Cybersecurity job postings plummet in the US, alarming trend rises

April 21, 2024
1 min read




Alarming Decline in Cybersecurity Job Postings in the US

TL;DR

  • Cybersecurity job postings in the US decreased by 22% from 2022 to 2023
  • Research roles saw a 69% drop, while response roles had a 100% increase

A new study by CyberSN has revealed an alarming decline in cybersecurity job postings in the US, with an overall decrease of 22% from 2022 to 2023. This decline is particularly concerning as some of these roles are essential for maintaining organizational and national cyber defenses. The most significant drop was seen in research roles, which decreased by 69% year-on-year, indicating a potential shift away from proactive threat analysis and mitigation. Additionally, engineer roles, including security engineer and product security engineer, also experienced significant declines, raising concerns about the development of secure products and integration of security in the development process.

However, not all cyber roles are in decline, as response roles saw a 100% increase in job postings. This shift towards reactionary measures rather than preventative strategies could be attributed to broader economic pressures and regulatory changes that are shifting strategic priorities. The findings from the study highlight a potential cyber resilience debt for companies, as organizations focus more on immediate threat response and high-level security strategy to meet regulatory compliance requirements.

In a related study by the cybersecurity association ISC2, it was found that the global cybersecurity workforce gap had reached four million people, representing a 12.6% increase compared to 2022. The CyberSN report analyzed over 140,000 monthly cybersecurity job postings across 45 functional roles, providing insights into the evolving landscape of cybersecurity job opportunities in the US.


Latest from Blog

EU push for unified incident report rules

TLDR: The Federation of European Risk Management Associations (FERMA) is urging the EU to harmonize cyber incident reporting requirements ahead of new legislation. Upcoming legislation such as the NIS2 Directive, DORA, and