The Future of Cybersecurity Recruiting: Lessons on What Employers Want and What Students Need

The cybersecurity industry is facing a challenge to find qualified candidates. Here’s what recruiters, educators, and employers can do to fill the talent gap.

In today's cybersecurity space, there is a knowledge gap, with numerous cybersecurity positions going unfilled. As demand increases and talent lags, cybersecurity educators, recruiters, and employers alike are looking for more actionable solutions to collaborate and link talent to jobs. While the worker shortage continues to grow amid new demands, here is what organizations and educators alike need to understand to adapt and bridge the gap in the future.

Challenges in the Current Cybersecurity Job Landscape

It feels incredible to work for an organization focused on solving a problem you deeply understand.

Currently, there is an industrywide challenge to find qualified employees, as recognized by the Bureau of Labor and Statistics, which states a 37% projected growth rate of cybersecurity positions by 2030. Potential new hires are taking notice, as positions listed on job-posting sites, such as LinkedIn and Monster.com, continue to climb.

At the federal level, the government is treading water, at best, as they meet talent needs. Notably, the United States Army plans to double its active-duty cyber forces in size, to employ 6,000 active-duty military personnel by the end of this decade, drawing from all branches. At the state and local level, many parts of government are struggling to attract enough cybersecurity professionals. Meanwhile, bad actors continue to target organizations such as hospitals, government offices, public schools, law offices, and other entities to go after low-hanging fruit with ransomware attacks. Such attacks have recently spiked, and, as of last year, almost 60% of these organizations were attacked. In the private sector, geographic areas with relatively new tech hubs are struggling to find on-site talent, as many graduates are drawn to more established cities for the industry.

Recruiters Aim for Higher Compensation and Better Incentives to Attract Talent

Across the field, employers and recruiters are trying a variety of techniques to recruit cybersecurity professionals. In the private sector, many are luring new talent with the promise of bonus sign-on compensation and salary growth potential. Recruiters in the public sector, on the other hand, emphasize job security that comes with a government role. Recently, however, the public sector has allocated more funding with plans to expand the US Cyber Command, creating more competitive salaries. In June, the Pentagon received $11.2 billion in funding for cyber for 2023 — jumping nearly $1 billion from the year prior. Increased funding will translate into increased compensation, making beginner federal positions very competitive compared with the private sector.

While public sector salaries climb at entry level, recruiters are still challenged to find candidates who can pass the extensive background checks and adhere to rigorous work and behavior standards required by the government and military. Private sector recruiters, by contrast, emphasize flexibility in the workplace to sway potential candidates — as many tech workplaces are celebrated for disrupting corporate social norms. To this end, the private sector is becoming more amenable to options such as remote work and flex scheduling, which is particularly important in geographic regions where there is a dearth of cybersecurity candidates.