The Cybersecurity Job Market in 2022

Software applications, networks, and endpoints are all vulnerable to cyber attacks and require the knowledge and skills of cybersecurity professionals to stay secure.

As cybersecurity threats are increasing, there’s a shortage of cybersecurity talent in the market, creating increasing demand for experienced pros. 

See below to learn all about the state of the cybersecurity job market, from opportunities to what it takes to succeed in the field:

The market for jobs in cybersecurity

The need for security analysts alone is projected to increase 33% from an estimated 141,200 positions in 2020 to 188,300 by 2030, according to the U.S. Bureau of Labor Statistics

Cybersecurity professionals work in several core fields: infrastructure security; application security; network security; cloud security; and Internet of Things (IoT) security.

(ISC)² recently announced the creation of a new education program aimed at individuals looking to complete one of their entry-level cybersecurity certification exams. The move is intended to address their assertion that there is a cybersecurity talent shortage exceeding 2.7 million. 

ISSA says that more than 57% of organizations are being impacted by a lack of skilled cybersecurity professionals.

Also influencing the cybersecurity job market is the increasing attention to standards, guidelines, and best practices that are making the move from “nice to have” to “need to have,” with questions of legal liability and responsibility being raised. Reviewing the cybersecurity mandate of the National Institute of Standards and Technology (NIST) demonstrates the direction of the cybersecurity market for U.S. industry and federal agencies. 

Job types

Many career paths are available for individuals wanting to work in the cybersecurity market. These are some examples of common positions related to cybersecurity and their focus:

Position Focus
Security analyst

Monitor devices and networks for security issues

Install and maintain security-related software

Security engineer Plan, design, and build the requisite tools used to monitor and protect the security of information, networks, and devices
Security manager

Ensure the protection of assets and employees from security threats

May also be responsible for budgeting and HR-related tasks

Security consultant

Analyze and assess the current security measures being used by an organization

Recommend solutions to protect against possible threats and breaches

Chief information security officer High-level administrator responsible for overseeing all policies and infrastructure related to security and privacy
Cryptographer Responsible for securing networks and software applications by creating methods to encrypt data
Penetration tester Work to identify vulnerabilities by performing simulated attacks on existing systems
Security architect Plan, research, design, and implement security architecture
Data protection engineer

Ensure data is stored securely

Maintain and test infrastructures used to generate and store data

Ensure data is in a format that can be analyzed and queried as needed

Education

Most professionals working in cybersecurity have a bachelor’s degree in computer science or information science. But this is not necessarily a requirement, as experience in this field is highly valued.

With a growing need to address the increasing number of cybersecurity threats, the need for security-skilled IT professionals is critical. So much so that in the fall of 2021, Microsoft launched a national campaign with U.S. community colleges to train 250,000 people in this field by 2025.

Certifications

Cybersecurity-related certifications are an option for individuals looking to supplement their education or professionals already working in IT who want to demonstrate their competence in an area.

The most in-demand cybersecurity certifications include:

  • (ISC)² Certified Information Systems Security Professional (CISSP)
  • ISACA Certified Information Systems Auditor (CISA)
  • ISACA Certified Information Security Manager (CISM)
  • CompTIA Security+
  • EC-Council Certified Ethical Hacker (CEH)
  • GIAC Security Essentials Certification (GSEC)
  • (ISC)² Systems Security Certified Practitioner (SSCP)
  • CompTIA Advanced Security Practitioner (CASP+)
  • GIAC Certified Incident Handler (GCIH)
  • Offensive Security Certified Professional (OSCP)

Openings

Many cybersecurity-related positions are currently being recruited for, including:

  • Cybersecurity engineer
  • Security operations center analyst
  • Threat analyst
  • Cybersecurity incident handler
  • Vulnerability analyst
  • Cybersecurity forensics analyst
  • Cybersecurity risk and compliance analyst
  • Data protection engineer

Salaries

The following table contains the median annual salaries for a sampling of cybersecurity-related positions, estimated by Glassdoor:

Position Median Salary
Security analyst $99,275
Security engineer $107,446
Security manager $74,453
Security consultant $99,000
Chief information security officer $173,705
Cryptographer $52,522
Penetration tester $102,405
Security architect $126,981
Data protection engineer $109,717

Conclusions

To date, two primary factors have influenced the lack of qualified cybersecurity professionals: lack of relevant education and lower-than-expected salaries.

These two shortfalls are being addressed, as organizations see the value of protection from data breaches and cyber attacks against resources.

This need became amplified in 2020 when the pandemic shifted many workers into needing remote access to networks and data. Demand continues to grow and evolve with the increasing importance of cloud, edge, and IoT security.

Jillian Koskie
Jillian Koskie
Jillian Koskie is an experienced software developer, writer, business analyst, and usability design expert. With over 24 years in these roles, she has enjoyed applying her considerable skill set to assist clients and users across a wide variety of sectors, including legal, health, and financial services. Combining these professional opportunities with a love of technology, Koskie is pleased to act as a trusted advisor, contribute articles, voice opinions, and offer advice to numerous organizations, news outlets, websites, and publications.

Latest Articles

Top 10 Data Recovery Certifications

Data recovery is the process to restore lost or corrupted data due to a disaster, and companies must data recovery experts to recover their...

Top 10 Companies Hiring for Data Recovery Jobs

Data recovery is a vital part of the technology industry today. When data is accidentally deleted, corrupted, lost, or damaged, there is a risk...

Data Recovery Q&A With Kathy Ahuja at Qumulo

Enterprise data is at constant risk of physical destruction, cyber attacks, and theft or unexpected system or hardware failure. To mitigate these risks, enterprises...