According to the data collected by CyberSeek, there are over seven hundred thousand open cybersecurity roles in the US.
Kevin Bordlemay, senior manager of talent acquisition at Mandiant, said there is a talent gap in the United States. There isn't enough talent to do the roles that are out there.
Information security analysts are the biggest job in the cybersecurity industry.
There was an annual talent gap of over 30,000 information security analysts.
According to Payscale, analysts can earn a base salary of $82,358 in the US, but they can make more than that. According to publicly disclosed foreign labor data, two of the highest paid analysts made more than $170,000.
Insider reported that there are at least seven categories for cyber jobs. The average base salaries for ethical hacker, information security engineer, and network security architect were over the six-figure mark.
It can be difficult to land one of these high paying technical roles.
If you want to get past the screening stage, you should highlight your unusual experiences and skills in your résumé.
Most candidates want a human to look at their résumé. Artificial intelligence is being used to screen candidates.
Bordlemay said a lot of times a machine is looking at a résumé. Large companies have technology to look at.
The format and content of the first stage are important. Making a résumé easy to read is what Bordlemay recommended.
Recruiters look at a resume within 20 seconds once it gets past that machine.
Bordlemay said to put your most significant achievement at the top of your resume. Something that other people have not done is what I want to capture my attention with. Nothing else on there will matter if you don't.
The founder of Bugcrowd suggested that candidates use the start of their resume to show their overall approach to work.
The hands-on experience is the most important thing in cyberspace.
He likes candidates who are creative with their knowledge.
He said that a lot of times you have to be creative or even design your own tool to be effective because threats aren't going to fall in a specific bucket. The attackers know what they're getting into.
It doesn't have to be an internship or a full time job.
It is what candidates have done outside of the classroom that is important, according to Bordlemay.
Candidates tend to leave out things like having a home lab, working on independent projects, and playing with tools to build infrastructure, according to him.
Ellis says that being involved in projects is important. Organizations are looking for contributions to open source projects. Even if people have never worked in the space before, they can still participate. They'll look at the repository.
Bordlemay said that if you mention running a club or being in charge of a project you can show off softer skills.
Dylan Buckley, co-founding the job site DirectlyApply, said that cyber security is as much about human interaction as it is about technical ability.
Interpersonal skills are vital to stopping hacker attacks because they try to exploit human users rather than overcome a company's security.