If Cybersecurity is so in demand, why is it hard to find a job?

Want to cut through the Bullsh*t and learn the serious skills for cyber? Start with the Free Masterclass here: upskilltocyber.com

Unemployment is an odd concept in an economy where for so many folks it’s necessary to work multiple jobs just to get by. Loose one and you’re counted as employed but suddenly don’t have enough money to live.

I was a system admin for 10 years, and was willing to take a step back financially and live in a state most were unwilling to live in, so I could transition into cyber security. Once I had a year on the job, I accepted offers for better pay and full-time remote work. I've had three different cyber jobs in five years.

The best way to find a job in Cybersecurity is not trying to get a Cybersecurity job. Pretty much all the people who are in Cybersecurity just fell into it by chance and didn't really set out to get a job in it.

I went helpdesk->desktop support->network admin->combo roll(of the former)->security analyst. By the time I made the switch I was an mcse and ccna plus a couple entry level security certs. What motivated me was working with the security team on projects (and a family to feed). Eventually 3-4 of us went down and took the CISSP together. Horrible test, lol. GL to those making the journey.

I’m not in cybersecurity but employers literally expect years of experience immediately after we graduate. Like damn give me a chance

Great video and tips, especially the resume breakdown. Personally, I completed a cyber security program, acquired my Security+ and accepted a IT help desk role with an MSSP. A few months later, my team decided they needed a Risk & Compliance person and I had previous experience in documentation & audits and here I am-I kept advocating for myself and always showed up and my manager took notice.

I abandoned trying to get a job in this field because too many games are played. I don't have time for this and I have bills to pay.

I will never do help desk, that’s like working fast food but for tech

The best bet is a gov/military contractor as a first job, such as Honeywell, Lockheed, Boeing, Northrop Grumman or Battelle Labs. They usually scoop up fresh souls out of college or technical training. They also pay well & for some, they have postings overseas in line with the military’s mission I know plenty of folks that went overseas & never came back🤷‍♂️ one old co-worker had been in Japan for 30 years another had & raised all 5 of their children in Italy, so there’s definitely opportunities to be had out there. I had the same problem when I was a new engineering grad, I’ve since transitioned over to computer science however, what I’ve noticed across the board, the two categories of job opportunities that are in demand are some kind of field involving computers/networking/security or medicine that’s pretty much what the market has come down to.

Best way to get a cyber security job. Is get any IT job. Once you get a job spend a few years emphasizing security tasked. Then put those first on a resume. Thats what i did. Worked twice.

Honestly, timing and who you know is what gets you in. And what you know will keep you there. The reality of the situation, is that cybersecurity has blown up over the years, because it was easily enticing to people who wanted 6 figure salaries and there being this over advertised need for over “3 million+ cyber roles” (most being mid-senior level). Now, you have people with only A+ and network+ certs to their name flooding the application market. If you got in prior to COVID, it was easier to get your foot in the door

This is a great video. I totally agree about the SOC Analyst saturation 😂🎉

It makes no sense how a college education wouldn't prepare you for your chosen career. Especially considering the price tag some of the degrees carry.

Great video, Nicole! I found your suggestions very very helpful and applicable for MANY jobs a career changer is trying to land. I especially appreciated your resume comparison point. I will be sure to focus on what I contributed or notable things I did rather than just listing the basic tasks of the job. I never thought about how the resume itself can make someone appear like a beginner!

We are not in this field at all (and not looking to get into it) but I was curious, so I clicked on it. I remember hearing that it is very difficult for some people to find their first job. Good video! You really break it down.

Btw, started as a cable guy, moved into the data center, did a bit of everything there. I now work two remote jobs doing SRE/DevOps with TC about $500k, and I have no degree.

This is great info. But than again, the key here is : Experience. Chances are, people entering the field or having 1 year of SOC are not going to be considered for Security Engineering position. Im in a SOC and am facing this issue. I’m plagued with mass of notables that are all the same false positives. And it’s easy to get stuck in this position unless you stay learning and upping your skill set. Cloud security is huge and what I’m trying to push for.

“You only need enough knowledge to solve the problem”. Droppin’ gems!! 💎 it’s a critique that’s so succinct a majority of influencers and gurus overlook this. In my journey that’s what I’m finding.
Recruiters and interviewers want to know how your approach a real life scenario and how much security chaos you’ve encountered, via masochiststic VMware vulnerability lab or irl scenario. The more exposure you have the more you can share in the interviews.

The resume part is a great point. Tailor your resume to showcase what you've done vs where you want to be, show that growth. Even better get those specialized skills, Cloud Security, AppSec, and GRC are great examples.

This is hands down the best entry cybersecurity advice! Thank you. I've been self-employed for 25 years as a computer repair and home networking expert. 3 months ago I decided to go for cybersecurity. I thought it was going to be easy for me to get into CS. It's been 3 months of rejection. Aiming for a CS higher skill makes sense. Thank you

I’m glad real influencers and people are telling ppl hey you need to slow down. Bc no way you have no experience trying to break in. You will need to build the skills. Your also decreasing the salaries too. GREAT INFOOO

SHE WAS SPITTIN THE WHOlE TIME!!!!! This is the most practical advice I've ever gotten!

Glad you put this out there. YOu are doing quite well for your age. I am season IT/Cyber pro focused on GRC now but rarely got contacted by recruiters unless they are Indian and for jobs that I would never do lol. Thanks!

I love that you point this out. I genuinely think that individuals who are trying to get into this field NEEDS to do an analysis on this broad field and directly look at what everyone is doing then, reverse engineer their approach and I know it will work. Because that is what I did/doing and it’s working!
Everyone is doing this one thing and not knowing that’s why it’s hard to stand out! Don’t reinvent the wheel but be unique and “think”

I think it should be noted the seniority levels listed on A LOT of openings posted on linkedin are often incorrect. It’s not just within cybersecurity, it’s across also fields.
Just because it’s posted as entry level doesn’t mean it is.

Got manufacturing experience? Study the Purdue Model along with your cybersec journey. Then branch into the expanding OT Security field. Yes OT (Operational Technology). Lots of growing demand, barely any applicants, there is no degree program for it.

Cyber security manager here: This is all completely correct. You want to work as a T1 SoC at my company? Move to Poland because that's were we have out sourced it. Red team? Don't even bother applying. We want 5-7 years experience in a related field for a entry level position. Software development experience is ALWAYS a plus. Cloud architecture and engineering is HOT right now. If you have non security experience in software development on the cloud you can come in any time you want.
Know what your going for and be qualified for that specific job. I moved from general software development into security software development, by writing automated scans for cloud deployments that ensured that the cloud object were configured to our security guide lines. This my first job was not even really security related it was just writing software (What I was doing before) for the security people.

I worked in identity access management as a contractor for 12 years.Any cybersecurity positon especially senior positions pays good but very demanding.After a while,I stepped down cause as you get older and this is just me, wanted something more relaxed and not that huge stress on my shoulders. Yes there's a lot of demand cause there's a lot of people applying for the positions. So if you have a couple of certs in your chosen field it'll give you a boost against other people.

For someone like myself just starting in getting my Cybersecurity certs, this information in incredibly valuable

Wow the similarity i went through for cloud solutions architect is crazy. I think your advice can apply to more than just cyber security especially about learning at the time of need.

Employers want skilled workers at unskilled worker pay.
It's really that simple.

thank you very much i look forward to studying all your content. Very informative and helpful.

I got in through an internship with my college. Luckily it was working for a defense program which got me a security clearance. Then I did the tier one analyst thing. Poor pay and grueling hours but you will get many offers after you get that valuable experience

Fastest and most efficient way is doing some type of military reserve (Air Force, Army, doesnt matter) in a networking or cyber role. You'll get training, a Top Sceret clearance, and a MUCH easier path to work cybersecurity in the civilian world. You'll only drill 2-4 days a month. Thats nothing. Yet everybody is so scared of military service. Well if you want in the field as badly as you say, this path is almost a guarantee.

Cybersecurity IS so in demand...BUT only to experienced people. Cybersecurity is not noob / entry level friendly. build some skills from help desk or support and then you can get into the field, but if you have no idea how to configure a siem, no idea what owasp top 10 is, and zero idea in how to use linux, you may want to start entry level in help desk or support first.

Good Job girl, that is golden advice and very practical approach.

It’s probably because of 2020-2021, “Dude, bro, six figs in cyber security. No experience bruh. Buy my course dude, bro.”
Then there being examples of someone who worked at Mcdonald's making 15.00$ an hour now making six figs. Gotta love it.
I am a little salty because of all the dumb help desk jobs I had to do to get where I am now.

I am so happy that I ran across this video. Thank you

My problem is imposter syndrome, but not for IT, rather Cybersecurity. I have a Bachelors, and will be pursuing a Masters in a few months (both tech degrees). The CompTIA trifecta, AWS CCP, Project+, and will be getting CCNA eventually. I have about a year of IT experience and the more I study Cybersecurity, the more I realize how difficult it actually is in comparison in terms of knowledge.

Absolute gold. Thank you.

Great video, im in application security and I wanted to focus on the fun stuff but app security is an easy door in. I also got my CSSLP

Agreed with you of how job searching can be difficult and soul crushing, when you look at what’s been going on in America’s job market, all they do is require as much experience as possible along with all the other ludicrous requirements (applies to entry level jobs too regardless of where you come from) you apply for those jobs and you end up being ghosted because it’s really the HR people who are using AI to filter out all the candidates who are unqualified for this role and the only way you can get yourself through the door is by critiquing your resume in a way to trick their AI into thinking that you seem like a qualified candidate. How are you suppose to get the experience just for an “ entry level job” that probably pays you way less and provides no training which defeats the purpose of posting a job position on the company’s website in the first place. People are complaining about this all over Reddit and it’s only gonna get worse in the coming years.

There is no entry cybersecurity job. You start your cybersecurity career on the back of 5+ years experience actually doing something.

I saw this video on my Google feed on my pixel phone. Thanks for the video!

1. Because most of the in demand jobs you hear about are government jobs which require certain specifications to be considered for (clearance, sec+, etc.)
2. Outside of the government, its a combination of delusional HR managers and disgustingly bad startups that can't afford to hire but want their current employees to move Mount Rushmore.
3. Most applicants want money and what is trendy and don't actually know anything about the IT field, let alone the cybersecurity field.
4. We have the "Biden Special" job market right now
TLDR : It's a shithole from every angle imaginable x)

Thank you for your service, mam.

That was an excellent run down. Great perspectives and analysis on the current conditions.. Awesome advice. Loved it

One big piece of critique: How do you get an entry level position without having entry level roles already on ur resume? It seems you had several IT roles so sayings “this resume with over 10 years of experience” got me a role that asked for 10 years of exp

My previous role lasted 6 months because I was fired and it was an entry level role. Can’t quantify a resume with that little experience and at a junior position.

I find it funny for most IT jobs asking 3 to 5 years of experience for entry level jobs, the idea for entry level is to help you get into the field.

Yeah, I've been asking the same damn question. I've graduated from college 2 years ago and I can't even land a job. They keep asking me do you HAVE EXPERIENCE DO YOU HAVE CERTIFICATION.
Which I had to sign up for a bootcamp hoping it will help me land a job. Because I don't want to go back to Restaurant or breaking my back.

This is one of the better videos on TH-cam. Asking the right questions.

Informative video. Question: Do you have 130 live cicadas in your living room? There is a crazy amount of buzzing feedback. If that's intentionally added ambient noise - I wouldn't do it again. If it's a pest control issue, I would get on that! If it's a microphone issue, easy fix.

So in otherwords the field is pretty much in a narrowing period unless you hyperspecialize, and just pray that fine-tuned gpt4.5 doesn't excise you out of the loop if you aren't a senior level worker. Gotcha. I will continue to try, but alas this just tells me the entire field is about to contract down to an increasingly smaller number of specialist and 'growth' is tied less to labor demand, and more to the element of security-productivity that's increasingly detached from team size volume. At this point, I feel one might as well just pursue software dev with netsec and cyber-opsec specialization. Cause this is what it feels like :/

The university where I taught until recently eliminated computer security courses. There was almost no student demand, and even the recruiters that wanted my students have closed up shop. This is not in Podunk; it’s in Albuquerque, NM, which is packed with government and private tech firms. This field is not what it seems.

Update: Application security applications have shot through the roof since this video.

Its all about networking and relationships. I completed a cyber security program and more than half of the ppl in the program had a job with in a month

She is right. Nowadays, "security" is baked into every imaginable IT domain out there. You can get high paying gigs if you venture into lesser known and less popular jobs like Public Key Infrastructure, software deployment, and the like

Great video, lots of good information about how to prevent going the wrong way

Thanks .."Scenario base Experience"..." solve problems n confidence"..

The STEM field being in demand was overhype…thats why I got into nursing

I have a question do your upskill program target towards your knowledge and skill set ?

Appreciate the honest take!

Because there are 50 people applying for one job

Because any company with a robust SOC team wants folks with ridiculous amounts of experience, knowledge, certifications, education and so on for entry level positions for the cheapest price possible. You want to be a network forensic investigator? Best have 10 years of experience minimum a masters degree, and about a dozen certs. Same for incidence response, pen testing, risk management and so on. Nobody has spots or wants someone with that 1-3 years and Sec+. Oh, and you better be able to write in C+, Java, Python at a minimum too and be an expert in SEIM tools of flavors and be willing to work for less than 50k.

I've been working in Cybersecurity for close to 5 years and it's difficult to find a job due to niche openings that open and also remote work made it in demand 100 times over.

The economy is tank for over 6 years now, college graduates are working high school degree level jobs now, America cannot keep up with professional jobs growth and companies are still shipping jobs overseas.

I just want to state this as well. Tier 1 SOC analyst is as basic and as entry level as it gets. Thus, applicants with just an IT/cyber cert are going to apply for that position. Thus, the application pool is going to be bigger in that regards due to the low minimum requirements.

Great video. Metaphorically, If a doctor is the guru in the medical field. What specialty or advanced position would be considered the doctor/guru of cybersecurity? Thanks again!

Such a useful video! Thank you very much!

The thumbnail is fake and meta never posted that tweet.

Thank you very much for this enriching message. I don't have a degree in IT but am currently taking the CCNA training in addition to the Ethical Hacking and penetration testing certification. would you please advise me if I will need to take a degree in IT or am on a good footing to land my first job in the middle east.

Ugh i decide my major today and ive been stuck between CyberSec and Cloud. I still want to take the AWS junior cert and eventually work up to architect. Does that help as an add on to a cybersec role? Im looking at internships in addition to what id do to compliment my degree, but most are SE, CS, and Cloud...rarely cyber. 😢

Excellent video! I'm not the least bit skilled or interested in cybersecurity (my password for everything is "password123" and I'm dumb enough to say so in YT comments) but you make many excellent points that apply to many other areas. Change a few words and you could have several more videos, cha-ching!! That idea about changing location in Linkedin is especially interesting. I might try that!

Thank you for the video! I’ve been facing the challenge of having a degree in cybersecurity and certifications but minimal experience. It’s both frustrating and exhausting trying to find a position.

Ive always been under the impression cyber is something you reach after a lot of IT experience. How tf am i supposed to know about all the niche and complex vulnerabilities when ive never worked with the equipment and/or software before.

Cyber security is not an entry level role. It’s an end of career role. You have to understand that cyber security means knowing what your policies and configurations will do from experience. My school taught me how to lock down a network but it didn’t teach how not to disrupt the workplace

great advice ! thanks for this

Not to be a downer here but, it's already a matter of time until AI begins to take away some of these cyber security jobs. This is why I already gave up in pursuing a cyber security career.

I love seeing women who use their mind to add value instead of using their b:ody to make money. Much respect.

Most companies I have encountered, like Boeing, want the person to intern for the position first. Then, if they like you, they will offer you the job. But it is hard to get that internship. One must already have a Secret clearance; a Sec+ Degree is unnecessary but helps. But I feel the struggle CS is on demand, but no one is hiring qualified people either; I have a BS in Cyber, Hold Sec+, Cya, CASP, I have a working knowledge of SolarWinds, Wireshark, Nmap, Kali Linux, and Burpe mostly through school, and as a hobbit, but I cannot get into a Junior SOC role, Junior Analyst role, or even a base ISSO role.

Great info, thanks.

Do you have a video about all the different sub types of jobs that make up cyber security ? Thank you.
Also, I’d love to hire you for a small task securing me.

Partially true. Take everything you hear on this channel with a grain of salt

For the past year I’ve been trying to transfer into GRC. I thought it would be a fairly easy transition since I’m coming from banking compliance, and I live in Philadelphia. I haven’t had any interest. I do have my google Cybersecurity cert., but that doesn’t mean anything apparently. I also have about 20 certificates of completion from Udemy and Coursea in various cyber security related courses (Splunk, NIST, Kali Linux , MITRE ATT&CK,etc.)and am now trying to get into cyber threat…no interest from those jobs there either. I have a friend who has 3 full time cyber threat jobs. I was going to pursue Sec plus, but I don’t think it will be worth it. I’m going to try one more round of resume submissions. If I don’t get any responses this time, I’m going to pursue another field. At this point I feel like I’ve wasted a lot of time and money.

Hey hun, what do u think about the CKA then CKS Certified Kubernetes Security specialist!
What about container security in general?!

REAL GOOD INFORMATION IN THIS VIDEO.

Good video. If someone gave me a chance to work for them, then I can get the experience. I won’t stop trying.

Hello, I'm new to your channel and just have to say I agree, but one small thing everyone is missing. You can get any job you want - as long as your in student debt. Being in student debt allows the employer to utilize new grads in a fashion that would seem cruel to most. But they are new to the workforce and therefor have no idea how much they get over overworked. Corporations don't hire people based on there resumes anymore they want to see you in debt. - Thats just how the real world operates now.

You sparked an idea in my head, thank you.

you bring up a few good points but the real reasons. it's harder to get mostly any job, is that most bosses look for referrals, aka the underground job search. By the time the job is posted. they have already checked out who they really want. Posting is just fulfilling. legal requirements. The other is a lot of companies rather hire a foreign cheeper worker or just outsource in general to beat the costs (at least short term). Lastly thanks to job boards companies can get thousands of. responses, even with AI it's still impossible. to find the good ones, your really fighting random odds not just odds.

Definitely aiming lower for the time being. Obviously, I’m still going to apply for entry level Security jobs if I can find them, but I’m going to aim for entry level IT support positions for the time being. If it’s experience that I lack, then it has to be experience that I get one way or another. The hard part will be just not getting stuck there.

as a current job seeker, I don't care what you do, or how specialized. Buckle up because that recession we printed ourselves out of has emerging ramifications.

gracias por el video. en realidad tienes razon. aqui en LATAM, aplciar a un trabajo no es facil, mayormente, SI O SI, necesitas de un tilulo universitario o un carrera de 3 años. ademas tener certificaciones. tanto para grandes como pequeñas empresas. Ahora puedo observar gracias a tu video que las necesidades de las empresas son distintas a lo que nos venden las academias. saludos

Hello Nicole! Thanks so much for your video. I saw that you have a Master's in Cybersecurity from Wgu. I have a Biology bachelor's degree. I just left my mortgage job. I applied to the wgu bachelors in cybersecurity last week and going through the process. I am very interested in a career in Cybersecurity. I want to get a degree too in addition to the certifications, experience and projects before I apply to jobs. I have watched many of your videos and also have an idea of the certs I need and the need from some experience before I apply to Cybersecurity jobs.
Anyway, my question is would it be wise or possible to go straight to the cyber security Masters Program from Wgu or should I start first with the bachelor's in Cybersecurity even though I have a Biology bachelor's?
Also, how can I get coaching from you?

In an OECD economy, there's no such thing as a labor shortage, just picky employers.

I was gonna start with customer success, helpdesk or worse sdr sales just to get my foot in and then get proper ux design training and pursue that. Is this a good game plan?

It is damn near impossible to get anything.

TACLANE: An encryption device I used in the ARMY during my time there as a 25 November soldier.