As children, we often dream of what we want to do when we grow up. We don’t always get the job that we want as young children. As we grow up, however, sometimes we discover that we wouldn’t enjoy doing the things we wanted to do as children. Instead, we learn what we like and dislike, and we discover our passions and learn what we enjoy doing. From this, we truly discover what we want to do as adults. For me, I found that I am interested in and good with computers and technology, and that I enjoy coding. Following what I enjoy, I found a career that I am interested in pursuing, being an Information Security Analyst, or ISA for short. Being an ISA would be a good fit for me as it combines things I enjoy doing and allows me to protect people’s private data.
When you have an interest that you want to pursue, the best thing to do is to learn about it so you can be better informed about what it is you are interested in pursuing. There are many careers that are similar to an ISA, such as a Network Security Analyst, Digital Forensics Analyst, and Computer Network Architects (Whalen and Kruse 14; “Occupational Outlook Handbook”). These careers are in the same field and share features that led me to the ISA position, but they are different in functionality, pay, and benefits. As an ISA you are responsible for doing many different things including monitoring for security breaches, conducting penetration testing, and preparing reports documenting security breaches (“Occupational Outlook Handbook”). Other things that ISA’s typically do include installing and using software to secure data, developing security standards, and staying up to date on the latest methods attackers are using (“Occupational Outlook Handbook”). These responsibilities all revolve around keeping information secure and being transparent about what happened if an attack does occur.
Before you can get a job as an ISA, however, you need to get an education. A job in this career typically requires a bachelor’s degree in computer science, programming, or a related field. Some employers prefer you to have a Masters of Business Administration (MBA) in information systems, but this is not very common (“Occupational Outlook Handbook”). To obtain a bachelor’s degree for this career takes four years. There are many ways to get the required degree anywhere from trade schools to universities. While there are many places you can get this education, I am getting it at a university so I get a strong education and can be better prepared for the job. Many employers prefer certifications like the Certified Information Systems Security Professional (CISSP) as it validates the knowledge and best practices required for ISA’s (“Occupational Outlook Handbook”). Getting recertified isn’t necessary, or at least not for Martin, who had no mandatory recertifications but says this field still involves continually educating yourself so you can be prepared.
Now, knowing what education is required, the next thing to look at is the salary and benefits that can be expected. An entry-level position in Illinois, on average, pays about $79,000 with differences existing between cities (“Analyst Jobs in Illinois”). As you gain more experience and get promotions, the salary can increase to match the mean salary which exists around $96,000 to $111,101 (“Occupational Outlook Handbook”; “Detail Occupational Guide”). The differences in salary are based on numerous factors such as location, industry, education, and experience (“Information Security Analysts”). Location is a big factor as different states have more jobs in the field than others. Some industries pay better than others due to the sensitivity of the information with insurance, banks, manufacturers, and the medical field being among the highest paying (“Information Security Analysts”).
While pay is important, so are the benefits that you receive from your employer. Benefits are not always the same, but you can get an idea of what the benefits typically look like. Health benefits may include life insurance, long term care insurance, and other strong medical benefits (Martin). Newton said he also received a retirement program, vacation time, and sick time which are typical perks. Martin took it a step further by saying he receives decent vacation time, paid holidays, accumulating sick time, and a pension. Perks and benefits vary from employer to employer but this is what can reasonably be assumed that you will receive. However, there are dangers involved in this career path, however minor they may be. According to Martin, carpal tunnel is a very real danger involved in this career. Newton agreed with this but also said eyestrain could be a danger from looking at computer screens for long periods of time.
The next logical step is to look at what a week and day for an ISA looks like. For those working in this career, you work the typical forty-hour work week with weekends off, however, you can be on call in case of emergencies (Levin). This is expected as most jobs follow this format and being on call makes sense in case of cyber threats. No day in this field is typical and is highly dependent on specialty and employer (Levin). At a bank, you would be securing financial transactions most of the time while at a technology company you would be securing user information most of the time (Levin). For Newton, a computer programmer with the state of Illinois Department of Natural Resources, a day could be talking with a client, creating what the client wanted, and showing the finished results. A day for Martin, an Information Technology Specialist with the National Weather Service, could be anything from meetings, driving technicians to remote sites, patching systems, or many other different tasks. Although the day-to-day varies, and no day is a complete representation of this job, there is order amongst the chaos.
Like all careers, there is a good part and a difficult part. These manifest themselves in different ways for each person in each career, but by asking those in the same line of work about these challenges, you can get an idea of what they could be for you. Some things are more challenging in a profession than others, one of which is working with other people (Newton). Being at a different point in his career, Martin found that staying proficient with the changing technology is a challenge. While there are challenges in every job there are also parts of the day that make you feel good and that you enjoy the most. This can be nearly anything, but for Newton, getting a code working makes him feel the most satisfied and happy. For others, helping someone who is having trouble and helping them have a more productive day is the best part of the job (Martin).
There are many ways to get prior experience before beginning a career. Some of the best ways to gain experience come in the form of internships and apprenticeships (Whalen and Kruse 14). Both of these avenues are useful in gaining first-hand hands-on experience. Another place to gain guided experience is the job-specific training from your employer as it relates to your position and how things are to be done (Cyber Security for Dummies). Working in related fields is also a great way to gain experience and it exposes you to what your specific field might look like (“Occupational Outlook Handbook”). These aren’t the only ways to gain experience either. Martin got experience from his time in the military along with his traditional education. One way to think about having prior experience and on the job training, is that it is like the tutorial or first level of a game. You are learning what is expected and how to do it. By doing these things you begin to develop a feel for what you are expected to do.
While prior experience is useful, there are skills and personality traits that are invaluable in computer programming related fields that can’t necessarily be learned in the classroom. One such skill is the ability to be analytical so you can study systems to access risks and improve protocols efficiently (“Occupational Outlook Handbook”). Being detail-oriented is important to catch minor changes in performance (“Occupational Outlook Handbook”). Strong communication skills, being able to work with others, being logical, and being able to follow procedures are important skills to have in this career as well (Newton). These are core skills in this profession, especially the ability to communicate with and work with others. Ingenuity is important in anticipating security risks and in developing and implementing new ways to protect the system (“Occupational Outlook Handbook”). Problem-solving is another core skill in this career that you need to be successful (“Occupational Outlook Handbook”).
The ability to adapt to changing situations, communication skills, patience, extreme persistence, and assertiveness are all invaluable skills that this career demands (Martin). There are no true hard-set requirements for required skills and traits in this career, but these are some of the ones that prove to be most useful. People who enjoy puzzles, cracking codes, picking locks, intellectual competitions, or cat-and-mouse games are likely to enjoy this career due to the overlap in skills and personality traits (Whalen and Kruse 13). For example, I am Detail-oriented and possess ingenuity which means I will likely enjoy this field. I also enjoy coding and puzzles which are all signs that this is a good fit for me.
A very real question is who hires people in this field? It’s no secret that computers are everywhere and It’s also no secret that businesses use computers, but who hires ISA’s? Some of the biggest employers include legal services, manufacturers, and brokers, with other large employers including banks and healthcare (Levin; “Occupational Outlook Handbook”). These are the major employers because they store and use massive amounts of private and sensitive data. Other employers include the government, insurance, financial, and industrial industries (Martin). Although the big employers get all the attention, small businesses are just as vulnerable to attacks if not more so. This is reflected by a study done in 2019 which found that 10% of all breached small businesses were forced to shut down (Kurtz). When presented with the previous statistic, Martin said that everyone needs protecting, big and small businesses alike, including individuals. No matter how hard you try to avoid giving information to someone who will store it on a computer, it is nearly inevitable that it will be stored digitally, and it needs to be kept secure. To do that, businesses have to hire people to secure the data. Employers recognize this need, as 77% of industrial companies rank cybersecurity as a major priority, and 88% of small business owners felt their business was vulnerable to a cyber attack (Kurtz). These companies, as well as individuals, have a need for those in the computer programming field to protect their information, just in a different capacity.
The most pertinent question still remains: will I be able to find a job in this field, and will there be job security in this field in the future? The availability of jobs in this field is influenced by numerous factors. One such factor is how many businesses there are (“Occupational Outlook Handbook”). The more businesses there are the more analysts will be needed. According to Newton, the changing technology is a factor in the number of jobs in that new technology creates new job opportunities. However, with new technology comes a balancing act. With advancing technology, jobs are being created, but the automation of technology also causes people to lose their jobs (Martin). Martin also believes the economy is another factor that affects the availability of jobs. Other factors include the number of businesses and the frequency of cyber attacks (“Occupational Outlook Handbook”). If attacks increase more people will be needed to prevent them. Location is also a large factor in availability. Some locations are better than others for getting a job. Virginia is the best place to get a job in this specific career, followed by Texas, California, New York, and Florida (Levin). It stands to be said that while many factors change the availability of these jobs, the field is growing.
In this career, job security is related to growth potential. The potential growth in this field is massive and is much larger than in most fields. For this career in particular, the growth potential is an astonishing 32% which is significantly larger than the 5% growth potential for all occupations on average (“Occupational Outlook Handbook”). That number, while it is large, doesn’t capture the full story. That number is the projected change in employment from 2018 to 2028 only (“Occupational Outlook Handbook”). While this number is useful short term to predict how the field will grow, in the long term it doesn’t accurately represent predicted growth as too many unseen factors may cause it to change. That being said, the demand for ISA’s is expected to be very high, as cyber-attacks are occurring more frequently and analysts will be needed to prevent hackers from stealing critical information or causing problems in computer networks (“Occupational Outlook Handbook”).
As far as ransomware is concerned, this is unbelievably true as roughly every ten seconds a user suffers from an attack (Cyber Security for Dummies). In the face of the ever-expanding cybersecurity threat, banks, financial institutions, and other corporations will need to increase their information security capabilities (“Occupational Outlook Handbook”). More analysts will be needed to create safeguards that will satisfy patients’ concerns as the healthcare industry expands its use of electronic medical records (“Occupational Outlook Handbook”). Information, especially personal information, needs to be secured more than ever, which means more analysts are required to prevent attacks and to solve them if there is a successful attack. Currently, detecting and solving attacks takes a long time, as, on average, a cyber attack takes 170 days to detect and another 45 days to solve (Cyber Security for Dummies).
To put this into perspective, if an attack occurs on January 1st, 2020, on average it wouldn’t be detected until June 19th, and not solved until August 3rd. More people are needed desperately in this constantly growing field. The growth potential in this field is limitless, and as for the foreseeable future, the advancing technology will lead to more jobs (Martin). This field has the potential to grow forever since network security is simply never going away (Martin). The need is ever expanding and will likely be around forever as our society continues to become more technologically advanced. A quote by Lucinda Caughey, the assistant professor of computer science at LLCC, sums it all up nicely saying, “cybersecurity is a broad field with exponential growth because it covers individuals, organizations, confidentiality, the networks we use to transmit and the places we store it” (Whalen and Kruse 13). Jobs in this field are simply never going away.
While I was researching this career, I was presented with a lot of information. I found some of the information to be shocking, other information I found seemed logical and just intuitively made sense. For instance, factors that influenced wages, or job availability. This information felt natural as I found it. In the interviews, a lot of good conversations took place as it related to the career and the information gathered from them was surprising. What you have to do in this career can be intense but the benefits are strong and so is the pay. Overall, the information that I collected got me to think about data security and about what it means to do this job. There are parts of the job that I like and others that I don’t. One of the things I like about the job is the pay and benefits.
I also like that I get to help businesses or industries keep running and that I get to keep them secure. I also found that I would enjoy helping others in the field to be more productive. One thing I don’t like as much is that I would have to work together with other people. I also feel that I wouldn’t like researching to keep up on the latest methods attackers were using. The last big thing that I wouldn’t enjoy is making protocols and continually monitoring for attacks. However, there is no guarantee that I would have to do some of the things I found to be drawbacks. All that being said I do feel that I would be satisfied in this career. My research has confirmed my plans to pursue becoming an ISA because it is something I am passionate about where I can use my skills to help people.
Our editors will help you fix any mistakes and get an A+!Get started
Please check your inbox