Cybersecurity analysts protect an organization's systems and data, monitoring for threats, investigating incidents, and hardening defenses. A typical day involves reviewing security alerts, analyzing suspicious activity, and helping close vulnerabilities before they are exploited. It is one of the most accessible entry points into the broader security field.
Hard skills include networking fundamentals, operating systems (Windows and Linux), SIEM and EDR tools, log analysis, and a working grasp of common attack techniques. Familiarity with frameworks like NIST and MITRE ATT&CK helps. Soft skills: attention to detail, clear incident writeups, and staying calm under pressure during an active incident.
Certifications commonly held by cybersecurity analyst professionals, filtered to those with verified data. See the full Best Cybersecurity Certifications → Easiest to start with → Highest-paying options → Compare: CISSP vs Security+ →
| Certification | Level | Exam cost | Related roles |
|---|---|---|---|
| CCCertified in Cybersecurity | Foundational | May be FREE under active ISC2 'One Mil… | Entry-Level Cybersecurity Analyst, SOC Analyst |
| A+CompTIA A+ | Foundational | ~$253–265 per exam / ~$506–530 total (… | Help Desk Technician, IT Support Specialist |
| Network+CompTIA Network+ | Foundational | ~$369–399 voucher | Network Technician, Junior Network Administrator |
| Security+CompTIA Security+ | Foundational | ~$404–425 voucher | Information Security Analyst, Security Specialist |
| Google Cybersecurity Professional Certificate | Foundational | — | Cybersecurity Analyst, SOC Analyst |
| AI-900Microsoft Azure AI Fundamentals | Foundational | $99 USD commonly cited for Fundamental… | AI-aware Business Analyst, Junior Cloud Support |
| AZ-900Microsoft Azure Fundamentals | Foundational | ~$99 USD (price set by country/region) | Cloud Support Associate, Junior Cloud Administrator |
| GSECGIAC Security Essentials | Associate | Approximate | Security Analyst, SOC Analyst |
| AZ-104Microsoft Azure Administrator Associate | Associate | $165 USD (subject to country/region) | Azure Administrator, Cloud Administrator |
| AI-102Microsoft Azure AI Engineer Associate | Associate | $165 USD commonly shown for Microsoft … | Azure AI Engineer, AI Developer |
| AZ-204Microsoft Azure Developer Associate | Associate | $165 USD commonly shown for U.S. Micro… | Azure Developer, Cloud Developer |
| AZ-500Microsoft Azure Security Engineer Associate | Associate | $165 USD commonly shown in U.S. | Azure Security Engineer, Cloud Security Engineer |
| DP-600Microsoft Fabric Analytics Engineer Associate | Associate | $165 USD | Fabric Analytics Engineer, BI Engineer |
| SC-300Microsoft Identity and Access Administrator Associate | Associate | $165 USD | Identity and Access Administrator, IAM Analyst |
| SC-400Microsoft Information Protection and Compliance Administrator Associate | Associate | — | Information Protection Administrator, Compliance Administrator |
| PL-300Microsoft Power BI Data Analyst Associate | Associate | $165 USD | Power BI Analyst, Data Analyst |
| SC-200Microsoft Security Operations Analyst Associate | Associate | $165 USD commonly shown for Microsoft … | Security Operations Analyst, SOC Analyst |
| PSAAPractical SOC Analyst Associate | Associate | Official page shows $249 with a discou… | SOC Analyst, Security Operations Analyst |
| CCSPCertified Cloud Security Professional | Professional | — | Cloud Security Architect, Cloud Security Engineer |
| CEHCertified Ethical Hacker | Associate | — | Ethical Hacker, Penetration Tester |
| CNDCertified Network Defender | Associate | — | Network Defender, Network Security Analyst |
| CSSLPCertified Secure Software Lifecycle Professional | Professional | — | Application Security Engineer, Secure Software Developer |
| Cloud+CompTIA Cloud+ | Associate | Approximate $369 USD voucher commonly … | Cloud Engineer, Systems Administrator |
| CySA+CompTIA CySA+ | Professional | Approximate $404–425 USD voucher range | Cybersecurity Analyst, SOC Analyst |
| Linux+CompTIA Linux+ | Associate | Approximate $369–390 USD voucher range | Linux Systems Administrator, Systems Administrator |
| PenTest+CompTIA PenTest+ | Professional | Approximate $404–425 USD voucher range | Penetration Tester, Vulnerability Analyst |
| CHFIComputer Hacking Forensic Investigator | Professional | — | Digital Forensics Investigator, Incident Responder |
| eCPPTeLearnSecurity Certified Professional Penetration Tester | Professional | — | Penetration Tester, Security Consultant |
| eJPTeLearnSecurity Junior Penetration Tester | Foundational | — | Junior Penetration Tester, Cybersecurity Analyst |
| GCEDGIAC Certified Enterprise Defender | Professional | — | Enterprise Security Defender, SOC Analyst |
| GCFAGIAC Certified Forensic Analyst | Professional | Approximate | Digital Forensics Analyst, Incident Responder |
| GCIHGIAC Certified Incident Handler | Professional | Approximate | Incident Responder, SOC Analyst |
| GCIAGIAC Certified Intrusion Analyst | Professional | Approximate | Intrusion Analyst, SOC Analyst |
| GCUXGIAC Certified UNIX Security Administrator | Professional | — | Linux Security Administrator, UNIX Systems Administrator |
| GCWNGIAC Certified Windows Security Administrator | Professional | Approximate | Windows Security Administrator, Systems Administrator |
| GXPNGIAC Exploit Researcher and Advanced Penetration Tester | Expert | — | Exploit Researcher, Advanced Penetration Tester |
| GNFAGIAC Network Forensic Analyst | Professional | Approximate | Network Forensics Analyst, Incident Responder |
| GPENGIAC Penetration Tester | Professional | Approximate | Penetration Tester, Security Consultant |
| GSLCGIAC Security Leadership | Professional | — | Security Manager, Information Security Manager |
| GSTRTGIAC Strategic Planning, Policy, and Leadership | Professional | — | Security Manager, Cybersecurity Program Manager |
| GWAPTGIAC Web Application Penetration Tester | Professional | Approximate | Web App Penetration Tester, Application Security Analyst |
| HCISPPHealthCare Information Security and Privacy Practitioner | Professional | — | Healthcare Security Analyst, Healthcare Privacy Officer |
| PJPTPractical Junior Penetration Tester | Foundational | $249 exam voucher | Junior Penetration Tester, Security Analyst |
| PNPTPractical Network Penetration Tester | Professional | $499 exam voucher plus training bundle | Penetration Tester, Security Consultant |
| SAL1Security Analyst Level 1 | Foundational | From €297. Official page states €349 w… | SOC Analyst, Junior Security Analyst |
| SSCPSystems Security Certified Practitioner | Associate | — | Systems Security Administrator, Security Administrator |
| CISSPCertified Information Systems Security Professional | Expert | $749 USD (Americas / Asia Pacific | Information Security Analyst, Security Manager |
| GREMGIAC Reverse Engineering Malware | Expert | Approximate | Malware Analyst, Reverse Engineer |
| LPT MasterLicensed Penetration Tester Master | Expert | — | Senior Penetration Tester, Red Team Consultant |
| AZ-305Microsoft Azure Solutions Architect Expert | Expert | $165 USD (subject to country/region) | Cloud Architect, Azure Solutions Architect |
| AZ-400Microsoft DevOps Engineer Expert | Expert | $165 USD commonly shown for Microsoft … | DevOps Engineer, Site Reliability Engineer |
Sorted by level. Data reflects verified values where available; confirm current details on the official page.
A common path is starting in IT support or networking, then moving into a SOC analyst role. Security+ is the most widely recognized entry credential and appears in a large share of junior postings; it is often the first certification employers look for. Hands-on practice through home labs or platforms like TryHackMe strengthens an application significantly.
BLS Information Security Analysts median annual wage: $124,910 (May 2024).
Reflects the role, not any one certification. Source: U.S. Bureau of Labor Statistics.
Browse employer profiles, career portals, and hiring activity for companies that recruit cybersecurity analysts.
Browse companies →Name the tools you have actually used (Splunk, CrowdStrike, Wireshark), since ATS filters and hiring managers screen for them. Quantify impact where possible ("reduced false-positive alerts 30%"). List Security+ prominently if you hold it, and include any home-lab or CTF experience to show hands-on ability even without formal job experience.
Check how your resume reads to ATS software: ATS Resume Checker →
Expect a mix of fundamentals (explain the CIA triad, how DNS works, common attack types) and scenario questions ("You see this alert, what do you do?"). Be ready to walk through your incident-response thought process step by step. Many interviews include a practical or technical screen.
Search active cybersecurity analyst openings and track your applications in one place.
Search jobs →CompTIA Security+ is the most common entry requirement. CySA+ is a strong next step focused specifically on analyst skills.
Not always. Many analysts enter through IT experience plus Security+. A degree helps but hands-on skill and certifications carry significant weight.
It is one of the more accessible security roles, but it usually expects some IT or networking foundation first.
See the salary data below, sourced from BLS for the associated information security analyst role.
Security+ is entry-level with no experience requirement; CISSP is advanced and requires five years of experience, aimed at senior and management roles. See our CISSP vs Security+ comparison.
Track applications, verify certifications, and research employers — all in one place.