In a recent U.S. Cybersecurity Job Posting Data Report, CyberSN highlights a concerning trend that could impact national security: significant declines in job postings for critical cybersecurity roles.
The report, a key indicator of the health of the cybersecurity labor market, reveals alarming drops in roles essential for maintaining organizational and national cyber defenses.
Read More: Growing Cybercrime and New Regulations Fuel CISO Burnout
Key Findings
- Overall there has been a 22% decrease in cybersecurity job postings in the U.S. from 2022 to 2023.
- Insider Threat Analysts: Job postings decreased by 62%.
- Product Security Engineers: Job postings have plummeted by 57%.
- DevSecOps: Job postings have dropped by 43%.
- Security Engineers: Despite being the most posted role with 67,456 listings, there is a 21% decrease from the previous year.
Emerging Trends and Concerns
- Response Roles: Saw the largest growth with a 100% increase in job postings, indicating a shift towards reactionary measures rather than preventative strategies.
- Research Roles: Experienced the most significant decline at 69%, suggesting a move away from proactive threat analysis and mitigation.
Read More: Global Tensions Fuel Cyber Threats to Critical Infrastructure
On Record
In a recent quote, Deidre Diamond, Founder & CEO of CyberSN, emphasized the national security implications: “The sharp decline in job postings for Product Security Engineers and DevSecOps in particular represents a direct threat to our national cybersecurity infrastructure. These roles are vital for developing secure products and integrating security throughout the development process, and their reduction is alarming.”
Dom Glavach, Chief Security & Technology Officer at CyberSN, added, “The job posting information highlights the broader economic pressures and regulatory changes shifting strategic priorities creating potential and inadvertent cyber resilience debt for companies. The fluctuations in open positions suggest organizations are focusing more on the immediate threat response and high-level security strategy to accomplish regulatory compliance.”