Information Security Analysts

Trending
Low Risk
Low High

Explore safer careers (5)

Lower estimated automation risk

Computer and Information Systems Managers
14% automation risk | Minimal Risk
Pays better More jobs
14.1 pts lower View career
Why it fits

Uses security, operations, risk, standards, staffing, and technology planning in management.

Information Security Engineers
16% automation risk | Minimal Risk
More jobs
12 pts lower View career
Why it fits

Directly reuses vulnerabilities, controls, incident lessons, security architecture, and mitigation design.

Computer Systems Engineers/Architects
16% automation risk | Minimal Risk
More jobs
11.9 pts lower View career
Why it fits

Applies infrastructure and security knowledge to system design, integration, scalability, and resilience.

Security Management Specialists
10% automation risk | Minimal Risk
More jobs
17.5 pts lower View career
Why it fits

Uses risk assessment, policies, controls, audits, investigations, and security program coordination.

Information Technology Project Managers
20% automation risk | Minimal Risk
More jobs
8.4 pts lower View career
Why it fits

Applies security delivery knowledge to scope, risks, vendors, controls, and technical team coordination.

Compare this job with others
or search for another job
Share your results with friends and family.

Occupation snapshot

What does this snowflake show?
The Snowflake is a visual summary of the five badges: Automation Risk (calculated), Risk (polled), Growth, Wages and Volume. It gives you an instant snapshot of an occupations profile. The colour of the Snowflake relates to its size. The better the occupation scores in relation to others, the larger and greener the Snowflake becomes.
JOB SCORE
6.3/10
What's this?
Job Score (higher is better):

We rate jobs using four factors. These are:

- Chance of being automated
- Job growth
- Wages
- Volume of available positions

These are some key things to think about when job hunting.

Risk & user votes

Calculated automation risk

28% (Low Risk)

Low Risk (21-40%): This occupation has a lower risk of full replacement by AI, software, or robotic systems. Some tasks may be automated or assisted, but the role usually still relies on human judgement, communication, responsibility, physical adaptability, or practical decision-making.

More information on what this score is, and how it is calculated is available here.

Human strengths important in this job

These are human abilities and work contexts that are important in this occupation. They may help explain why parts of the role are harder to replace end-to-end, but they are not the only inputs into the automation score.

Thinking creatively

Quite important
Why this matters
Coming up with original ideas and designs—creating new concepts, products, systems, or artistic work. This kind of open-ended invention and taste-based judgment is harder to automate end-to-end than routine, rule-based tasks.
Jobs that also use this strength

Decision-making and problem solving

Quite important
Why this matters
Analyze information, weigh tradeoffs, and choose the best solution—especially when situations are ambiguous, high-stakes, or have real-world consequences.
Jobs that also use this strength

Developing objectives and strategies

Quite important
Why this matters
Sets long-term goals and chooses strategies and actions to reach them, weighing tradeoffs and adapting plans as conditions change.
Jobs that also use this strength

Communicating with people outside the organization

Quite important
Why this matters
Represents the organization to customers, the public, or government—handling questions, concerns, and relationship-building through conversations, writing, calls, or email.
Jobs that also use this strength

Active learning

Quite important
Why this matters
Keeps learning from new information and applying it to make better decisions now and in the future, especially when situations change.
Jobs that also use this strength
Show 1 more strength

Education and training expertise

Quite important
Why this matters
Designing and delivering instruction—adapting lessons to different learners and measuring whether training actually works.
Jobs that also use this strength

What users think

Based on 764 votes

57% chance of full automation within the next two decades

Our visitors have voted they are unsure if this occupation will be automated. However, employees may be able to find reassurance in the automated risk level we have generated, which shows 28% chance of automation.

What do you think the risk of automation is?

What is the likelihood that Information Security Analysts will be replaced by robots or artificial intelligence within the next 20 years?

Sentiment

Based on user votes over time

View sentiment trend

How opinions have changed over time

Pay & outlook

Wages

Very high paid relative to other professions

In 2024, the median annual wage for Information Security Analysts was $124,910 ($60 per hour).

The median annual wage for Information Security Analysts was 152.3% higher than the national median annual wage, which stood at $49,500.

View wage trend

Wages over time

* Data from the Bureau of Labor Statistics

Growth

Very fast growth relative to other professions

The number of 'Information Security Analysts' job openings is expected to rise 28.5% by 2034

View employment trend

Total employment, and estimated job openings

* Data from the Bureau of Labor Statistics for the period between 2023 and 2033
Updated projections are due 09-2025.

Volume

Greater range of job opportunities compared to other professions

As of 2024 there were 179,430 people employed as 'Information Security Analysts' within the United States.

This represents around 0.12% of the employed workforce across the country

Put another way, around 1 in 859 people are employed as 'Information Security Analysts'.

People also viewed

Computer Programmers Web Developers Lawyers Computer Systems Engineers/Architects Accountants and Auditors

What people are saying (20)

Leave a comment
Dave (Low)
26 Mar 2025 18:01
The human element of monitoring technology. I don't feel you can fully trust technology monitoring technology.
Old Spice (No chance)
29 Mar 2023 11:48
You can't trust AI to protect your networks, it will probably be able to get manipulated by hackers in the future.
Arjun Mepa (Moderate)
30 Sep 2023 16:39
The main reason for a SOC analyst or information security analyst role will be automated is because of alert fatigue. The current model responding doesn't work anymore especially when you have thousands of alerts to deal with. No one has the time threat detection rules to for each event or a malicious event. ML will either aim to replace or optimize this.
Bishop
12 Mar 2026 12:27
ML has always been a part of threat detection. Nothing will change in that regard. Tier 1 SOC will be automated, Tier 2, Security Engineers and Managers will not be automated due to the high stakes of the work and needing a human in the loop.
Anonymous
17 Feb 2023 21:57
In the Cyber Threat Intelligence circles automation is already occuring. My job is being replaced by automated scripts that create and generate documentation and use APIs to scrape the data. most of it will be junk and not targeted the same way as a human but hey that's what the company is doing oh and they are asking me to work with the programmer who is literally making me firable. So angry. Would avoid this role if possible.
Heather
07 Nov 2025 23:59
Attackers will find vulnerabilities with AI softwares just as they would on a normal system. AI might give a false sense of security rather than making a system actually more secure. I doubt AI will be able to protect against social engineering and the ever changing vulnerabilities/exploitations.
Musaa (Uncertain)
30 Nov 2024 23:08
As the nature of cybersecurity still requires a human keen eye and problem solving skills with some creativity, which are beyond what a machine can do right now, it's uncertain that machines will take the job of an information security analyst, as it covers many aspects.
sdsdsghds (Low)
09 Sep 2025 09:29
it's an arms race of AI vs AI. historically arms races don't tend to slow down
Jack (Low)
10 Feb 2022 23:14
Social engineering risks are highly unlikely to be detected by AI.
Richard P (Moderate)
17 Jan 2021 16:22
Could be disrupted by Quantum computers
Tom (Low)
05 Jan 2024 21:39
QC could disrupt a lot or not much. Too early to really say for sure.
Joe (Highly likely)
20 Apr 2026 14:41
AI programming, speed, and ability to find and mitigate vulnerabilities faster than any human can. It can perform these tasks and apply fixes on the spot whereas human interaction consume a great deal of time and cost to get to the same result.
James (Low)
31 Jan 2022 04:42
Unlikely. Security analysis often have to think outside the box to find novel vulnerabilities.
FD
23 Dec 2020 05:42
New regulations will force the software developing companies to create less vulnerabilities in products (at the source.) Hardware vendors will similarly have to sell networked devices with secure settings programmed in by default. This will increase the ability of automated systems to detect any remaining vulnerabilities, but will not completely remove the need for technicians to maintain, remediate, and upgrade the systems. There will still be a need to touch the hardware. Depending on individual situation, some companies will use more of AI tech than the others. We can already see something similar in the engineering, accounting, and law practice, where paralegals and drafters have not been completely replaced by software. Sole practitioners might use automation more extensively than the large corporations, but there will be a legal requirement for a human audit. In addition, location-independent digital nomads who train themselves to use the automation tools could do a lot of accurate work in a short amount of time, as independent consultants and freelancers, and do business with multiple clients. Making the choice to transition from repetitive and tedious manual work to automation, will be akin to transitioning from flintstones to nuclear power. Nuclear power still needs humans, and so will information security solutions.
Anderson Test
04 Mar 2024 04:04
Fred should be worried
frankie (Highly likely)
19 Jan 2020 14:15
Automated penetration testing
Meh
08 Aug 2023 00:51
Once "ai" models are implemented with a dash of agency/cognitive architecture to find novel vulnerabilities and models are implemented to fix those vulnerabilities in tandem, finding exploitable bugs will become increasingly difficult with little ROI for the pentesters, hunters, whatever.

It'll be a race between red and blue team businesses to implement increasingly better models. Social engineering sure, but meh honestly. Will you be able to find incredibly difficult scraps or oversights the model missed? Will it be worth the risk and investment of the pentester? Overall bleak outlook.
Fakiha (Low)
09 Mar 2020 07:14
I believe that is is less likely because mostly automatically finding vulnerabilities may be performed by AI but it will be the security analyst to enable computer do it, help it learn by giving feedback, as the result may not always be right. AI will help make task easier and fast for security analyst
Michael (Low)
30 Jan 2020 15:22
there are some areas such as malware detection and IPS , IDS that will be fully automated , but others like policy and social engineering are very hard to .
Nnaemeka Okpalaugo
10 Sep 2025 00:04
information Security Analysts help protect computer systems and data from cyber threats. They monitor networks for suspicious activity, investigate breaches, and put security measures in place to keep information safe. This role is important because it helps organizations prevent cyberattacks and protect sensitive information.
Leave a reply about this occupation
0/8000

Job description

Plan, implement, upgrade, or monitor security measures for the protection of computer networks and information. Assess system vulnerabilities for security risks and propose and implement risk mitigation strategies. May ensure appropriate security controls are in place that will safeguard digital files and vital electronic infrastructure. May respond to computer security breaches and viruses.

O*NET-SOC code: 15-1212.00