
- Systems Analysis — Determining how a system should work and how changes in conditions, operations, and the environment will affect outcomes.
- Management of Personnel Resources — Motivating, developing, and directing people as they work, identifying the best people for the job.
- Systems Evaluation — Identifying measures or indicators of system performance and the actions needed to improve or correct performance, relative to the goals of the system.
- Coordination — Adjusting actions in relation to others' actions.
- Instructing — Teaching others how to do something.
- Negotiation — Bringing others together and trying to reconcile differences.
- Operation Monitoring — Watching gauges, dials, or other indicators to make sure a machine is working properly.
- Quality Control Analysis — Conducting tests and inspections of products, services, or processes to evaluate quality or performance.
- Service Orientation — Actively looking for ways to help people.
- Social Perceptiveness — Being aware of others' reactions and understanding why they react as they do.
- Written Comprehension — The ability to read and understand information and ideas presented in writing.
- Oral Comprehension — The ability to listen to and understand information and ideas presented through spoken words and sentences.
- Problem Sensitivity — The ability to tell when something is wrong or is likely to go wrong. It does not involve solving the problem, only recognizing there is a problem.
- Deductive Reasoning — The ability to apply general rules to specific problems to produce answers that make sense.
- Inductive Reasoning — The ability to combine pieces of information to form general rules or conclusions (includes finding a relationship among seemingly unrelated events).
- Oral Expression — The ability to communicate information and ideas in speaking so others will understand.
- Information Ordering — The ability to arrange things or actions in a certain order or pattern according to a specific rule or set of rules (e.g., patterns of numbers, letters, words, pictures, mathematical operations).
- Near Vision — The ability to see details at close range (within a few feet of the observer).
- Speech Clarity — The ability to speak clearly so others can understand you.
- Written Expression — The ability to communicate information and ideas in writing so others will understand.
- Category Flexibility — The ability to generate or use different sets of rules for combining or grouping things in different ways.
- Speech Recognition — The ability to identify and understand the speech of another person.
- Flexibility of Closure — The ability to identify or detect a known pattern (a figure, object, word, or sound) that is hidden in other distracting material.
- Selective Attention — The ability to concentrate on a task over a period of time without being distracted.
- Perceptual Speed — The ability to quickly and accurately compare similarities and differences among sets of letters, numbers, objects, pictures, or patterns. The things to be compared may be presented at the same time or one after the other. This ability also includes comparing a presented object with a remembered object.
- Interacting With Computers — Using computers and computer systems (including hardware and software) to program, write software, set up functions, enter data, or process information.
- Getting Information — Observing, receiving, and otherwise obtaining information from all relevant sources.
- Analyzing Data or Information — Identifying the underlying principles, reasons, or facts of information by breaking down information or data into separate parts.
- Evaluating Information to Determine Compliance with Standards — Using relevant information and individual judgment to determine whether events or processes comply with laws, regulations, or standards.
- Communicating with Supervisors, Peers, or Subordinates — Providing information to supervisors, co-workers, and subordinates by telephone, in written form, e-mail, or in person.
- Identifying Objects, Actions, and Events — Identifying information by categorizing, estimating, recognizing differences or similarities, and detecting changes in circumstances or events.
- Processing Information — Compiling, coding, categorizing, calculating, tabulating, auditing, or verifying information or data.
- Documenting/Recording Information — Entering, transcribing, recording, storing, or maintaining information in written or electronic/magnetic form.
- Monitor Processes, Materials, or Surroundings — Monitoring and reviewing information from materials, events, or the environment, to detect or assess problems.
- Updating and Using Relevant Knowledge — Keeping up-to-date technically and applying new knowledge to your job.
- Making Decisions and Solving Problems — Analyzing information and evaluating results to choose the best solution and solve problems.
- Organizing, Planning, and Prioritizing Work — Developing specific goals and plans to prioritize, organize, and accomplish your work.
- Interpreting the Meaning of Information for Others — Translating or explaining what information means and how it can be used.
- Thinking Creatively — Developing, designing, or creating new applications, ideas, relationships, systems, or products, including artistic contributions.
- Establishing and Maintaining Interpersonal Relationships — Developing constructive and cooperative working relationships with others, and maintaining them over time.
- Communicating with Persons Outside Organization — Communicating with people outside the organization, representing the organization to customers, the public, government, and other external sources. This information can be exchanged in person, in writing, or by telephone or e-mail.
- Performing Administrative Activities — Performing day-to-day administrative tasks such as maintaining information files and processing paperwork.
- Developing Objectives and Strategies — Establishing long-range objectives and specifying the strategies and actions to achieve them.
- Estimating the Quantifiable Characteristics of Products, Events, or Information — Estimating sizes, distances, and quantities; or determining time, costs, resources, or materials needed to perform a work activity.
- Monitoring and Controlling Resources — Monitoring and controlling resources and overseeing the spending of money.
- Training and Teaching Others — Identifying the educational needs of others, developing formal educational or training programs or classes, and teaching or instructing others.
- Provide Consultation and Advice to Others — Providing guidance and expert advice to management or other groups on technical, systems-, or process-related topics.
- Coordinating the Work and Activities of Others — Getting members of a group to work together to accomplish tasks.
- Inspecting Equipment, Structures, or Material — Inspecting equipment, structures, or materials to identify the cause of errors or other problems or defects.
- Scheduling Work and Activities — Scheduling events, programs, and activities, as well as the work of others.
Detailed Work Activities
- Test computer system operations to ensure proper functioning.
- Implement security measures for computer or information systems.
- Coordinate project activities with other personnel or departments.
- Collaborate with others to resolve information technology issues.
- Develop computer or information security policies or procedures.
- Update knowledge about emerging industry or technology trends.
- Troubleshoot issues with computer applications or systems.
- Monitor the security of digital information.
- Train others in computer interface or software use.
- Document operational procedures.
- Electronic Mail — 100% responded “Every day.”
- Face-to-Face Discussions — 94% responded “Every day.”
- Contact With Others — 85% responded “Constant contact with others.”
- Indoors, Environmentally Controlled — 90% responded “Every day.”
- Importance of Being Exact or Accurate — 67% responded “Extremely important.”
- Work With Work Group or Team — 64% responded “Extremely important.”
- Spend Time Sitting — 59% responded “More than half the time.”
- Impact of Decisions on Co-workers or Company Results — 35% responded “Very important results.”
- Freedom to Make Decisions — 67% responded “Some freedom.”
- Structured versus Unstructured Work — 72% responded “Some freedom.”
- Letters and Memos — 54% responded “Every day.”
- Coordinate or Lead Others — 38% responded “Extremely important.”
- Duration of Typical Work Week
- Frequency of Decision Making — 43% responded “Every day.”
- Importance of Repeating Same Tasks — 52% responded “Extremely important.”
- Responsibility for Outcomes and Results — 49% responded “Moderate responsibility.”
- Time Pressure — 33% responded “Every day.”
- Spend Time Using Your Hands to Handle, Control, or Feel Objects, Tools, or Controls
|Title||Job Zone Four: Considerable Preparation Needed|
|Education||Most of these occupations require a four-year bachelor's degree, but some do not.|
|Related Experience||A considerable amount of work-related skill, knowledge, or experience is needed for these occupations. For example, an accountant must complete four years of college and work for several years in accounting to be considered qualified.|
|Job Training||Employees in these occupations usually need several years of work-related experience, on-the-job training, and/or vocational training.|
|Job Zone Examples||Many of these occupations involve coordinating, supervising, managing, or training others. Examples include accountants, sales managers, database administrators, teachers, chemists, art directors, and cost estimators.|
|SVP Range||(7.0 to < 8.0)|
Percentage of Respondents
|Education Level Required|
This occupation may require a background in the following science, technology, engineering, and mathematics (STEM) educational disciplines:
Interest code: CIR
- Conventional — Conventional occupations frequently involve following set procedures and routines. These occupations can include working with data and details more than with ideas. Usually there is a clear line of authority to follow.
- Investigative — Investigative occupations frequently involve working with ideas, and require an extensive amount of thinking. These occupations can involve searching for facts and figuring out problems mentally.
- Realistic — Realistic occupations frequently involve work activities that include practical, hands-on problems and solutions. They often deal with plants, animals, and real-world materials like wood, tools, and machinery. Many of the occupations require working outside, and do not involve a lot of paperwork or working closely with others.
- Integrity — Job requires being honest and ethical.
- Analytical Thinking — Job requires analyzing information and using logic to address work-related issues and problems.
- Initiative — Job requires a willingness to take on responsibilities and challenges.
- Stress Tolerance — Job requires accepting criticism and dealing calmly and effectively with high stress situations.
- Dependability — Job requires being reliable, responsible, and dependable, and fulfilling obligations.
- Attention to Detail — Job requires being careful about detail and thorough in completing work tasks.
- Persistence — Job requires persistence in the face of obstacles.
- Self Control — Job requires maintaining composure, keeping emotions in check, controlling anger, and avoiding aggressive behavior, even in very difficult situations.
- Adaptability/Flexibility — Job requires being open to change (positive or negative) and to considerable variety in the workplace.
- Cooperation — Job requires being pleasant with others on the job and displaying a good-natured, cooperative attitude.
- Leadership — Job requires a willingness to lead, take charge, and offer opinions and direction.
- Achievement/Effort — Job requires establishing and maintaining personally challenging achievement goals and exerting effort toward mastering tasks.
- Independence — Job requires developing one's own ways of doing things, guiding oneself with little or no supervision, and depending on oneself to get things done.
- Innovation — Job requires creativity and alternative thinking to develop new ideas for and answers to work-related problems.
- Social Orientation — Job requires preferring to work with others rather than alone, and being personally connected with others on the job.
- Concern for Others — Job requires being sensitive to others' needs and feelings and being understanding and helpful on the job.
- Working Conditions — Occupations that satisfy this work value offer job security and good working conditions. Corresponding needs are Activity, Compensation, Independence, Security, Variety and Working Conditions.
- Independence — Occupations that satisfy this work value allow employees to work on their own and make decisions. Corresponding needs are Creativity, Responsibility and Autonomy.
- Support — Occupations that satisfy this work value offer supportive management that stands behind employees. Corresponding needs are Company Policies, Supervision: Human Relations and Supervision: Technical.
Wages & Employment Trends
|Median wages (2014)||$42.74 hourly, $88,890 annual|
|Employment (2012)||75,000 employees|
|Projected growth (2012-2022)||Much faster than average (22% or higher)|
|Projected job openings (2012-2022)||39,200|
|Top industries (2012)|
Source: Bureau of Labor Statistics 2014 wage data and 2012-2022 employment projections . "Projected growth" represents the estimated change in total employment over the projections period (2012-2022). "Projected job openings" represent openings due to growth and replacement.
Job Openings on the Web
Sources of Additional Information
Disclaimer: Sources are listed to provide additional information on related jobs, specialties, and/or industries. Links to non-DOL Internet sites are provided for your convenience and do not constitute an endorsement.
- Information Security Analysts . Bureau of Labor Statistics, U.S. Department of Labor. Occupational Outlook Handbook, 2014-15 Edition.
- Computing Technology Industry Association (CompTIA) , 1815 S. Meyers Rd., Suite 300, Oakbrook Terrace, IL 60181-5228. Phone: (630) 678-8300. Fax: (630) 268-1384.