To excel as a cybersecurity leader, you need a strong understanding of how to detect and prevent unauthorized access to data–you need information security skills.

What Is Information Security?

Information security, or InfoSec, is an important aspect of cybersecurity. The CIA recognizes the three components of information security as confidentiality, integrity, and availability. This means ensuring data is: accessible only to authorized users, maintained in its existing condition, and reachable by those who are permitted to do so.

Specific types of information security include:


  • Application security: Also known as AppSec, this includes making apps more secure both during the development phase and after deployment.
  • Cloud security: Protecting cloud-based data, apps, and infrastructure from internal and external threats.
  • Cryptography: Keeping communications secure by converting unencrypted data (plaintext) to encrypted data (ciphertext).
  • Incident response: Information security policies and procedures used to identify, contain, and prevent cyberattacks.
  • IT infrastructure security: Protecting systems and assets–including hardware and software–from threats.
  • Vulnerability management: A cyclical process of identifying, analyzing, reporting, remediating, and confirming success of blocking threats to your network.

There’s an important distinction between information security and information technology security. While InfoSec refers to the methodology and tools used to protect information, information technology (IT) security involves actually securing data through things like antivirus software and firewalls.

InfoSec Career Opportunities and Top Skills

Overall, there is incredibly high demand for cybersecurity professionals. Research firm Cybersecurity Ventures predicted that in 2025, there will be 3.5 million unfilled cybersecurity jobs worldwide.

InfoSec skills are essential in a broad range of cybersecurity roles. Below are three prominent information security positions. Click on each to learn more about the role and technical skills required for success on the job.

Role Average Salary Projected Growth Rate (2021-31)
Chief Information Security Officer $179,525 6%
Information Security Manager $159,016 16%
Information Security Analyst $102,606 35%

Salary and job outlook information was obtained from the U.S. Bureau of Labor Statistics. The average growth rate across all jobs is 5%.

Chief Information Security Officer

Chief Information Security Officers (CISOs) are responsible for overseeing the development and maintenance of information security programs for their organizations. This involves implementing and evolving security standards and minimizing risk.

Along with leadership, management, communication, and critical thinking skills, it’s important that CISOs have technical expertise in the following areas:

1. Information security policy development: This area involves the creation of security policies, standards, and guidelines for an organization. These policies should be regularly updated–at least once a year–to protect the business and remain compliant.
2. Incident management: This includes preparing for and responding to security incidents. Broader than incident response, it also encompasses communication with the executive team and external constituents and evaluating business impacts.
3. Governance, risk, and compliance: Also known as GRC, this involves aligning information security activities with business goals, managing security issues, and meeting regulations. To increase efficiency, companies are now taking an integrated view of these components and how they impact one another.

Other sought after skills for CISOs include digital forensics, disaster recovery planning, mobile app security, and network security and firewall management.

Information Security Manager

Information security managers assist with the buildout and management of information security at their companies. They typically report to an information security director. Employers may prefer managers to hold certifications like CISSP (Certified Information Systems Security Professional), CISA (Certified Information Systems Auditor), or CISM (Certified Information Security Manager).

Workers in information security manager positions are responsible for leading and mentoring other information security employees, like analysts and administrators. They should also have strong technical backgrounds and experience completing the following tasks:

1. Network security configuration: Taking steps to minimize the potential for cyber attacks. This includes authentication, DNS, routing, VPN, and more.
2. Security architecture development: Designing a framework to protect an organization’s information assets.
3. Security audits: Assessment of an organization’s information system to see if it meets the business’ criteria, identify any weaknesses, and make the proper adjustments.

Other requested skills for information security managers include an extensive knowledge of industry standards and frameworks like the International Organization for Standardization family of standards (ISO 2700x) and the National Institute of Standards and Technology (NIST).

Information Security Analyst

The role of information security analyst is among the top 20 fastest growing careers in the United States from 2021-2031. U.S. News & World Report also ranked it the #1 job for 2022 based on factors such as high salaries, a low unemployment rate, and work-life balance.

Information security analysts help to manage their organizations’ security programs. This includes conducting security assessments and monitoring systems and end user activities.

Among the technical requirements for this position is the ability to perform:

1. Security analyses: Using tools like Excel as well as SQL and other query languages to monitor a network and systems for security issues.
2. Penetrations testing: Also known as a pen test or ethical hacking, this involves exposing vulnerabilities of a computer system and attempting to exploit them.
3. Vulnerability assessment: Checking an organization’s IT environment for any weaknesses that could be susceptible to attack, as well as providing a report and recommended updates.

Other proficiencies at a premium for information security analysts include a deep understanding of and experience with firewalls, Intrusion Detection Systems (IDS), Security Information Event Management (SIEM), and Transmission Control Protocol/Internet Protocol (TCP/IP).

Depending on your strengths and interests, there are a variety of cybersecurity and information security positions to explore. Find out more about careers with a master’s in cybersecurity.

Build Your InfoSec Skills with a Master’s in Cybersecurity

Cybersecurity master’s programs often have courses focused on strengthening your information security expertise. Professionals who want to deepen their cybersecurity knowledge to advance in technical roles may complete a cyber operations concentration, while those who are interested in securing management positions in the field may want to pursue a concentration in cybersecurity leadership.

The Pace University MS in Cybersecurity features a Cybersecurity Leadership concentration with specialized coursework in information security planning and risk management, including:

Course Concepts Covered
Information security planning and policy
  • Provides an introduction to security planning as recommended by NIST guidelines on developing security plans.
  • Students conduct a case study, developing a security plan for a small-size organization, including all managerial, operational, and technical controls an organization will need in the next three years.
Information security auditing and risk management
  • Provides an introduction to security auditing based on the ISO 27000 family of standards.
  • Presents nominal security audits based on ISO 27002 and technical security audits based on ISO 27001.
  • Students conduct a case study, performing a security audit for a small-size organization.
Business continuity and disaster recovery planning
  • Learn strategies for mitigating, preparing for, responding to, and recovering from small and large-scale emergencies.
  • Follows ISO 22301 and BS 25999 business continuity standards and is based on industry best practices and guidelines.

In the Pace University master’s in cybersecurity, students also select between one to four elective courses to fulfill program requirements, like Legal Issues in Information Systems and Automating Information Security with Python and Shell Scripting.

About Pace University’s Online MS in Cybersecurity

The Seidenberg School of Computer Science and Information Systems at Pace University offers an online Master of Science in Cybersecurity tailored for working professionals. Prepare to lead in the future of cyber defense by applying hands-on learning based on the latest industry practices. Our 30-credit-hour online program can be completed in only one year, full-time, or two years, part-time.

We offer a general track or a choice of two concentrations: Cyber Operations or Cybersecurity Leadership. Our curriculum features virtual labs and project-based learning to help students develop effective problem-solving strategies. Designated as a National Center of Academic Excellence in Cyber Defense Education (CAE-CDE), we adhere to the NSA’s rigorous set of standards and equip professionals with in-demand skills to confront constantly evolving cyberthreats.

Get Started


To learn more about online Master of Science in Computer Science program, fill out the fields in this form to download a free brochure. If you have any questions at any time, please contact an admission advisor at (866) 843-7205.

Pace University has engaged AllCampus to help support your educational journey. AllCampus will contact you shortly in response to your request for information. About AllCampus. Privacy Policy. You may opt out of receiving communications at any time.

* All Fields are Required. Your Privacy is Protected. Are you enrolling from outside the US? Click here.