Cybersecurity Analyst

Cybersecurity analysts watch for attacks, investigate suspicious activity, and help fix weak spots before someone breaks in. A lot of it is alert triage — most alerts are nothing, until one isn't.

What Tuesday looks like

You start at 8 by checking the queue of overnight alerts in your SIEM. There are 47. Most are noise — a user logging in from a coffee shop, a misconfigured scanner. You close them one by one, writing short notes. Around 10 one alert looks weird: a service account logged in at 3 AM and pulled a chunk of files. You pivot through logs, check the endpoint, message the IT lead. It turns out to be an automated backup nobody told your team about. You document it anyway. Lunch. After lunch, a meeting about a phishing simulation that went out last week — 14% of employees clicked, and you have to help write the follow-up training. Then patch review: which systems are missing critical updates, and who do you nag. You leave at 5. The work is repetitive until suddenly it isn't, and the 'isn't' moments are stressful in a way that follows you home.

Career profile

Career shape

Tap or hover each point to explore a dimension

MeaningAutonomyWork-lifeCommunityStressAccessible

In the landscape

PayMeaning

Tap or hover any dot to identify a career

Salary range

$82K

Entry

$112K

Median

$142K

Senior

$65K floor

$175K ceiling

10-yr growth

+33%

AI reshaping

8/10 exposure

Reward profile

3 quick questions to see how this career fits the way you work.

What school costs — and when it pays off

Bachelor's degree · Four years at a public university. Costs here use the cheaper in-state rate.

The chart shows your annual salary over time alongside the annual loan repayment. The shaded band at the bottom is what goes to the loan each year — when it disappears, your full salary is yours.

Strong return

School cost fully covered by year 9, with strong earnings well beyond that.

Entry-level salary

$82K

25th percentile — what most people start at

Experienced salary

$142K

75th percentile — after ~10 years in the field

School & training cost

$80K

+ $29K interest over 10 yrs

Loan paid off

Year 14

$910/mo for 10 years

Annual salary
Loan repayment
GraduateLoan paid off$0$56K$112K$168KYr 0Yr 5Yr 10Yr 15Yr 20$88K/yr$130K/yr$142K/yr

First year of work

Gross monthly$7,333
Loan payment−$910
Left over$6,423

After loan's paid (yr 14)

Gross monthly$11,833
Take-home$11,833

Salary range reflects 25th–75th percentile nationally, growing from entry-level to experienced over 10 working years. School costs are national averages — yours will vary. Loan assumes you borrow the full amount at 6.54% interest, repaid over 10 years. Monthly figures are pre-tax.

The first years

Year 1–2: SOC Analyst (Tier 1)

You're on a Security Operations Center team, often working shifts that might include nights or weekends. Your whole job is closing alerts in the SIEM — login anomalies, antivirus pings, blocked phishing emails. You'll close hundreds a week, and 99% are nothing. Pay is usually $55K–$70K, you're learning the tools (Splunk, CrowdStrike, whatever your company uses), and most of your growth comes from asking 'why did this alert fire?' instead of just clicking close.

Year 2–4: Tier 2 Analyst

You're handling the alerts Tier 1 escalates — the ones that aren't obviously noise. You pivot through logs, pull endpoint data, talk to IT to figure out if something real happened. You also start helping with phishing simulations, patch tracking, and writing playbooks so newer analysts know what to do. Pay moves to roughly $75K–$95K. The work is more interesting but also more 'is this an incident or not, and you have to decide in the next hour.'

Year 4–5: The Specialization Fork

Around here you hit a ceiling on general alert work. To keep growing (and earning), you have to pick a lane. Each path means different certs, different daily work, and different long-term ceilings — and switching later is possible but slow.

Decision point

Do you specialize in offensive work (penetration testing, red team — you get paid to break into systems), defensive deep work (incident response, threat hunting, forensics — you investigate real breaches), or governance (risk, compliance, audit — less technical, more meetings and frameworks like SOC 2 and ISO 27001)? Pen testing pays well and feels exciting but is contract-heavy and burns people out. IR pays well but you're on-call when bad things happen. GRC is steadier, less stressful, and the path most people don't think about at 22.

Year 5–7: Senior Analyst or Specialist

Whichever path you picked, you're now the person junior analysts ping with questions. If you went IR, you're leading investigations when something real happens and writing the post-mortem. If you went pen testing, you're running engagements and writing reports clients actually read. If you went GRC, you're managing audits and translating security to executives. Pay is $110K–$140K depending on city and path. The grind shifts from volume to weight — fewer tickets, but the ones you touch matter more, and the AI tools handling Tier 1 work mean you're expected to do the thinking machines still can't.

The path in

01
Bachelor's degreeMost common

Cybersecurity · Computer Science · Information Technology · Information Systems

4 years·$40K–$200K total

The most common route — employers often list a bachelor's as a baseline, though what really gets you hired is hands-on practice (CTFs, home labs, internships) plus certs like Security+ or CySA+. Many grads start in IT help desk or SOC analyst roles before specializing.

02
Associate degree + certifications

Cybersecurity · Network Administration · Information Technology

2 years + ongoing certs·$6K–$20K total

A real entry route, especially through community colleges in the NSA/DHS 'Centers of Academic Excellence' program. You'll usually need to stack industry certs (Security+, Network+, CySA+) and start in help desk or junior SOC roles to move up.

03
Certifications + self-taughtEmerging

CompTIA Security+ · CySA+ · CEH · Google Cybersecurity Certificate

6 months–2 years·$300–$5K

Growing route for career-changers and self-starters. You build skills through TryHackMe, HackTheBox, and home labs, then prove them with certs. Harder to land your first job without a degree, but doable if you can show real projects and network into IT roles first.

04
Military cyber roles

Cyber Operations Specialist (17C) · Cryptologic Technician Networks · Cyber Warfare Officer

4–6 year enlistment·Paid + GI Bill benefits

The military trains cyber operators from scratch and you leave with a clearance — which is worth a lot in this field. Many federal contractors specifically recruit veterans with cyber MOSs.

Known for this field

Carnegie Mellon UniversityInformation Security (CyLab)

Home to CyLab, one of the most respected cybersecurity research centers in the world. CMU's CTF team (PPP) is legendary.

Georgia Institute of TechnologySchool of Cybersecurity and Privacy

Top-ranked CS program with a dedicated cybersecurity school. Strong industry pipeline and affordable in-state tuition.

University of Maryland — College ParkAdvanced Cybersecurity Experience for Students (ACES)

Right next to NSA and federal cyber agencies — huge internship pipeline. ACES is a dedicated living-learning cyber honors program.

United States Air Force AcademyComputer Science — Cyber Warfare Track

Free education, guaranteed cyber role on graduation, top-tier clearance. NSA-designated Center of Academic Excellence.

Purdue UniversityCybersecurity (CERIAS)

CERIAS is one of the oldest cybersecurity research centers. Strong recruiting from federal agencies and big tech.

Rochester Institute of TechnologyBS in Cybersecurity

One of the first dedicated cyber undergrad degrees. Mandatory co-op program means you graduate with a year of real work experience.

Western Governors UniversityBS Cybersecurity and Information Assurance

Competency-based and affordable (~$4K/term, unlimited courses). Degree includes ~10 industry certs baked in. Popular with career-changers.

Whatcom Community CollegeCybersecurity AAS (National CyberWatch Center)

Hosts the National Cybersecurity Training & Education Center — a model NSA-designated CC program with transfer paths to four-year schools.

Related paths