Cybersecurity professionals remain in high demand as the Australian market continues to struggle with talent shortages. In a recent whitepaper Talent has released, the salaries, skills and experience needed to keep our businesses safe is severely lacking.

The whitepaper features salaries, skills needed, challenges currently being faced and trends and predictions for key cybersecurity positions in 2023. It also features insights from Talent’s Account Management team, as well as anonymous insights from cybersecurity professionals across ANZ and the US.

Key findings include:

• There’s significant demand for cybersecurity talent due to recent high-profile cyber incidents
• There’s a shortage of qualified and/or skilled cybersecurity talent – Research has revealed that 60% of global IT and cybersecurity leaders struggle to hire qualified cybersecurity candidates
• Seniors and specialists are in high demand – A Head of Digital at a retail client notes that they are seeking to hire “Cyber Architect and Cyber Consultant professionals who possess technical depth and are able to consult and talk business risk to the internal stakeholder. These are quite senior roles which I see are in short supply within the market”.
• Salary expectations from candidates are high, even if they don’t necessarily have the experience or qualifications to command these higher salaries

Skills in highest demand are:

• Cloud computing security
• Offensive security
• Security operations
• Artificial intelligence

Predictions for 2024 and beyond:

• Regulation will increase
• AI will present new risks
• Digital fraud will rise
• Employee training will be a priority

Insights from the anonymous cybersecurity professionals include:

• “If I’m hiring tomorrow, it’ll be a junior / mid-level person with a couple years of technical experience with the right attitude and mindset. Good generalists are hard to come by.”
• “Currently I lead a team of level 1 and 2 security analysts and over the past 6-9 months I’ve had to hire. Given what we do, we tend to look for entry to mid-level experience to fill these roles, and cost is a big factor. What I’ve found is that those entering the market with little to no experience (or at least relevant experience) are commanding more in terms of salary. This is putting pressure on the profitability and competitiveness of the services we deliver.”
• “A great communicator will achieve more than a brilliant tech in some cyber roles.”

Insights from the Talent and Avec team include:

Michael Megally, Avec General Manager, “Cybersecurity can’t all be left up to your IT team. You can build the biggest cyber defence in the background, but your people are your biggest vulnerability. Training your people is the biggest defence you can have for cybersecurity.”

According to our Sydney cybersecurity recruitment expert, Elliott Howard, large consultancy firms and banks rolling out cyber graduate programs to grow internal teams has had a strong impact on salary expectations. “While these programs have had a positive impact in increasing the pool of cyber candidates in the market, they have also resulted in candidates with only a couple years of industry experience asking for very high salaries which does not correlate to their experience. However, strong competition for cyber resources has meant that these less experienced candidates are able to attract the higher salaries and rates, resulting in enterprise sized companies with large cyber teams and strict salary bandings struggling to match these salaries. They have therefore been unable to attract candidates, resulting in vacancies and extended periods of time to recruit.”

You can download a copy of the report here.