My Honest Thoughts on the Cybersecurity Job Market

If you’ve been watching the headlines, you might feel like the cybersecurity job market is a puzzle with missing pieces. 

On one side, reports say there are millions of unfilled roles. 

On the other side, entry level candidates often can’t get a call back. 

I get messages almost daily from people who wonder if they picked the wrong field or if they’re already too late.

Here’s my honest take.

The paradox is real, but it’s not personal

Yes, there is a shortage of skilled people. But artificial intelligence is automating many routine tasks, and some employers are outsourcing their security operations. 

As a result, traditional junior roles like SOC analyst are shrinking.

That doesn’t mean the field is shrinking, it means it’s changing.

Three trends shaping your future

• AI and automation: AI can sift through billions of data points, which reduces the need for people to stare at logs all day. 

• I also have my latest video on whether I regret quitting my cybersecurity job here:

But it also creates demand for professionals who can design, manage and interpret AI‑driven systems.

• Outsourcing and budgets: Many organisations are relying on managed security service providers and SOC‑as‑a‑Service to protect their networks. 

Budgets are shifting toward high‑return investments like cloud security, compliance and AI‑enabled tools. That means new roles are opening at the intersection of technology, risk and regulation.

• Nontraditional paths: Experts in the field say there’s no single career ladder, too many people focus on penetration testing when oversight, governance, secure design and risk management are the areas with the most growth. 

People with diverse backgrounds and strong soft skills are more valuable than ever.

What this means for you

If you’re feeling stuck, you’re not alone and you’re not behind. Here’s how to move forward:

1. Keep learning (but differently). The pace of change in cyber is fast. Instead of collecting more certificates, build hands‑on projects, join simulations or volunteer to secure a small organisation. Those reps build judgment, not just knowledge.
   
   

2. Broaden your horizons. Explore roles beyond SOC, such as governance, risk and compliance, identity and access management, secure software development or cloud security. 

These are areas where demand is growing, and they often suit people with strong communication or legal skills.

3. Invest in your soft skills. Communication, critical thinking and the ability to explain complex ideas to nontechnical people are just as important as technical chops. 

Practice articulating your work, in interviews, LinkedIn posts or with friends so employers see you’re ready to contribute, not just code.

4. Use AI as an ally. Instead of fearing automation, learn how to leverage AI tools to speed up your research, spot patterns or even draft reports. 

You’ll be more efficient, and you’ll show you can work alongside the tech that’s shaping the industry.

Final thoughts

The cybersecurity job market isn’t broken; it’s evolving. 

There are fewer cookie cutter roles and more opportunities for those who think strategically, adapt quickly and bring a human touch. 

Keep building, keep sharing, and keep asking questions. 

The industry still needs people like you not just to fight the threats, but to shape what comes next.

You’ve got this.

- Sandra

P.S. For a deeper dive into these trends and some straight talk about where the industry is headed, watch the video above!