Employers and Universities: Work with us?
Cybersecurity analyst
Cybersecurity analysts protect organisations’ digital systems from security breaches, working in house for organisations in the public and private sectors as well as for agencies providing services to clients.
Also known as:
- Cybersecurity professional
- Forensic computer analyst
Work activities
The role of a cybersecurity analyst is to protect an organisation's digital infrastructure and sensitive information from online threats. They work in house for organisations in the public and private sectors as well as for agencies providing services to clients. They monitor, analyse and respond to security breaches to protect the organisation's computer systems from unauthorised access and cyber-attacks. They also look for potential vulnerabilities in their employer’s or client’s IT software, hardware and networks, and develop processes to reduce risks.
Cybersecurity analysts monitor the IT systems they are tasked with protecting, using tools and techniques such as intrusion detection systems (IDS), security information and event management (SIEM) systems, and log analysis, to detect and analyse potential threats. By staying vigilant and proactive, cybersecurity analysts can identify and respond to security incidents promptly, minimising the impact on the organisation's day-to-day activities.
As well as monitoring and incident response, cybersecurity analysts are also responsible for implementing and maintaining security measures and protocols to prevent cyber-attacks. This includes performing regular security assessments and audits, conducting penetration testing (pen testing) to identify vulnerabilities, and ensuring compliance with industry regulations and best practices.
Personal qualities and skills
As a cybersecurity analyst, you’ll need a wide range of technical and soft skills:
- Adaptability: The ability to adapt to changing security landscapes and adjust strategies accordingly.
- Analytical skills: The ability to analyse complex information and identify patterns or anomalies in data.
- Attention to detail: A keen eye for spotting potential vulnerabilities or security threats.
- Communication skills: Good verbal and written communication to communicate security issues and recommendations to both technical and non-technical audiences.
- Continuous learning mindset: Cybersecurity is a rapidly evolving field, so staying updated with the latest trends, technologies and threats is crucial.
- Ethical mindset: An understanding of the ethical implications of cybersecurity decisions and a commitment to upholding ethical standards in their work.
- Integrity: A commitment to honesty, trustworthiness, and ethical behaviour in handling sensitive information and performing cybersecurity duties.
- Problem solving: The ability to think creatively and quickly find solutions to security challenges.
- Teamwork: The ability to collaborate with other members of the cybersecurity team and other departments to achieve common security goals.
- Technical skills: Familiarity with various operating systems, networking protocols and cybersecurity tools.
Pay and opportunities
Cybersecurity analysts can expect to earn between £25,000 and £60,000 per year. Working hours are typically 37-39 hours per week, with occasional working during evenings and weekends to hit deadlines and deal with security breaches.
Employers include medium and large organisations including companies in the private sector as well as public bodies such as Government departments and the NHS. Smaller companies do not usually employ their own cybersecurity analysts; instead, they tend to employ the services of cybersecurity agencies. You could work for an agency, providing services to a range of clients. You could also work for the security services, with employers including GCHQ and MI5.
Where are vacancies advertised?
Vacancies are advertised on national and global jobs boards, sites like LinkedIn, industry websites such as Dice, and on the Government’s Find a Job service. The security services advertise opportunities on their own websites.
Entry routes and training
Apprenticeships offer a great new way into this profession, with a number of options available at different levels. An apprenticeship is a job with training and the opportunity to work towards relevant qualifications, with fees paid by your employer. Programmes include:
- Cybersecurity technician (level 3 / advanced)
- Cybersecurity technologist (level 4 / higher)
- Cybersecurity technical professional (level 6 / degree)
If you’ve got your sights set on national security, both MI5 and Government Security offer level 6 apprenticeships programmes.
University is the traditional route into a career in cybersecurity. Relevant courses include:
- Computer science
- Cybersecurity
- Digital forensics
- Forensic computing
Alternatively, you could do a degree in any subject followed by a postgraduate qualification in a related field.
GCHQ offers a £4,000 non-repayable bursary to undergraduates planning to begin a career in cybersecurity. The scheme is called the CyberFirst University Bursary.
Qualifications
To enter university in a subject such as computer since, you’ll need:
- Two or three A-levels. A qualification in computing or maths will help you secure a place on a relevant course.
- GCSEs in English, maths and potentially other subjects as well. Science subjects will stand you in good stead.
To get onto a level 4 or level 6 apprenticeship, you’ll need two relevant A-levels, which may include a subject such as computing, as well as GCSEs in English and maths. For a level 3 apprenticeship, you’ll need GCSEs in English and maths and possibly other subjects as well.
Alternatives to A-levels include:
- Edexcel (BTEC) level 3 National qualifications.
- International Baccalaureate (IB) diploma.
Adult opportunities
Age limits: It is illegal for any organisation to set age limits for entry to employment, education or training, unless they can show there is a real need to have these limits.
If you don’t have the qualifications needed to enter a degree, foundation degree or HND course, you might be able to start one after completing an Access course, for example, Access to Computer Science. You don’t usually need any qualifications to enter an Access course, although you should check this with the course provider. A foundation year before the start of a science degree or HND is available at some universities and higher education colleges for students who don’t have the A-levels usually needed for entry.
