It’s easy to read today’s headlines and think that now isn’t the best time to look for a job in the tech industry. However, that’s not necessarily true. When you read deeper into the stories and numbers, cybersecurity positions are still very much in demand. Cybersecurity professionals are landing jobs every day, and IT professionals from other roles may be able to transfer their skills into cybersecurity relatively easily.

As cybersecurity continues to remain a top business priority, organizations will likely keep hiring for cybersecurity roles. Companies are increasingly recognizing that without experienced team members, they are increasing their risk of a cybersecurity attack or breach.

Layoffs avoided cybersecurity personnel

According to Layoffs.fyi, more than 500 tech companies laid off over 153,000 employees between January 1, 2023, and March 23, 2023, and more than 161,000 were laid off in 2022. While those numbers include roles throughout the industry, not all jobs are affected equally.

Dan Walsh, chief information security officer with VillageMD, recently told Fortune that cybersecurity layoffs have been few and far between. The numbers back up this claim. The National Initiative for Cybersecurity Education at the National Institute of Standards and Technology reported that cybersecurity demand increased in both the public (25%) and private sectors (21%) in 2022. Additionally, 755,743 cybersecurity jobs were posted in 2022, only a 2% decrease from the same time period the previous year.

While cybersecurity analysts and engineers often top the open positions, many other lesser-known roles exist in cybersecurity.

Over 5,800 incident response positions, which are responsible for handling the aftermath of an incident, have been recently posted on Indeed. Also in demand, malware analysts evaluate an organization’s systems, data and applications to detect malware and then determine the best course to remediate.

Additionally, positions for employees who test for vulnerabilities, known as pentesters, offer a good entry point for new graduates or employees transferring from other roles. Threat hunting, which involves reviewing all the security data and systems to look for abnormalities and potential malware issues, also offers many career options.

Landing an entry-level cybersecurity job

Employers are increasingly using criteria other than four-year degrees when hiring for cybersecurity positions.

Entry-level job hunters often land their first job through skilling badges or certifications. Both methods show potential employers that the candidate has the expertise and knowledge needed to hit the ground running.

With many different certifications to choose from, it’s important to start by understanding your career goals and then selecting the one that hiring managers are most likely to recognize. You should also consider the time required to earn the badge or certification, as well as the cost. Think about the return on your investment compared to the salary of the expected job.

Transitioning from other roles to cybersecurity

Many cybersecurity employees move into the industry from non-technology positions. Many positions require excellent problem-solving and analytical skills that can be learned in other industries.

Caitlin Kiska, an information security engineer, was previously a professional online poker player. She discovered that her ability to analyze and form strategies from large data sets is a much-needed skill in cybersecurity.

Before moving into cybersecurity, Matt Gimovsky worked in litigation for eight years. He found that his expertise in strategic/tactical advising combined with his long-term passion for technology transferred easily into his current role as a technology transactions advisor for a fed/civ cyber defense business.

Current or recently laid-off technology workers can also easily transition into cybersecurity from a wide range of roles.

Software engineers should look for opportunities in cybersecurity to create applications that detect cyberattacks or are more cyber resilient. Because IT support specialists have strong analytical skills and significant hardware/software knowledge, they can quickly investigate cybersecurity incidents. Cybersecurity involves identifying patterns, making it relatively easy for data analysts to move into positions that detect and respond to threats.

Updating your resume for a cybersecurity role

Because cybersecurity hiring managers realize that their next best team member may not have a traditional background, you should include many experiences and skills you may not consider. By highlighting both technical and soft skills, you increase your chances of landing the job. Before applying to a cybersecurity position, reevaluate your resume through the lens of a cybersecurity hiring manager.

Make sure that your technical skills are highlighted and easy for a manager to find. Highlight your current skills, badges and certifications. Consider having a section that highlights your experience with the most recent threats and solutions, especially in terms of ransomware. If you have used the latest automation and artificial intelligence tools, be sure to include these skills as well.

In addition to the skills, companies want employees with experience to put their expertise to use. Consider also including any results or significant experience, such as vulnerabilities you’ve detected or incidents you successfully managed. By sharing specifics, you demonstrate both your knowledge and your ability to apply those skills while under pressure. Companies want to know that employees can handle the pressure and stress of managing real-world threats in real-time.

Cybersecurity positions involve a significant amount of collaboration and teamwork. Hiring managers increasingly look for soft skills, such as leadership, curiosity, tenacity, passion, problem-solving, teamwork and thriving under pressure. Because the ability to communicate effectively with team members and other employees is critical to success in cybersecurity, managers often prioritize applicants with communication skills. Add examples of any responsibilities that involved combination, such as cross-department collaboration or conducting training.

The cybersecurity job market remains strong

As cybersecurity continues to be a top business priority, it will likely remain a valuable position at organizations. Even businesses with hiring freezes may continue to fill open cybersecurity positions due to the critical nature of the work. By looking for opportunities in cybersecurity, job seekers can find job security while working on fulfilling projects.

More from Intelligence & Analytics

What makes a trailblazer? Inspired by John Mulaney’s Dreamforce roast

4 min read - When you bring a comedian to offer a keynote address, you need to expect the unexpected.But it is a good bet that no one in the crowd at Salesforce’s Dreamforce conference expected John Mulaney to tell a crowd of thousands of tech trailblazers that they were, in fact, not trailblazers at all.“The fact that there are 45,000 ‘trailblazers’ here couldn’t devalue the title anymore,” Mulaney told the audience.Maybe it was meant as nothing more than a punch line, but Mulaney’s…

New report shows ongoing gender pay gap in cybersecurity

3 min read - The gender gap in cybersecurity isn’t a new issue. The lack of women in cybersecurity and IT has been making headlines for years — even decades. While progress has been made, there is still significant work to do, especially regarding salary.The recent  ISC2 Cybersecurity Workforce Study highlighted numerous cybersecurity issues regarding women in the field. In fact, only 17% of the 14,865 respondents to the survey were women.Pay gap between men and womenOne of the most concerning disparities revealed by…

Protecting your data and environment from unknown external risks

3 min read - Cybersecurity professionals always keep their eye out for trends and patterns to stay one step ahead of cyber criminals. The IBM X-Force does the same when working with customers. Over the past few years, clients have often asked the team about threats outside their internal environment, such as data leakage, brand impersonation, stolen credentials and phishing sites. To help customers overcome these often unknown and unexpected risks that are often outside of their control, the team created Cyber Exposure Insights…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today