How did you start your day today? Was it turning off the alarm on your phone, then quickly scanning for any messages you received since last night? Did you check a weather app to see if you needed to take an umbrella? Did you use GPS to avoid traffic as you drove to work?
If you’re like many people, you’ve gone online before even having your first cup of coffee. With much of our lives now uploaded to apps, certain tasks are made easier — but this has also exposed us to new levels of risk. And companies know there’s a lot to lose if security isn’t airtight: A recent survey of leaders at the World Economic Forum in Davos shows cybersecurity is the number-one concern of U.S. CEOs.
So who will protect us from the breaches that continually make the news? Cybersecurity professionals — tech experts who attempt to secure systems and thwart threats. To learn more about employer demand, salaries and job-seeker interest for these important roles, we analyzed global Indeed data on cybersecurity jobs from 2017 to 2018.
The good news for job seekers is that if you have the skills to succeed, there’s a huge demand for cybersecurity roles. Employers, on the other hand, may struggle to fill them.
Need for cybersecurity professionals is growing
To gauge employer demand, we looked at the number of cybersecurity job postings on Indeed in 2018, looking first at U.S. listings. After barely noticeable growth from 2016 to 2017 (0.28%), demand for cybersecurity roles jumped between 2017 and 2018, increasing by over 7%. The company with the highest number of U.S. job postings in 2018 was Catapult Consultant, which focuses on business analytics and information systems, followed closely behind by Wells Fargo, the banking giant.
This boom in demand in 2018 came after a number of massive cyber-incidents across the globe in 2017, including disruptions at power companies, airports and the central bank in Ukraine; the temporary shutdown of the National Health Service in the U.K.; and the publication of nearly 9,000 stolen CIA documents by Wikileaks.
Looking at data for countries outside the U.S., we see even larger jumps in available cybersecurity jobs from 2017 to 2018. For example, job postings in India are up 39% from 2017. The highest number of cybersecurity job postings in India in 2018 come from consulting, services and IT company Wipro.
Another country with a significant uptick in cybersecurity jobs is Ireland, with an 18% bump. This may be due to the fact that over 1,000 multinational companies have offices in Ireland, largely drawn to the country by its low corporate tax rate and business-friendly regulation. These include Facebook, Apple and Amazon, the last of which commands the highest number of Irish cybersecurity job postings for 2018.
Job seeker interest is dropping
To gauge the interest of potential applicants, we analyzed which global cybersecurity job postings garnered the highest numbers of clicks on Indeed. Here we saw that candidates in the U.S. are not matching the enthusiasm of employers: From 2017 to 2018, clicks on U.S. listings actually decreased by 1.3%.
The cybersecurity field has faced problems attracting women and millennials. According to Wesley Simpson of the International Information System Security Certification Consortium (ISC),² this is partially because there isn’t much publicity surrounding the field as a potential career.
Another problem? The postings themselves. Simpson says cybersecurity job listings often use confusing and inconsistent language across similar roles and ask for specific programming experience or bachelor’s degrees — neither of which should be required since most necessary skills can be taught on the job. So be sure to only include necessary requirements and clarify that training is available for a role if there is capacity to offer it.
There are countries, however, where job seekers are showing more interest. For example, data for 2018 reveals an 18% increase in clicks in Israel; a 13% bump in the Netherlands; and an 11% jump in Australia, as compared to the previous year’s data.
The graph shows the change in job postings and the change in job seeker interest in cybersecurity roles from 2017 and 2018. For some countries, like Australia, cybersecurity job postings and job seeker interest increased at a similar rate. For other countries, like India, the increase in cybersecurity job postings has outpaced the slight increase in interest from job seekers. Finally, in some countries like Israel, job-seeker interest increased, while the number of postings decreased.
Senior-level and engineering roles command highest salaries
Next, we analyzed job posting salary data to determine the 10 highest-paid job titles in cybersecurity. These roles boast healthy paychecks, even within the already lucrative field of tech: Almost all of the top 10 pay more than $100,000 annually.
In the U.S., the highest-paid cybersecurity position is application security engineer, with an average salary of $128,128. These engineers — who review and test the security of code in apps — also made our list of 2018’s hottest cybersecurity roles. Given that the average smartphone user has 80 apps on their phone, this role will likely remain in high demand.
Following closely behind is director of information security, earning an average of $127,855 per year. People in this position have a lot of responsibility — they work on the development, implementation and operation of information security systems at a company-wide level.
Another interesting role on the list is cloud engineer (ranking fourth, with an average salary of $126,365). These workers help secure cloud-storage platforms for individuals and businesses. With 84% of enterprises using multiple cloud platforms for computing and storage, they need all the help they can get keeping data safe.
Penetrations testers (average salary of $114,431) — also known as “ethical hackers” — come in sixth place. They are a logical addition to this list, given the constant threat of security crises; people in this role test vulnerabilities in network security systems as if they were attempting a breach.
Many prospective candidates stumble across cybersecurity roles
To give employers a little more information, we wanted to dig into how job seekers are finding the positions they end up clicking on. Using Indeed data, we looked at which search terms snagged the highest numbers of clicks for cybersecurity jobs in the U.S.
Interestingly, many of these jobs are not directly related to cybersecurity. In fact, the fifth-most click-inducing search term is “full-time” — which could apply to almost any position.
The search term that yields the highest number of clicks is “information technology,” which is relevant to the field. And number two is “Amazon” — a major hirer for cybersecurity jobs — scores its own place as a top term, though this doesn’t say much about the type of work the searchers are looking for. Number three is the somewhat general “engineer.”
How employers can attract talent
Interestingly, there were other searches not directly related to cybersecurity that led to a high number of clicks on cybersecurity jobs, such as “security,” “full-time,” “entry level” and “government.” This indicates that there are many curious job seekers out there, which is great news — these prospective candidates could be recruited into this high-demand field, so employers should consider a broad targeting approach.
As our digital footprints grow and the security of our data becomes increasingly vital, demand for cybersecurity jobs will no doubt continue to rise. We’ll keep our eyes on the trends in this crucial field and continue to support employers who need to fill these roles.