How to find a job in the one tech market that is not seeing layoffs: Cybersecurity
Sakorn Sukkasemsakorn | Istock | Getty Images
Strong demand for cybersecurity workers is continuing even as big technology companies lay off thousands of employees.
That’s not a big surprise, as cybersecurity is seen as one of the more resilient areas for tech investment in a more cautious economic environment — though even it is not immune from the tech sector slowdown. But it is an area for young professionals, college students, and workers looking to make career transitions to focus on as the tech sector’s labor force contracts significantly for the first time in a decade, from the largest companies to the venture-backed startup community.
There were 755,743 online job postings in cybersecurity as of December, according to new research from cybersecurity workforce analytics site CyberSeek, created through a partnership of the National Initiative for Cybersecurity Education, CompTIA, and labor market research firm Lightcast. That did represent a year over year decline in postings, from 769,736 in the 12-month period ending December 2021. But with a supply-demand ratio currently at 68 workers per 100 job openings, the nearly 530,000 more cybersecurity workers need in the U.S. went up year over year.
The researchers say the data reinforces a trend that has existed for years now and will persist: the shortage of cyber talent. If all those positions are filled, that’s a labor force positioned for huge growth. The total number of employed cybersecurity workers was estimated at 1.1 million, steady year over year.
Here are the top things to know about pursuing a career in cybersecurity.
How to ‘major’ in cybersecurity during college
When looking for a job, you’re guaranteed to be asked what major you studied in college. While cybersecurity is not a common major for colleges to offer, there are a large range of related majors that can make you a potential candidate for a job in this field. The most obvious comps are computer science, information technology, software development, and even business management.
“The more that you can find either courses or other educational opportunities while you’re in school, to learn both the fundamentals of IT and the fundamentals of cybersecurity, as well as some of the specific high-value, high growth skills that employers are increasingly demanding, that’s going to best set you up for success when you enter the job market,” said Will Markow, vice president of applied research at Lightcast.
However, it’s not as much about a specific major studied as the skills which employers are attempting to identify.
The question that candidates need to be prepared to answer isn’t what they majored in, but, “What have you learned during your degree that prepares you for a career in cybersecurity?” Markow said.
Obtaining technical skills after college
Technical skills in information security theories, network administration, and IT is some of the primary knowledge that candidates need, while strong soft skills like communication and collaboration are additionally important. But whether you are a college student or graduate already in the job market, there are plenty of other opportunities to gain the skills you need to enter this field, primarily through certifications.
Non-profit trade association CompTIA’s Security+ is the most in-demand entry level credential for cybersecurity professionals, according to Markow. By receiving the Security+ certification, CompTIA states that professionals will acquire the skills to assess an environment’s security, monitor hybrid environments, respond to security events and more. Other commonly requested certifications are EC-Council’s Certified Ethical Hacker training and GIAC’s Security Essentials (GSEC) training.
“Cybersecurity is a heavily sophisticated field, and employers place a lot of weight on certain credentials,” Markow said.
How to get started in job search
Some of the most common entry-level positions include cybersecurity analysts, cybersecurity technician specialists, and cybercrime analysts. These positions focus more on what is defined as reactive work, for example, learning about the types of threats that organizations are facing, and identifying when threats need to be investigated and remediated.
As professionals progress in a cybersecurity career, the goal is to gradually take on more proactive work helping organizations design secure digital infrastructure.
There are many opportunities for existing tech professionals to make the move into this field, with common launch pads including other IT roles such as network administration, software development, systems engineering and even IT support; and by targeting the lower-level cyber positions.
“Since those roles often have lower barriers to entry than some of the more advanced positions in the field, and if you are able to target one of the certifications and obtain one of those entry level certifications from CompTIA, or other providers, then you will have the greatest chance of finding an opportunity in one of those roles,” Markow said.
The approach of first entering through the broader IT job market can work for new labor force entrants as well. “If you’re starting from complete scratch, it’s often useful to target some of those positions that can serve as launching pads into the core cybersecurity roles,” Markow said.
Jobs will often pay over $100,000
Cybersecurity jobs pay well, too.
The average salary ranges between $100,000-$120,000.
There are going to be differences in pay based on experience level, as well as the specific role.
“You probably won’t start at $110,000,” Markow said. “You might start somewhere in the $70,000-$90,000 range, depending on what part of the country you’re in. But as you gain experience in and advance within cybersecurity, the salaries become progressively larger and more appealing.”
Where the jobs are concentrated also varies region to region, and by sector. The new research found public sector cybersecurity job demand growing by 25% to 45,708 postings in 2022, a faster growth rate than in the private sector, but still far fewer jobs overall compared to the private sector’s 710,035 listings. Lightcast says that public sector job demand trend isn’t a one-year phenomenon, growing by 58% over the past three years in all. Related to that, the Washington, D.C. metro area accounted for 19% of all public sector domestic cybersecurity job listings.
Technology
Cognition to buy AI startup Windsurf days after Google poached CEO in $2.4 billion licensing deal
In this photo illustration, a man seen holding a smartphone with the logo of US artificial intelligence company Cognition AI Inc. in front of website.
Timon Schneider | SOPA Images | Sipa USA | AP
Artificial intelligence startup Cognition announced it’s acquiring Windsurf, the AI coding company that lost its CEO and several other senior employees to Google just days earlier.
Cognition said on Monday that it will purchase Windsurf’s intellectual property, product, trademark, brand and talent, but didn’t disclose terms of the deal. It’s the latest development in an AI talent war, as companies like Meta, Google and OpenAI fiercely compete for top engineers and researchers.
OpenAI had been in talks to acquire Windsurf for about $3 billion in April, but the deal fell apart, and Google said on Friday that it hired Windsurf’s co-founder and CEO Varun Mohan. Google is paying $2.4 billion in licensing fees and for compensation, as CNBC previously reported.
“Every new employee of Cognition will be treated the same way as existing employees: with transparency, fairness, and deep respect for their abilities and value,” Cognition CEO Scott Wu wrote in a memo to employees on Monday. “After today, our efforts will be as a united and aligned team. There’s only one boat and we’re all in it together.”
Cognition didn’t immediately respond to CNBC’s request for comment. Windsurf directed CNBC to Cognition.
Cognition is best known for its AI coding agent named Devin, which is designed to help engineers build software faster. As of March, the startup had raised hundreds of millions of dollars at a valuation of close to $4 billion, according to a report from Bloomberg.
Both companies are backed by Peter Thiel’s Founders Fund. Other investors in Windsurf include Greenoaks, Kleiner Perkins and General Catalyst.
“I’m overwhelmed with excitement and optimism, but most of all, gratitude,” Jeff Wang, the interim CEO of Windsurf, wrote in a post on X on Monday. “Trying times reveal character, and I couldn’t be prouder of how every single person at Windsurf showed up these last three days for each other and for our users.”
Wu said that the acquisition ensures all Windsurf employees are “treated with respect and well taken care of in this transaction.” All employees will participate financially in the deal, have vesting cliffs waived for their work to date and receive fully accelerated vesting for their, according to the memo.
“There’s never been a more exciting time to build,” Wu wrote.
WATCH: Google snatches Windsurf CEO after OpenAI deal dissolves
Meta CEO Mark Zuckerberg looks on before the luncheon on the inauguration day of U.S. President Donald Trump’s second presidential term in Washington on Jan. 20, 2025.
Evelyn Hockstein | Reuters
Meta on Monday said it has removed about 10 million profiles for impersonating large content producers through the first half of 2025 as part of an effort by the company to combat “spammy content.”
The crackdown is part of Meta’s broader effort to make the Facebook feed more relevant and authentic by taking action against and removing accounts that engage in “spammy” behavior, such as content created using artificial intelligence tools.
As part of that initiative, Meta is also rolling out stricter measures to promote original posts from creators, the company said in a blog post.
Facebook also took action against approximately 500,000 accounts that it identified to be engaged in inauthentic behavior and spam. These actions included demoting comments and reducing distribution of content, which are intended to make it harder for these accounts to monetize their posts.
Meta said unoriginal content is when images or videos are reused without crediting the original creator. Meta said it now has technology that will detect duplicate videos and reduce the distribution of that content.
The action against spam and inauthentic content comes as Meta increases its investment in AI, with CEO Mark Zuckerberg on Monday announcing plans to spend “hundreds of billions of dollars” on AI compute infrastructure to bring the company’s first supercluster online next year.
This mandate comes at a time when AI is making it easier to mass-produce content across social media platforms. Other platforms are also taking action to combat the increase of spammy, low-quality content on social media, also known as “AI slop.”
Google’s YouTube announced a change in policy this month that prevents content that is mass-produced or repetitive from being eligible for being awarded revenue.
This announcement sparked confusion on social media, with many users believing this was a reversal on YouTube’s stance on AI content. However, YouTube clarified that the policy change is aimed at curbing unoriginal, spammy and repetitive videos.
“We welcome creators using AI tools to enhance their storytelling, and channels that use AI in their content remain eligible to monetize,” said a spokesperson for YouTube in a blog post to clarify the new policy.
YouTube’s new policy change will take effect on Tuesday.
-
Sports3 years ago‘Storybook stuff’: Inside the night Bryce Harper sent the Phillies to the World Series
-
Sports1 year agoStory injured on diving stop, exits Red Sox game
-
Sports2 years agoGame 1 of WS least-watched in recorded history
-
Sports2 years agoMLB Rank 2023: Ranking baseball’s top 100 players
-
Sports4 years ago
Team Europe easily wins 4th straight Laver Cup
-
Sports2 years agoButton battles heat exhaustion in NASCAR debut
-
Environment2 years agoJapan and South Korea have a lot at stake in a free and open South China Sea
-
Environment2 years agoGame-changing Lectric XPedition launched as affordable electric cargo bike