The Cyber Recruitment Market in 2025

What's going up? 

• Requirements concerning AI, software and DevSecOps will be on the rise. A recent trend that modern threat actors are targeting vulnerabilities in Software and browser extensions is encouraging IT/security teams to proactively monitor integrated third party applications, as well as in house built software/ Saas products more meticulously (shift left strategy). 
• Salaries will increase for security engineering/ SOC analyst positions (from 75K to 90K average), correlating with the growing demand for technical skills, and investment into tooling/security software. 
• We will see more roles in cyber awareness and insider threat intelligence + CTI. 2024 enlightened us to so many new ways social engineering is used by threat actors, including how deep fake is being used to attack finance teams and achieve job offers/ enrolment to help access employee systems/files. 
• DPO roles will be a popular requirement along with the growing appreciation for GDPR. On the reg side, I've noticed SOC 2 growing in demand and as a skill for GRC folk, becoming better equipped to third party engagements/ partnerships. 

Last but not least, personal skills are starting to outweigh the technical. I've had so many meetings with managers who're struggling to find talent due to bad communication/stakeholder management skills... 

Cyber security is now more or less in the top three risks in every large company's risk register, and with it arguably becoming more a "business issue" over an "IT" issue, its clear businesses are trying to embed a clear chain of command/communication to effectively combat cyber incidents. 

These were the main ones but there're plenty of others, message me direct if you want my thoughts/ observations on your particular sector in security.