General security

Degree vs. certification: Entry-level cybersecurity analyst

August 28, 2019 by Greg Belding

Introduction

As with many things in life, there is more than one way to get to where you want to go. Becoming an entry-level cybersecurity analyst is no different. With some experts saying a degree is the way to go and others saying certification is the preferable option, which is best for you? 

This article will detail the differences between using a degree versus using a certification to get your foot in the door for an entry-level cybersecurity analyst role. It will explore the different degree and certification options available to budding cybersecurity analysts just beginning their career and will close with some tips for how to get started in this role.


What is a cybersecurity analyst?

Cybersecurity analysts are an interesting role, in that it combines many information security skill sets and responsibilities into one well-rounded package. This role has the goal of developing stronger information security by analyzing and assessing weaknesses and vulnerabilities within an organization’s IT environment — from hardware to software, networks and potentially even devices if needed. 

Cybersecurity analysts conduct risk analyses, perform vulnerability management activities and use network visibility of networks to identify potential attacks, and use a peppering of penetration testing skills. As you can see, it takes more than a baseline level of skill to successfully perform this role.

Cybersecurity analyst degrees

Many experts agree that earning a bachelor’s degree is the minimum level of education required to be a cybersecurity analyst. Some even go so far as to say that a master’s degree is what candidates will want because it demonstrates a more advanced skill set. 

One important thing to remember is that there is no one degree that will get you this job, but there are some recurring favorites among cybersecurity analyst candidates. Some popular choices of degrees include a bachelor’s in information security, computer science, math, physical science (of some kind), cybersecurity (although rare, it does exist) and information systems. 

Some say that a master’s degree will be required to earn this role; however, experts are split as to whether this is absolutely needed. I would add that furthering your education generally will not hurt your chances of gaining employment, so if you want to spend the time and money earning a master’s, go for it. Examples of possible master’s degrees include cybersecurity, information security and computer science.

Cybersecurity analyst certifications

The other side of the debate believes that certifications are what is really required. This may be based on the fact that it takes a substantial amount of experience to be a truly competent and useful cybersecurity analyst. 

From my experience, certifications are generally more representative of what you will encounter on the job. More to be said on this later. It should be noted that certifications are generally more on target with the subject matter of being a cybersecurity analyst.

There are different degrees that will be useful in helping you earn this role and are explored below.

Security+

Hosted by CompTIA, Security+ is an entry-level information security certification that will expose you to solid, vendor-neutral course material that will help you as a cybersecurity analyst. 

This certification exam covers six domains of knowledge: threats, attacks and vulnerabilities, technologies and tools, architecture and design, identity and access management, risk management, and cryptography and PKI. This certification is among the most-requested for this role and is considered the most important of entry-level cybersecurity certifications.

GIAC®️ Security Essentials Certification (GSEC)

GSEC, offered by GIAC, will certify that you have the fundamental skills to work in an entry-level information security or cybersecurity role. Candidates are tested on attack detection and prevention, defense in depth, secure communications, foundational security for Windows and Linux and networking concepts. 

This is my choice for the best certification for those in cybersecurity that are still learning the basics. Everyone has to start somewhere.

Certified Ethical Hacker

The CEH or Certified Ethical Hacker, offered by EC-Council, certifies that the holder has the same knowledge and tools that malicious hackers use. Certification holders then take this skill set and can use it legitimately, and with permission from the organization, to test said organization’s security. 

This is performed so the organization can identify where their security needs to be tightened before malicious hackers do. The level of understanding of the adversary can go miles in cybersecurity analysis and follows the adage of “know your enemy.” 

Tips

One of the most important tips is that there is no one way to become a cybersecurity analyst, and there is no one degree or certification that will get you there either. I would say having a degree or certification makes you more likely to get a job as an entry-level cybersecurity analyst than someone with little experience and no degree or certification, but that isn’t saying much. Some can even earn this position on experience alone.

The best tip is to sell yourself well. I’m not talking about making up experience you do not have, but rather presenting your resume in a way which shows that, although you are technically entry-level, you have the skills they desire. On your resume, add as many internships as you can and really write up those skills you earned — and don’t forget the degree or certification either!

Conclusion

Those seeking an entry-level position as a cybersecurity analyst will need a degree or certification to earn this role. There are several degrees and certifications that you can earn, but the best option is to earn both a degree and at least one certificate and to pick up as many cybersecurity analyst skills through internships or helping out as you can. 

So should you choose a degree or a certification? It does not matter, as long as you absorb the knowledge and skills and get at least some experience. 

 

Sources

  1. Cybersecurity Career Pathway, CyberSeek
  2. 5 Cybersecurity Certifications That Will Get You Hired, Springboard Blog
Posted: August 28, 2019
Articles Author
Greg Belding
View Profile

Greg is a Veteran IT Professional working in the Healthcare field. He enjoys Information Security, creating Information Defensive Strategy, and writing – both as a Cybersecurity Blogger as well as for fun.