What is the average salary for a Junior Information Security Analyst?

The average market salary is $70,000.

FILE RECORD: JUNIOR-INFORMATION-SECURITY-ANALYST

WHAT DOES A JUNIOR INFORMATION SECURITY ANALYST ACTUALLY DO?

Junior Information Security Analyst

Q: What does a Junior Information Security Analyst actually do?

The reality of the role: Spend hours attempting to locate outdated security documents that no one actually follows, then 'update' the timestamp.

[01] THE ORG-CHART ARCHITECTURE

* The organizational hierarchy defining the pressure flow and extraction cycle for this role.

KNOWN ALIASES / DISGUISES:

SOC Analyst (Tier 1)Information System Security Officer (ISSO) AssistantCybersecurity Operations SpecialistSecurity Monitoring Technician

[02] THE HABITAT (NATURAL RANGE)

Large-scale financial institutions
Government contracting firms (with 'security clearance' requirements)
Managed Security Service Providers (MSSPs)

[03] SALARY DELUSION

MARKET AVERAGE

$70,000

* Highly variable, with entry-level roles often severely underpaid, while niche skills or specific locations can inflate figures, rarely reaching the advertised 'highs' for junior staff.

"The compensation for enduring a deluge of false positives and the constant existential dread of a real breach for which they hold no true authority."

[04] THE FLIGHT RISK

FLIGHT RISK:85%HIGH RISK

[DIAGNOSIS]Often seen as an easily replaceable cost center, their work can be automated, offshored, or absorbed by more senior roles, making them prime targets for 'efficiency' layoffs.

[05] THE BULLSHIT METRICS

Number of Alerts Triaged

A measure of how many automated false positives they've acknowledged, not actual threats mitigated or prevented.

Security Incidents 'Escalated'

Reflects their ability to forward problems to others, rather than their capacity to resolve or even understand them.

Compliance Document 'Reviews' Completed

The volume of outdated policy documents they've scrolled through without comprehension, ensuring a paper trail exists.

[06] SIGNATURE WEAPONRY

SIEM Tools (Splunk, Sentinel)

The primary source of their endless, unactionable alerts, generating a constant stream of digital noise they are paid to 'triage'.

JIRA / ServiceNow

The digital graveyard where all 'critical' security remediation tasks go to languish, ensuring plausible deniability for inaction.

Security Awareness Training Modules

Mandatory, mind-numbing presentations designed to shift blame for inevitable breaches onto the unsuspecting end-users.

[07] SURVIVAL / ENCOUNTER GUIDE

[IF ENGAGED:]Nod politely, avoid eye contact, and never, under any circumstances, ask them to 'take a look' at your system.

[08] THE JD AUTOPSY: WHAT DO THEY ACTUALLY DO?

LINKEDIN ILLUSION

[SOURCE REDACTED]

"Review/Update/Create system security configuration baselines"

OTIOSE TRANSLATION

Spend hours attempting to locate outdated security documents that no one actually follows, then 'update' the timestamp.

LINKEDIN ILLUSION

[SOURCE REDACTED]

"Support incident response activities, tracking, identifying host owners, and coordinating information with other internal teams"

OTIOSE TRANSLATION

Act as a glorified pager, relaying automated alerts from SIEM tools to actual engineers who will ignore your 'urgent' emails until a real incident occurs.

LINKEDIN ILLUSION

[SOURCE REDACTED]

"Assist in implementing recommendations to strengthen security controls."

OTIOSE TRANSLATION

Generate JIRA tickets for senior staff to review, knowing full well they will languish in a backlog of 'critical' but never-prioritized tasks.

[09] DAY-IN-THE-LIFE LOG

[10:00 - 11:00]

Initial Alert Deluge Review

Sifting through the morning's automated SIEM alerts, mostly spam and misconfigurations, while contemplating the futility of digital existence.

[13:00 - 14:00]

Policy Documentation Scrutiny

Opening the 'System Security Plan' PDF for the 100th time, nodding sagely at incomprehensible jargon, and closing it without reading a single word.

[15:00 - 16:00]

Vendor Demo Attendance (Mandatory)

Sitting through an hour-long webinar on a new 'AI-powered threat intelligence platform' that promises to solve all problems (and will inevitably generate more alerts).

[10] THE BURN WARD (UNFILTERED COMPLAINTS)

* The stark reality of the role, scraped from Reddit, Blind, and anonymous career boards.

"My starting pay 6ish years ago was like 60k as a L1 soc analyst who knew pretty much nothing."

— r/cybersecurity

"$40k is egregiously underpaid if you're in the United States. How can you even manage that? I hope you're looking for an alternative role."

— r/cybersecurity

"They call it 'proactive threat detection,' but my entire day is just staring at dashboards, waiting for a red flag, and then realizing it's just marketing spam from a vendor."

— teamblind.com

[11] RELATED SPECIMENS

[VIEW FULL TAXONOMY] ↗

SYSTEM MATCH: 98%

Lead Backend Data Procurement Analyst

Spend weeks documenting trivial manual data entry, then propose a custom Python script that breaks every month, requiring constant maintenance from actual developers.

→

SYSTEM MATCH: 91%

Enterprise Architect

Preside over an endless cycle of abstract discussions, ensuring no single technical decision is made without involving a committee, thus guaranteeing maximum inefficiency.

→

SYSTEM MATCH: 84%

SDET

To craft intricate Rube Goldberg machines of automated 'checks' that prove the obvious, then spend cycles 'monitoring' their inevitable flakiness, ensuring a constant stream of 'maintenance' tasks to justify continued existence.

→