It’s easy to read today’s headlines and think that now isn’t the best time to look for a job in the tech industry. However, that’s not necessarily true. When you read deeper into the stories and numbers, cybersecurity positions are still very much in demand. Cybersecurity professionals are landing jobs every day, and IT professionals from other roles may be able to transfer their skills into cybersecurity relatively easily.

As cybersecurity continues to remain a top business priority, organizations will likely keep hiring for cybersecurity roles. Companies are increasingly recognizing that without experienced team members, they are increasing their risk of a cybersecurity attack or breach.

Layoffs Avoided Cybersecurity Personnel

According to, more than 500 tech companies laid off over 153,000 employees between January 1, 2023, and March 23, 2023, and more than 161,000 were laid off in 2022. While those numbers include roles throughout the industry, not all jobs are affected equally.

Dan Walsh, chief information security officer with VillageMD, recently told Fortune that cybersecurity layoffs have been few and far between. The numbers back up this claim. The National Initiative for Cybersecurity Education at the National Institute of Standards and Technology reported that cybersecurity demand increased in both the public (25%) and private sectors (21%) in 2022. Additionally, 755,743 cybersecurity jobs were posted in 2022, only a 2% decrease from the same time period the previous year.

While cybersecurity analysts and engineers often top the open positions, many other lesser-known roles exist in cybersecurity.

Over 5,800 incident response positions, which are responsible for handling the aftermath of an incident, have been recently posted on Indeed. Also in demand, malware analysts evaluate an organization’s systems, data and applications to detect malware and then determine the best course to remediate.

Additionally, positions for employees who test for vulnerabilities, known as pentesters, offer a good entry point for new graduates or employees transferring from other roles. Threat hunting, which involves reviewing all the security data and systems to look for abnormalities and potential malware issues, also offers many career options.

Landing an Entry-Level Cybersecurity Job

Employers are increasingly using criteria other than four-year degrees when hiring for cybersecurity positions.

Entry-level job hunters often land their first job through skilling badges or certifications. Both methods show potential employers that the candidate has the expertise and knowledge needed to hit the ground running.

With many different certifications to choose from, it’s important to start by understanding your career goals and then selecting the one that hiring managers are most likely to recognize. You should also consider the time required to earn the badge or certification, as well as the cost. Think about the return on your investment compared to the salary of the expected job.

Transitioning from Other Roles to Cybersecurity

Many cybersecurity employees move into the industry from non-technology positions. Many positions require excellent problem-solving and analytical skills that can be learned in other industries.

Caitlin Kiska, an information security engineer, was previously a professional online poker player. She discovered that her ability to analyze and form strategies from large data sets is a much-needed skill in cybersecurity.

Before moving into cybersecurity, Matt Gimovsky worked in litigation for eight years. He found that his expertise in strategic/tactical advising combined with his long-term passion for technology transferred easily into his current role as a technology transactions advisor for a fed/civ cyber defense business.

Current or recently laid-off technology workers can also easily transition into cybersecurity from a wide range of roles.

Software engineers should look for opportunities in cybersecurity to create applications that detect cyberattacks or are more cyber resilient. Because IT support specialists have strong analytical skills and significant hardware/software knowledge, they can quickly investigate cybersecurity incidents. Cybersecurity involves identifying patterns, making it relatively easy for data analysts to move into positions that detect and respond to threats.

Updating Your Resume for a Cybersecurity Role

Because cybersecurity hiring managers realize that their next best team member may not have a traditional background, you should include many experiences and skills you may not consider. By highlighting both technical and soft skills, you increase your chances of landing the job. Before applying to a cybersecurity position, reevaluate your resume through the lens of a cybersecurity hiring manager.

Make sure that your technical skills are highlighted and easy for a manager to find. Highlight your current skills, badges and certifications. Consider having a section that highlights your experience with the most recent threats and solutions, especially in terms of ransomware. If you have used the latest automation and artificial intelligence tools, be sure to include these skills as well.

In addition to the skills, companies want employees with experience to put their expertise to use. Consider also including any results or significant experience, such as vulnerabilities you’ve detected or incidents you successfully managed. By sharing specifics, you demonstrate both your knowledge and your ability to apply those skills while under pressure. Companies want to know that employees can handle the pressure and stress of managing real-world threats in real-time.

Cybersecurity positions involve a significant amount of collaboration and teamwork. Hiring managers increasingly look for soft skills, such as leadership, curiosity, tenacity, passion, problem-solving, teamwork and thriving under pressure. Because the ability to communicate effectively with team members and other employees is critical to success in cybersecurity, managers often prioritize applicants with communication skills. Add examples of any responsibilities that involved combination, such as cross-department collaboration or conducting training.

The Cybersecurity Job Market Remains Strong

As cybersecurity continues to be a top business priority, it will likely remain a valuable position at organizations. Even businesses with hiring freezes may continue to fill open cybersecurity positions due to the critical nature of the work. By looking for opportunities in cybersecurity, job seekers can find job security while working on fulfilling projects.

More from Intelligence & Analytics

79% of Cyber Pros Make Decisions Without Threat Intelligence

4 min read - In a recent report, 79% of security pros say they make decisions without adversary insights “at least the majority of the time.” Why aren’t companies effectively leveraging threat intelligence? And does the C-Suite know this is going on? It’s not unusual for attackers to stay concealed within an organization’s computer systems for extended periods of time. And if their methods and behavioral patterns are unfamiliar, they can cause significant harm before the security team even realizes a breach has occurred.…

4 min read

Why People Skills Matter as Much as Industry Experience

4 min read - As the project manager at a large tech company, I always went to Jim when I needed help. While others on my team had more technical expertise, Jim was easy to work with. He explained technical concepts in a way anyone could understand and patiently answered my seemingly endless questions. We spent many hours collaborating and brainstorming ideas about product features as well as new processes for the team. But Jim was especially valuable when I needed help with other…

4 min read

Ex-Conti and FIN7 Actors Collaborate with New Backdoor

15 min read -   April 27, 2023 Update This article is being republished with modifications from the original that was published on April 14, 2023, to change the name of the family of malware from Domino to Minodo. This is being done to avoid any possible confusion with the HCL Domino brand. The family of malware that is described in this article is unrelated to, does not impact, nor uses HCL Domino or any of its components in any way. The malware is…

15 min read

The Needs of a Modernized SOC for Hybrid Cloud

5 min read - Cybersecurity has made a lot of progress over the last ten years. Improved standards (e.g., MITRE), threat intelligence, processes and technology have significantly helped improve visibility, automate information gathering (SOAR) and many manual tasks. Additionally, new analytics (UEBA/SIEM) and endpoint (EDR) technologies can detect and often stop entire classes of threats. Now we are seeing the emergence of technologies such as attack surface management (ASM), which are starting to help organisations get more proactive and focus their efforts for maximum…

5 min read