5 Trends about Cybersecurity Jobs for 2023
Hi reader. Today I’m going to give my vision about how I see the cybersecurity job posture for the next year, based on the experience I’ve got in the company where I’m currently working at for almost 3 years (at the time I’m writing this). During this time, we’ve seen ourselves in the obligation of growing considerably our cybersecurity team, and we suffered 2 realities:
- Some companies are not paying well enough cybersecurity positions yet, specially in some countries, what decreases the success probability rate to hire a candidate.
- And, what we all already know: There is a lack of cybersecurity professionals itself.
I’m going to focus this text in the second concern. Thanks to my experience during this period, and after keeping a lookout to what is the industry market demand (cybersecurity positions) and the supply (cybersecurity professionals offer), it seems that these two are not aligned at all, above all if we take into consideration which fields are more lacky of professionals and where they are focusing their careers this professionals. These, are my 5 signals to bear in mind for 2023:
1. Cloud Security and DevSecOps demand will keep rising vastly
Definitely, Cloud Security positions for AWS, GCP and Azure are being, and will be, strongly demanded. However, the professionals to supply this demand are very reduced, and this supply doesn’t seem to be aligned with the demand at all.
Same happens with DevSecOps and Application Security positions, although to a lesser extent. The demand for these positions seems to keep rising, but not as much the amount of professionals of this field.
2. Pentesters, the most abundant professionals
We’ve been noting that the most abundant professionals nowadays are those specialized in Red Teaming operations, specifically Pentesters, above all when we speak about Web and Network pentesters, which is the most common speciality among them. I would dare to say that Pentesting is the position with more competition among cybersecurity positions now, sometimes requiring the candidate to show up special skills, good experience or a specialization in the resume to get the attention of a recruiter and to remain in a selection process.
However, we realized that there is a lot of demand related to specific niches or specializations in terms of pentesting, as there are very few pentesters specialized in uncommon niches like Mobile, IoT, OT, Cloud, etc.
So, if you are planning to get trained as a Pentester, I encourage you to get specialized in something else than the common Web and/or Network pentesting to stand out in the market.
3. Blue team is suffering a breach of talent
Despite the booming that we’ve lived with Red Team last years, Blue Team positions keep being no less important and needed. The success of platforms like HackTheBox, TryHackMe and VulnHub has helped a lot of individuals to get prepared and start a career in the Red Team part of cybersecurity, but we can’t forget that, although ethical hacking is vital for the companies and governments, the most important concern for them is to keep their assets properly defended. So, since the individuals have tended to address their career towards the Red Team, Blue Team seem to be suffering a lack of technical professionals. So, positions like Network Defenders, SOC Analysts, Cyber Threat Specialists and Cyber Security Engineers in general will be even more lacked of professionals next year.
For these reasons, platforms like HackTheBox have started to release resources to offer defensive training too. Even OffensiveSecurity has just released a defensive certification (OSDA) to face this future demand.
4. New managerial positions will emerge
The IT world is not in its best moment right now. An evidence of that are the workforce reductions being conducted by the big techs like Meta, Twitter, Amazon, etc.
Knowing this and how is the prevision for the the next year in the IT world, I think 2023 will be a year where showing KPIs to the board and, above all, to be as efficients as possible for the company, will be a must for many teams. This, along with the fact that ever more cyber security teams are being formed as new fields in the industry come up, will make up the two main reasons aobut why managerial roles will arise in the industry and even some new cybersecurity managerial roles will be required for the first time in some companies. I have to mention that I’m referring to intermediate-level managerial positions, not C-level positions (CISO, CIO, etc.).
These roles will be those who will be able to cover these neccessities with organizational skills (non-technical) that each team will need, although some recruiters will be requiring the candidate to have a technical background or experience.
Some related roles could be:
- Cloud Security Manager
- SOC Manager
- Cyber Risk / GRC Manager
- Offensive Cybersecurity Manager
- Network and/or Infrastructure Security Manager
- Application Security Manager
5. Booming Upcoming Niches
To finish, let’s list the niches that will be booming in the next years in terms of cybersecurity demand. Might not be in 2023 yet. Although there is already an important demand in some of them, there are very few professionals to cover it and this problem will worsen seriously in the future.
- IoT Security
- AI (Artificial Intelligence) Security
- Automotive Security
- Blockchain Security
Unfortunately, there are not many resources to get trained about these fields yet, and those that do exist, aren’t affordable at all in some cases.
In conclusion and as you surely already know, in 2023 the demand in cybersecurity will keep incresing vastly in general and I don’t think the IT crisis will affect notoriously this industry due to the lack of professionals we are still suffering. I’d like to emphasize that, as I mentioned at the beginning, this is a prevision based on my experience after almost 3 years seeking cybersecurity professionals and a research done recently about the industry. I tried to do it the most objective possible :)
I hope that could be helpful for someone. Thanks for reading!
