Below are some top 5 Cybersecurity Employment Trends to watch in 2017
• The Professional Services, Finance, and Manufacturing/Defense sectors have the highest demand for cybersecurity jobs.
• The fastest increases in demand for cybersecurity workers are in industries managing increasing volumes of consumer
data such as Finance (+137% over the last five years), Health Care (+121%), and Retail Trade (+89%).
Positions calling for financial skills or a security clearance are even harder to fill than other cybersecurity jobs
• The hardest-to-fill cybersecurity jobs call for financial skills, such as Accounting or knowledge of regulations associated
with the Sarbanes-Oxley Act, alongside traditional networking and IT security skills. Because finance and IT skills are rarely
trained for together, there is a skills gap for workers who meet the requirements of these “hybrid jobs.”
• More than 10% of cybersecurity job postings advertise a security clearance requirement. These jobs, on average, take 10%
longer to fill than cybersecurity jobs without a security clearance.
Cybersecurity positions are more likely to require certifications than other IT jobs
• One third (35%) of cybersecurity jobs call for an industry certification, compared to 23% of IT jobs overall.
Cybersecurity employers demand a highly educated, highly experienced workforce
• Some 84% of cybersecurity postings specify at least a bachelor’s degree, and 83% require at least three years of
experience. Because of the high education and experience requirements for these roles, skills gaps cannot easily be
resolved though short-term solutions. Employers and training providers must work together to cultivate a talent pipeline
for these critical roles.
Cybersecurity was once the province of defense contractors and government agencies, but in this, the third edition of our annual analysis, we find hiring has boomed in industries like Finance, Health Care, and Retail. A glance at the headlines is enough to explain why. In addition to the federal Office of Personnel Management, recent cyber breaches have hit major consumer companies like Chase and Target. According to PwC’s 2015 State of US Cybercrime Survey, a record 79% of survey respondents said they detected a security incident in the past 12 months. Many incidents go undetected, however, so the real tally is probably much higher.
Yet we are also seeing multiple signs that demand for these workers is outstripping supply. Job postings for cybersecurity openings have grown three times as fast as openings for IT jobs overall and it takes companies longer to fill cybersecurity positions than other IT jobs. That’s bad for employers but good news for cybersecurity workers, who can command an average salary premium of nearly $6,500 per year, or 9% more than other IT workers.
Or put another way, there were nearly 50,000 postings for workers with a CISSP certification in 2014, the primary credential in cybersecurity work. That amounts to three-quarters of all the people who hold that certification in the United States—and presumably most of them already have jobs.
This is a gap that will take time to fill. The skills for some IT positions can be acquired with relatively little training, but cybersecurity isn’t one of them. For example, five years of experience are required to even apply for a CISSP certification. That doesn’t even consider the rising demand for experience in a specific industry, like finance or health care. This suggests that the shortage of cybersecurity workers is likely to persist, at least until the education and training system catches up.
Skills Dominating CyberSecurity Job Market
Cybersecurity JOB MARKET workers protect our most important and private information, from bank accounts to sensitive military communications. However, there is a dangerous shortage of cybersecurity workers in the United States that puts our digital privacy and infrastructure at risk.
The cybersecurity workforce covers a range of job types and skills. This includes advanced Engineer and Architect roles,
Auditors (which are concentrated in Finance) and Specialists, which typically have lower entry level requirements
What Employers expects from Cybersecurity Jobs
Cybersecurity jobs require significant education and experience. Some 84% of cybersecurity postings specify at least a
bachelor’s degree, and just as many (83%) require at least 3 years of experience, with an average of 5.4 years.
High education and experience requirements make skills gaps hard to close. Because cybersecurity jobs require years
of training and relevant experience, skills gaps cannot easily be resolved though short-term solutions. Employers and
training providers must work together to cultivate a talent pipeline for these critical roles.
How Useful are Certifications for Cybersecurity Jobs
The cybersecurity jobs are shaped by certifications, and job seekers of all experience levels can improve their employment
opportunities by obtaining the relevant credentials. Entry-level workers, for example, can obtain foundational certifications
such as Security+, which represents an entry point into the field and is by far the largest cybersecurity certification in terms of total holders.
Experienced workers can target more advanced certifications such as CISSP, which requires holders to pass a
rigorous exam and possess at least five years of information security experience – common requirements among advanced
Cybersecurity jobs are highly certificated: More than one in three (35%) of all cybersecurity positions request at least one of
the certifications listed below. Only 23% of overall advertised IT jobs request an industry certification.
Certification increases salary: Security+ represents the entry-level certification for cybersecurity roles, and postings
requesting it advertise an average salary of $75,484. This serves as a baseline salary for certified cybersecurity workers, and as
workers obtain additional certification they can qualify for ever greater salaries. Postings requesting CISSP, for example,
advertised an average salary of $93,010 – a premium of $17,526 over the average salary for Security+.
Employers prefer workers with cybersecurity certifications, but there can be three or more postings for every
certificate holder. When you consider that most of these certificate holders are already employed, the situation
looks even better for workers. Even the generous supply of Security + holders is somewhat misleading. Security
+ is a entry level certificate, so many people with more advanced credentials have one, and the openings that
require it are relatively low-level.
Inforgraphic on Cybersecurity Skills and Career Paths
The Infographic below describes the expertise required for various cybersecurity roles in demand. On top of those skills, job postings often call for additional knowledge in certain information-sensitive industries, such as Health Care; Finance; and
Manufacturing and Defense.
How Difficult is it to hire for Hybrid Jobs which need Different Skills
Employers often struggle to fill positions with Hybrid Jobs which need Different Skills. The fastest-growing skills include industry knowledge areas, such as HIPAA requirements in Health Care and Risk Management, and Accounting in Finance.
The hardest-to fill skills are typically related to finance, such as Information Assurance, Sarbanes-Oxley, and Accounting.
Finding candidates with these unique skill sets can take roughly 17% longer to fill on average than other cybersecurity job openings.
The difficulties in filling jobs that require a combination of IT security and financial skills reflects a broader trend in the market: hybrid jobs which combine skill sets that are not traditionally trained for together. This often results in skills gaps where employers struggle to find employees that meet these skill needs.
While this is not a complete picture of the Cybersecurity employment landscape, hopefully, this summary gives you a roadmap to get your career kick started in the right direction.