Information Security Analyst
For those who see cybersecurity as a mission — protecting digital assets and privacy against ever-evolving threats in one of the most critical fields of our time.”
About This Role
Monitors networks for security breaches and investigates violations to protect data.
A Day in the Life
Information Security Analysts protect organisational data by monitoring threats, analysing vulnerabilities, implementing controls, and ensuring compliance — balancing day-to-day monitoring with strategic security planning.
- Review security alerts from SIEM and EDR tools
- Analyse phishing reports and suspicious email incidents
- Conduct risk assessments and vulnerability scans
- Review and update security policies and procedures
- Assist with ISO 27001 / PCI-DSS compliance audits
- Investigate security incidents and prepare reports
- Liaise with IT teams to remediate vulnerabilities
Work Environment
Corporate IT or security operations environment. Analytical and process-focused. May involve classified or sensitive data handling.
Typical hours: 45h/week · WLB score 7/10 · OCCASIONAL overtime
Generally structured work with overtime during security incidents or audit periods. On-call is common in banks and telecom.
Skills Required
Technical Skills
Soft Skills
Tools & Software
Salary in Sri Lanka (LKR / month)
Typical progression: 3yr to mid · 7yr to senior
Global Salary (USD / year)
Top Markets
Market Outlook
GROWING
CBSL cybersecurity mandates, rising ransomware attacks on SL organisations, and digital banking growth are driving urgent demand for security analysts across all sectors.
Hiring: HIGH
GROWING
Cybersecurity roles are among the fastest-growing globally with millions of unfilled positions. Demand continuously exceeds supply.
Entry Requirements
Sri Lanka
Preferred
Global
Preferred
Helpful Certifications
Entrepreneurship & Freelancing
Freelance earnings: $1500–$5000/mo (USD)
Platforms (SL)
Business Ideas
- Cybersecurity consulting for SMEs
- Penetration testing service
- Security compliance consulting (ISO 27001)
- Security awareness training
Side Income Ideas
Growing opportunity as SL businesses face regulatory pressure to secure systems but lack in-house expertise.
Risks & Challenges
AI / Automation Risk
LOW
LONG TERM
Burnout Risk
HIGH
Job Security (SL)
HIGH
AI enhances threat detection but human judgement remains critical for incident response, risk assessment, and strategic security decisions.
Burnout Causes
Physical Health Risks
Mental Health Risks
How to Mitigate
- Keep certifications current
- Build technical breadth (cloud, DevSecOps)
- Develop GRC expertise alongside technical skills
- Join security communities (ISACA, ISC2)
Is This Career For You?
Best for analytical students who enjoy detective-like problem solving, have a mindset for thinking like an adversary, and are motivated by protecting people and organisations from digital harm.
Personality Types
Core Motivations
What You'll Love
- High societal importance
- Excellent job security
- International mobility
- Strong salary growth
What's Challenging
- Constantly evolving threat landscape
- Responsibility weight
- Alert fatigue
