My Colorado Journey
Back to pathway map
CybersecurityTop JobColorado Talent Pipeline Report-aligned occupation with strong annual openings, growth, and wage signals.

Threat/Warning & Exploitation Analyst

Develops unique cyber indicators to maintain constant awareness of the status of the highly dynamic operating environment. Collects, processes, analyzes, and disseminates cyber warning assessments.

Annual openings

553

BLS median wage

$135,220

Typical education

Flexible / varies by employer

10-year growth

+19%

Career requirements

What does this career require?

The education, credentials, and on-the-job competencies Colorado employers expect for this role.

Typical education

Flexible / varies by employer

Credential requirement

A credential is recommended.

Credential detail

Certifications addressing advanced IDS concepts, application protocols, concepts of TCP/IP and the link layer, DNS, fragmentation, IDS fundamentals and initial deployment, IDS rules, IPv6, network architecture and event correlation, network traffic analysis and forensics, packet engineering, silk and other traffic analysis tools, TCP, filters, UDP and ICMP, focus on new attack vectors (emphasis on cloud computing technology, mobile platforms and tablet computers), new vulnerabilities, existing threats to operating environments, information systems audit process, IT governance and management, information systems acquisition, development, implementation, operations, maintenance, and service management, and protection of information assets.

Experience detail

Previous experience in military roles such as Intelligence Analyst, Security Analyst, or Incident Responder is valued by employers.

Remote work

Some companies (information technology companies for example) and jobs (such as call center support) offer the opportunity for staff to work remotely, including from rural locations. To see if a job offers this opportunity, please review job postings from job banks such as ZipRecruiter, Indeed or ConnectingColorado, and look for key words such as "location independent", "remote", "virtual", "telecommute", "flex" or for companies posting the same job in many locations.

Employer competency information

  • Critical Thinking & Problem SolvingHunt for threats and look for anomalies in the ‘as is’ environment.
  • Lifelong Learning and ResearchKeep the pulse on industry changes.
  • Critical & Analytical Thinking and CreativityPut the pieces of the puzzle together and imagine what’s next (forecasting and modeling).
  • CommunicationAble to explain what’s going on to a non-technical person (especially Executive Leadership) as well as explain a potential issue to an incident responder

Is this work a fit?

What the work actually feels like

How people in this career tend to spend their time, the interests it draws on, and a look at a typical day.

Work style

  • With kids/peopleOccasionally
  • On a computerOccasionally
  • Outdoors / on-siteOccasionally
  • With your handsOccasionally

Interests it draws on

  • Technology
  • Cybersecurity

Automation exposure

Low exposure

Tasks here lean on judgement and people skills that are hard to automate.

A typical day

  1. Develop plans to safeguard computer files against accidental or unauthorized modification, destruction, or disclosure and to meet emergency data processing needs.
  2. Monitor current reports of computer viruses to determine when to update virus protection systems.
  3. Encrypt data transmissions and erect firewalls to conceal confidential information as it is being transmitted and to keep out tainted digital transfers.
  4. Perform risk assessments and execute tests of data processing system to ensure functioning of data processing activities and security measures.
  5. Modify computer security files to incorporate new software, correct errors, or change individual access status.
  6. Review violations of computer security procedures and discuss procedures with violators to ensure violations are not repeated.