In 2025, the cybersecurity job market presents a paradox.
On one hand, the global shortage of cybersecurity professionals remains a pressing issue.
According to Cybersecurity Ventures, there are 3.5 million unfilled cybersecurity positions worldwide, a number that has persisted since 2021.
In the U.S. alone, nearly 470,000 cybersecurity job openings were reported between May 2023 and April 2024.
On the other hand, specific traditional roles are experiencing a decline.
Job postings for Security Engineers and Security Analysts have decreased by approximately 25% from 2022 to 2024.
This decline is attributed to factors such as automation, outsourcing, and the evolving nature of cybersecurity threats.
About Me
If you're new here, I'm Day, a Cybersecurity Engineer at Amazon. With five years in cybersecurity, my experience covers Detection Engineering, Cloud Security, Incident Response, Threat Hunting, and most recently, Threat Intelligence.
Before Amazon, I worked at Datadog as a cloud threat detection engineer, where I researched cloud threats and built detections for various cloud providers and SaaS applications.
I've worked my way up from SOC analyst roles, investigating everything from endpoint threats to cloud-based abuse, so I know exactly what it takes to break into this field.
I started just like many of you—learning from scratch, asking questions, and figuring it out one step at a time. And now, I'm here to help you do the same.
If you want to stay up-to-date on the cybersecurity industry and everything technical and career-related, be sure to like and subscribe to the newsletter for more content like this.
Join a vibrant cybersecurity community of over 6,000 people who are constantly engaging in conversations and supporting one another, covering topics from cybersecurity and college to certifications, resume assistance, and various non-professional interests like fitness, finance, anime, and other exciting subjects.
The Impact of AI on Cybersecurity Roles
Now, let's dive into this issue by first understanding the impact of AI on cybersecurity operations.
Automation and Augmentation
Artificial Intelligence (AI) is revolutionizing cybersecurity operations.
AI systems are now capable of analyzing vast amounts of data, detecting anomalies, and responding to threats in real-time.
For instance, AI can process up to billions of data points daily, significantly enhancing threat detection and similar capabilities.
However, this innovation is a double-edged sword.
While it increases efficiency, it also reduces the demand for entry-level roles focused on routine cybersecurity tasks.
Conversely, there is a growing need for professionals who can architect, manage, and oversee AI-driven systems, interpret complex data, have a deep understanding of cyber threats, and make informed strategic decisions.
The Rise of Outsourcing in Cybersecurity
Globalization of Cybersecurity Services
Outsourcing has also become a significant trend in cybersecurity.
Organizations are increasingly turning to Managed Security Service Providers (MSSPs) and Security Operations Center as a Service (SOCaaS) to handle their security needs.
This shift is driven by factors such as cost-effectiveness, access to specialized expertise, and the need for 24/7 monitoring.
While outsourcing offers benefits to organizations, it also affects job opportunities for cybersecurity professionals.
There's a growing emphasis on roles that require professionals who can bridge the gap between outsourced services and organizational objectives.
Economic Factors Influencing the Cybersecurity Job Market
Budget Constraints and Strategic Investments
Economic pressures are also influencing how organizations allocate resources to cybersecurity.
While overall spending on cybersecurity continues to grow, there is a shift toward strategic investments in people, technologies, and services that offer the highest return on investment.
This includes AI-driven solutions, cloud security, and advanced threat detection systems.
Regulatory Compliance and Risk Management
Additionally, international regulatory requirements are becoming more stringent and, quite frankly, more expensive, compelling organizations to invest in compliance and risk management.
This trend is creating demand for professionals skilled in Governance, Risk, and Compliance (GRC), as well as those who can navigate complex regulatory landscapes.
In fact, there has been a substantial increase in specialized cybersecurity roles focused on data protection and user privacy, particularly in positions such as Privacy Engineering, Data Protection Officers (DPOs), and Privacy Compliance Specialists.
Across various roles, I’ve also experienced legal professionals being embedded in cybersecurity organizations, both product-focused and operationally focused.
These roles have become increasingly critical as organizations navigate complex privacy regulations and consumer data protection requirements.
What Now?
So what does all this mean for you?
You already know that AI is changing the game, but it can’t replace real-world experience.
You can’t prompt your way out of a real-world incident. You can’t ChatGPT your way through a breach when a customer’s data is at risk for a publicly traded company.
What you need is reps. What you need is judgment.
And that’s precisely why DFIR Labs, the sponsor of this issue, stood out to me.
DFIR LABS BY THE TEAM BEHIND THE DFIR REPORT
Gain hands-on access to the type of cyber chaos that no simulation can recreate: with ambiguous enterprise logs, noisy alerts, subtle lateral movement, and the tactics real attackers use when they breach your network. Based on actual intrusion cases grounded in incidents that occurred in the wild, you’ll learn to think like an analyst, not just follow a checklist, and begin to recognize attacker behavior and tradecraft in real telemetry.
Positioning yourself for success
Alright — now let’s talk about how to position yourself to win in this new cybersecurity world.
1 - Embrace Continuous Learning
If there’s one trait that separates those who thrive in cybersecurity from those who eventually stagnate, it’s an unshakable commitment to continuous learning.
Cybersecurity isn’t just dynamic, it’s also volatile.
The threat landscape doesn’t evolve year to year. It changes by the week, sometimes by the day.
New CVEs drop. New threat actors emerge. Cloud platforms update security models. AI opens doors to both powerful defense tools and new classes of adversarial abuse.
If you’re not consistently sharpening your skills, you’re falling behind.
But here’s the nuance people miss:
Continuous learning isn’t just about earning certs or reading blog posts. That’s important, yes — but it’s not enough.
You need friction. You need context. You need reps.
Because cybersecurity isn’t just a knowledge game, it’s a judgment game.
You don’t just need to know what lateral movement is. You need to recognize it when it’s buried under ten thousand other logs.
You need to know when a misconfiguration is just sloppy infrastructural negligence, and when it’s signaling malicious intent.
That’s how you build instincts. That’s how you learn to investigate under pressure, follow leads, ask better questions, and ultimately become the kind of security professional companies can’t automate away.
2 - Develop Cross-Functional Expertise
A while back, Cybersecurity used to live in a silo.
You had the network engineering people, the developers, the infrastructure teams, and somewhere in a dark corner, the security team that everyone avoided unless something went really wrong.
But in 2025, that model is dead.
Today, cybersecurity is both a business enabler and a cost center.
So if you're not thinking cross-functionally, you’re not thinking strategically.
Gone are the days when your job was monitoring logs, patching systems, or tweaking firewall rules.
That’s table stakes.
Organizations now expect security professionals to operate at the intersection of technology, business, risk, and communication.
Here’s what that means:
You need to understand how security decisions impact product development
You need to know how an exploited misconfiguration can affect customer trust and potential revenue.
You should be able to explain to an executive why an unpatched vulnerability is not just a CVSS score, but could lead to real financial liability.
And when you’re working in the cloud? Understanding DevOps, CI/CD pipelines, IaC, and cloud-native architecture isn’t a “nice to have.” It’s baseline fluency.
The best cybersecurity engineers I know and I’ve worked with aren’t just technically sharp — they’re also able to walk into a room of stakeholders from engineering, product, legal, and compliance and explain what’s at risk in plain English.
They know when to escalate, when to advise, and when to collaborate.
And let me say this clearly: Being technically brilliant but context-blind will hold you back.
You’ll get overlooked for leadership roles, for strategic projects, even for the kind of work that really moves the needle.
Cross-functional expertise doesn’t mean you have to be an expert in everything.
It means you need to build enough breadth to communicate effectively and enough depth to execute responsibly.
It’s about thinking beyond just systems and endpoints.
It’s about understanding the business and helping protect the entire value chain — from source code to customer experience.
Learn that, and you become indispensable.
3 - Cultivate Soft Skills
Let’s be real — when most people hear “soft skills,” they roll their eyes.
Especially in cybersecurity, where it’s easy to assume the only thing that matters is how technically sharp you are.
Can you reverse engineer malware? Write detections? Secure infrastructure?
That stuff matters and is important. No question. Full stop.
But here’s what a lot of early-career folks don’t realize until it’s too late:
The further you grow in cybersecurity, the more your success depends on your ability to work with people.
Not tools. Not terminals. Not tickets. People.
Soft skills — and I’m talking about honest communication, leadership, and emotional intelligence — are what separate good security engineers from the ones who actually lead initiatives, gain trust, and make strategic impact.
Here’s what cultivating soft skills actually looks like in our field:
Being able to walk into a tense post-incident review and clearly explain what happened without throwing anyone under the bus.
Communicating risk to leadership in the language they understand by translating technical findings into business impact.
Navigating cross-functional friction when the security team is seen as the “department of no” and flipping that perception by being a partner, not a blocker.
Mentoring junior engineers & analysts. Holding your team accountable. Knowing how to escalate a threat without creating panic.
These are the moments that make or break trust.
And trust is the currency of cybersecurity.
If your team doesn’t trust you, if your leadership doesn’t listen to you, if your partners tune you out, your technical brilliance won’t matter.
You’ll be ignored. Or worse, replaced.
Now here’s the part most people underestimate:
Soft skills aren’t just about external collaboration.
They’re also about internal regulation.
Can you stay calm during a high-severity incident?
Can you manage your time across competing priorities?
Can you ask for help before burnout takes over?
Can you receive feedback without getting defensive?
These are human skills.
And cybersecurity, for all the talk about code and exploits and zero-days, is a deeply human field.
We’re dealing with threat actors — humans.
We’re protecting people’s data — humans.
We’re collaborating across teams — again, humans.
So if you want to go far in this field, not just technically, but as someone others want to work with, then don’t just cultivate your knowledge.
Cultivate your character.
That’s what creates longevity. That’s what builds leadership. That’s what keeps you relevant in a space that’s changing faster than ever.
Cyberwox Resources
Resources for your career
🔹Join the Cyberwox Academy Discord!!
🔷 Check out the episodes of the Cyberstories Podcast on your favorite platform
🔹Cyberwox Cybersecurity Notion Templates for planning your career
🔹Cyberwox Best Entry-Level Cybersecurity Resume Template
🔹Learn AWS Threat Detection with my LinkedIn Learning Course
Recent Content
A few publications I’ve released recently.
My Honest Advice On Starting A Cybersecurity Career in 2025 (in less than 5 mins)
Advice from my 5 years of learning, teaching, and working in the cybersecurity industry (in less than 5 mins).
Building a DNS Server with Python - 2 (Parsing The Header)
Second installment of this series, in this case we’re parsing the header.
Detection-as-Code & CI/CD for Detection Engineering with Dennis Chow | Detection Opportunities EP 9
Detection as Code is one of the most importnat evolutions in modern security detection, and in this video, we break it down.
I first encountered this concept as a Cloud Threat Detection Engineer at Datadog. Today, I’m joined by Dennis Chow, a Detection Engineering specialist and author of Automating Security Detection Engineering (which I had the honor of technically reviewing).
Together, we explore what Detection as Code really means and walk through two hands-on CI/CD pipeline demos:
🔹 Lab 1: Building SIEM detections with synthetic AI testing using Sumo Logic
🔹 Lab 2: Policy-as-Code integration testing with Cloud Custodian on GCP.
You’ll learn how Detection as Code leverages Git, automated testing, reproducibility, collaboration, and CI/CD to make detection engineering more scalable, accountable, and reliable.
My Honest Thoughts on the Cybersecurity Job Market in 2025
The YouTube version of this post!
Closing
Once again, you made it this far :)
Feel free to reply, share your thoughts, or pass this on to someone who needs it.
Thanks for reading. If you'd like, you can subscribe and restack - it helps spread the word and encourages me to continue writing content. If not, I’ll see you around…somewhere on the internet!
Share this post