Security & Cybersecurity jobs

32 open security & cybersecurity roles aggregated daily from multiple job boards.

32 matches

  • Cybersecurity Assessment and Authorization Subject Matter Expert (SME) w/Top Sec

    TekSynap

    CybersecurityInformation-TechnologyDoD-CybersecurityUnited StatesremoteHimalayas

    Responsibilities & Qualifications We are seeking a Cybersecurity Assessment and Authorization Subject Matter Expert (SME) to join our Defense Logistics Agency team. REQUIRED QUALIFICATIONS Experience 5+ years of relevant experience supporting Risk Management Framework (RMF) and NIST Assessment and Authorization (A&A) processes. Experience supporting DoD cybersecurity programs and authorization processes. Experience assessing security controls and conducting authorization reviews f

    Apply →Sign up to save jobs

  • Cybersecurity – Information Systems Security Manager (ISSM) - Clearance Required

    name

    CyberInformation-Systems-Security-ManagerInformation-Security-ManagerUnited StatesremoteHimalayas

    Overview We’re looking for an Information Systems Security Manager (ISSM) to lead the authorization and continuous compliance of LIGER, an enterprise AI platform for our DHS customer. You’ll own the security management posture for the platform: developing and maintaining the authorization package, driving the Risk Management Framework (RMF) lifecycle, and serving as LIGER’s primary security management interface to cyber leadership. This position requires a CBP Background Investigation; U.S.

    Apply →Sign up to save jobs

  • Information Technology Security, Advisor

    Peraton

    Information-System-Security-Officer-(ISSO)CybersecurityFederal-IT-SecurityUnited Statesremote$104K–$166K USDHimalayas

    Responsibilities Peraton is seeking an Information System Security Officer (ISSO) to join our team of qualified, diverse professionals supporting the Health State and Local Sector. The ideal candidate will oversee all activities related to system security authorization, compliance, and continuous monitoring for a complex federal environment. The ISSO will play a critical role in ensuring secure, compliant, and resilient systems across both legacy integrations and modern cloud-based platforms,

    Apply →Sign up to save jobs

  • Azure Solutions and Security Architect

    Ascend Technologies

    Azure-Solutions-ArchitectCloud-Security-ArchitectAzure-Security-EngineerUnited Statesremote$155K–$155K USDHimalayas

    Azure Solutions and Security Architect This is a fully remote position which may require occasional travel within the United States. PURPOSE: The Azure Solutions Architect – Security & Agile Product Owner is a senior, hands-on technical leader responsible for designing, securing, and delivering enterprise Azure cloud solutions while owning the Agile product lifecycle for Azure infrastructure and security services. This role blends Azure solution architecture, cloud security engin

    Apply →Sign up to save jobs

  • Security Engineer

    Menlo

    Security-EngineerIT-Security-EngineerInformation-Security-EngineerSingapore, United StatesremoteHimalayas

    About Menlo Menlo Research is an Applied R&D lab building Asimov, an open-source humanoid robot platform, and the full software stack that powers it. Our mission is to make humanoid labor economically viable -- turning software into physical labor at scale. We build across the full stack: hardware architecture, locomotion, autonomy, simulation, and infrastructure. We move fast, ship to real robots, and open-source everything we can. If you want your work to matter beyond a paper or a de

    Apply →Sign up to save jobs

  • Global Cybersecurity Policies and Standards Analyst, Deloitte Global Technology

    Deloitte

    Cybersecurity-AnalystInformation-Security-AnalystSecurity-Policy-AnalystCanadaremote$69K–$114K CADHimalayas

    Job Type: Permanent Work Model: Remote Reference code: 133300 Primary Location: Toronto, ON All Available Locations: Toronto, ON; Burlington, ON; Calgary, AB; Edmonton, AB; Fredericton, NB; Halifax, NS; Kitchener, ON; Ottawa, ON; Regina, SK; Saint John, NB; Saskatoon, SK; St. John's, NL; Vancouver, BC; Victoria, BC; Winnipeg, MB Our Purpose At Deloitte , our Purpose is to make an impact that matters. We exist to inspire and help our people, organizations, communities, and countries

    Apply →Sign up to save jobs

  • Cyber Security Architect (m/w/d)

    glueckkanja AG

    Cyber-Security-ArchitectSecurity-ArchitectCloud-Security-ArchitectGermanyremoteHimalayas

    beschreibung Baumeister des digitalen Schutzschildes Hackern immer den entscheidenden Schritt voraus zu sein: dafür sorgen wir als einer der führenden Anbieter in der Cloud Security. Mit den neuesten Sicherheitstechnologien wie Microsoft Defender XDR, Defender for IoT, Defender for Cloud oder Microsoft Sentinel sind wir dafür da, die IT-Infrastruktur unserer Kunden optimal gegen kleine und große Angriffe zu schützen. Lust zusammen mit uns Cyberkriminellen so richtig den Spaß zu verderben? Da

    Apply →Sign up to save jobs

  • Sr. Solutions Architect, Security

    Rimini Street, Inc

    Solutions-ArchitectSecurity-Solutions-ArchitectIT-SecurityJapanremoteHimalayas

    About Rimini Street, Inc . Rimini Street, Inc . (Nasdaq: RMNI), a Russell 2000® Company, is a proven, trusted global provider of end-to-end, mission-critical enterprise software support, managed services and innovative Agentic AI ERP solutions, and is the leading third-party support provider for Oracle, SAP and VMware software. Our comprehensive portfolio of unified solutions help run, manage, support, customize, configure, connect, protect, monitor, and optimize enterprise application, data

    Apply →Sign up to save jobs

  • Cloud Security Analyst

    Cloudbeds

    Cloud-SecurityCloud-Security-AnalystApplication-SecurityAustralia, Canada, FranceremoteHimalayas

    What Makes Us Unique At Cloudbeds , we're not just building software, we’re transforming hospitality. Our intelligently designed platform powers properties across 150 countries, processing billions in bookings annually. From independent properties to hotel groups, we help hoteliers transform operations and uplevel their commercial strategy through a unified platform that integrates with hundreds of partners. And we do it with a completely remote team. Imagine working alongside global innovato

    Apply →Sign up to save jobs

  • Product Security and Privacy Architect (Austin, TX, US, 78753)

    ASSA ABLOY

    Security-ArchitecturePrivacy-ArchitectureProduct-SecurityUnited Statesremote$140K–$160K USDHimalayas

    An Amazing Career Opportunity for a Product Security and Privacy Architect!! Location: Remote (US & Europe) Job ID: 47563 As part of the Product Security and Privacy team, reporting to the Chief Product Security & Privacy Architect, you will support product teams in adopting and implementing HID’s security and privacy program. Accountable for the quality, consistency, and defensibility of all security & privacy related artifacts you guarantee that outputs are “audit-ready,

    Apply →Sign up to save jobs

  • Information Security Analyst

    mercor

    Cybersecurity-AnalystInformation-Security-AnalystAI-Safety-EvaluationUnited StatesremoteHimalayas

    About the job Mercor connects elite creative and technical talent with leading AI research labs. Headquartered in San Francisco, our investors include Benchmark , General Catalyst , Peter Thiel , Adam D'Angelo , Larry Summers , and Jack Dorsey . Position: Cybersecurity Expert Type: Contract Compensation: $1,750–$2,150 per completed task Location: Remote Role Responsibilities Review and evaluate AI-generated outputs related to threat analysis, vulnerability assessment, a

    Apply →Sign up to save jobs

  • Security Analyst Consultant - Attack Surface Management

    Kalles Group

    CybersecuritySecurity-AnalystAttack-Surface-ManagementUnited Statesremote$110K–$140K USDHimalayas

    ABOUT KALLES GROUP: Everyone deserves to be secure. Our mission at Kalles Group is to help secure the future for companies of all shapes and sizes. While our expertise spans multiple disciplines, our method remains consistent: building trust and relationship with people -- whether you are a client, a consultant, or--in this case--a candidate. No matter what role you come from--whether you're an executive or just starting your career-you can expect our highest level of attention and respect.

    Apply →Sign up to save jobs

  • Cyber Security Automation Engineer - 2

    JLL

    CybersecuritySecurity-EngineeringSecurity-AutomationIndiaremoteHimalayas

    JLL empowers you to shape a brighter way . Our people at JLL are shaping the future of real estate for a better world by combining world class services, advisory and technology for our clients. We are committed to hiring the best, most talented people and empowering them to thrive, grow meaningful careers and to find a place where they belong. Whether you’ve got deep experience in commercial real estate, skilled trades or technology, or you’re looking to apply your relevant experience to

    Apply →Sign up to save jobs

  • Automotive and Robotics SOC Architect

    Tenstorrent

    Automotive-ArchitectureSoC-ArchitectureHardware-ArchitectureUnited Statesremote$100K–$500K USDHimalayas

    Tenstorrent is leading the industry on cutting-edge AI technology, revolutionizing performance expectations, ease of use, and cost efficiency. With AI redefining the computing paradigm, solutions must evolve to unify innovations in software models, compilers, platforms, networking, and semiconductors. Our diverse team of technologists have developed a high performance RISC-V CPU from scratch, and share a passion for AI and a deep desire to build the best AI platform possible. We value collabora

    Apply →Sign up to save jobs

  • Director, Application Security (Cybersecurity Defense)

    Cardinal Health

    Application-SecurityCybersecurity-LeadershipDevSecOpsUnited Statesremote$135K–$208K USDHimalayas

    What Cybersecurity Defense contributes to Cardinal Health Cybersecurity Defense focuses heavily on threat detection, incident response, and implementing security measures to protect our digital assets and infrastructure at Cardinal Health . The Director, Application Security is responsible for establishing, leading, and evolving the enterprise application security strategy to embed security into the software development lifecycle (SDLC) and reduce application-layer risk across the busine

    Apply →Sign up to save jobs

  • Director, Exposure Management (Cybersecurity Defense)

    Cardinal Health

    Exposure-ManagementCybersecurity-DefenseVulnerability-ManagementUnited Statesremote$135K–$208K USDHimalayas

    What Cybersecurity Defense contributes to Cardinal Health Cybersecurity Defense focuses heavily on threat detection, incident response, and implementing security measures to protect our digital assets and infrastructure at Cardinal Health . The Director, Exposure Management is responsible for establishing, leading, and overseeing the exposure management program to proactively identify, prioritize, and reduce cybersecurity risk across network, cloud, endpoint, and data environments. This

    Apply →Sign up to save jobs

  • Security Engineer - Product & Production Infrastructure

    Wiz

    Product-SecuritySecurity-EngineeringCloud-SecurityIrelandremoteHimalayas

    Come join the organization that is redefining security for the AI era. As one of the fastest-growing startups ever, we enable teams to secure cloud and AI applications by connecting code, cloud, and runtime into a single shared context. Trusted by security teams all over the world, we have a proven track record of success and a culture that values world-class talent. Not to mention, we're now powered by Google , meaning we offer our customers an AI-powered platform that harnesses Google’s T

    Apply →Sign up to save jobs

  • Information Security Manager

    Mariani Enterprises, LLC

    Information-Security-ManagerCybersecurity-ManagementIT-SecurityUnited Statesremote$119K–$147K USDHimalayas

    Work With The Best We are building the premier outdoor living company in the country by creating a “family of family companies” across the nation. Now you can build your landscaping career with the best, working in one of our many company locations nationwide. Learn from the top experts in the field and work on some of the country’s largest and most complex landscape projects. Take advantage of opportunities to share and exchange best practices across our network. The opportunities are

    Apply →Sign up to save jobs

  • Senior Security Penetration Tester

    NEORIS

    Security-Penetration-TestingCybersecurityApplication-SecurityBrazilremoteHimalayas

    Somos o acelerador que impulsiona o crescimento na Ibero-América, combinando a excelência global em engenharia da EPAM com a experiência regional e a proximidade cultural da NEORIS . Ajudamos as organizações a escalar, modernizar e avançar em sua transformação digital por meio de soluções em Cloud, Data & Analytics, Inteligência Artificial, Cibersegurança, Automação Inteligente, Consultoria Estratégica e Engenharia de Software. Respaldados por mais de 60.000 profissionais em mais de 55

    Apply →Sign up to save jobs

  • Senior Information Security Officer

    Solera

    Information-SecurityGRCIT-AuditIndonesiaremoteHimalayas

    The Role We are seeking a Senior Information Security Officer to be a key pillar of our Global GRC function. This is not just a support role; you will be the lead architect for Information Security and Compliance by Design across our most critical global projects. You will provide expert oversight for our Internal Control System (ICS) and drive the execution of Statutory and Group audits (SOX). This role is designed for a high-performing, self-motivated professional who thrives in a vir

    Apply →Sign up to save jobs

  • Senior Cyber Security Analyst - Governance (Disaster Recovery, Business Impact)

    Vytwo

    Dallas, TXhybridJooble

     ...Role: Senior Cyber Security Analyst – Governance (Disaster Recovery, Business Impact) Location: Minneapolis, MN - Hybrid Rate: Depends on Experience Job Description The Senior Cyber Security Analyst – Governance (Disaster Recovery) is responsible for... 

    Apply →Sign up to save jobs

  • Senior/Information Security Analyst - Re-Post

    Western Farmers Electric Cooperative

    Oklahoma City, OK$95K–$155K USDJooble

     ...following levels based on education, experience, knowledge, skills, and behaviors required. SUMMARY - Senior Information Security Analyst: Under the general supervision of the Supervisor, IT Infrastructure, the Senior Information Security Analyst performs troubleshooting... 

    Apply →Sign up to save jobs

  • Sr Information Security Analyst

    SageNet LLC

    Tulsa, OKJooble

     ...Tulsa, SageNet has regional offices in Atlanta, Toronto, and Washington, D.C. WHAT YOU’LL DO The Senior Information Security Analyst plays a critical role in executing and maturing SageNet’s information security program. This position supports and extends the Director... 

    Apply →Sign up to save jobs

  • Senior / Information Security Analyst - Re - Post

    Western Farmers Electric Cooperative

    Moore, OKJooble

     ...following levels based on education, experience, knowledge, skills, and behaviors required. SUMMARY - Senior Information Security Analyst: Under the general supervision of the Supervisor, IT Infrastructure, the Senior Information Security Analyst performs troubleshooting... 

    Apply →Sign up to save jobs

  • Security Host/Hostess - Full-Time, $29.00/Hour

    Aulani, A Disney Resort & Spa

    Makakilo City, HIThe Muse

    Come and join the magic with Aulani, A Disney Resort and Spa! Perks and benefits may include: 100% full coverage of healthcare for you and your eligible dependents Tuition paid upfront at network schools Free lunch Free parking Free theme park admission and much more! As a Security Host/Hostess, the main goal is to provide a safe and secure environment that enables our guests, cast members and vendors to experience the magic of Disney. Responsibilities : The Security Host/Hoste

    Apply →Sign up to save jobs

  • Special Agent - Cybersecurity/Technology Background

    Federal Bureau of Investigation

    Criminal InvestigationSalt Lake City, Utah, Seattle, Washington$99K–$128K USDUSAJobs

    All applicants must have two years of full-time work experience and a bachelor's degree or one year of full-time work experience if you have an advanced degree (master's or doctorate degree).All applicants should demonstrate Specialized Experience (SE).SE is defined as: Gathering and analyzing information and data to make proper conclusions or decisions. Establishing solutions to problems, assessing vulnerabilities, considering risks, and choosing the best outcome. Organizing, planning, and prio

    Apply →Sign up to save jobs

  • SECURITY GUARD

    Naval Special Warfare Command

    Security GuardDam Neck Naval Facility, Virginia Beach, Virginia$41K–$66K USDUSAJobs

    GS-06: Your resume must demonstrate at least one year of specialized experience at or equivalent to the GS-05 grade level or pay band in the Federal service or equivalent experience in the private or public sector. Specialized experience must demonstrate the following: performing security functions such as protecting property and guarding a broad range of highly sensitive items from hazards such as trespass, theft, and accidental or willful damage/destruction within installations or restricted a

    Apply →Sign up to save jobs

  • SECURITY SPECIALIST T32

    Air National Guard Units

    Security AdministrationTucson, Arizona$75K–$98K USDUSAJobs

    Military Grades: Must possess SrA/E-4 to MSgt/E-7 Compatible Military Assignments: Most possess an AFSC GENERAL EXPERIENCE: Experience, education or training in collecting and analyzing data effectively, efficiently, and accurately. Able to apply procedures and directives by reading and interpreting technical material. Ability to communicate clearly and effectively orally and in writing, using presentation and report formats. Demonstrated ability to follow directions, to read, understand, and re

    Apply →Sign up to save jobs

  • SECURITY GUARD

    Naval Air Systems Command

    Security GuardCherry Point, North Carolina, Kinston, North Carolina$45K–$58K USDUSAJobs

    Your resume must also demonstrate at least one year of specialized experience at or equivalent to the GS-05 grade level or pay band in the Federal service or equivalent experience in the private or public sector. Specialized experience must demonstrate the following: 1) Must be able to walk and stand for long periods of time. 2) Must be proficient with utilizing computer systems. 3) Must be able to multitask. Additional qualification information can be found from the following Office of Personne

    Apply →Sign up to save jobs

  • Polygraph Examiner

    Central Intelligence Agency

    Security AdministrationWashington, District of Columbia$71K–$132K USDUSAJobs

    Minimum Qualifications Interested candidates should be passionate about the ideals of our American republic, committed to upholding the rule of law and the U.S. Constitution, and committed to improving the efficiency of the Federal government. Hiring decisions will not be based on race, sex, color, religion, or national origin. Excellent verbal and written communication skills Analytic skills Strong interpersonal skills and the ability to interact with a broad cross-section of society, sometimes

    Apply →Sign up to save jobs

  • SECURITY SPECIALIST

    Air Force Civilian Career Training

    Security AdministrationBeale AFB, California, Edwards AFB, California$50K–$115K USDUSAJobs

    Air Force Qualification Standards To qualify for a GS-07: Completion of 1 full year of graduate level education, or bachelor's degree with Superior academic Achievement as provided in the "General Policies and Instructions" for Qualifications Standards Operating Manual, or 5 academic years of pre-professional study, or 1 year specialized experience equivalent to at least GS-5. KNOWLEDGE, SKILLS AND ABILITIES (KSAs): Your qualifications will be evaluated on the basis of your level of knowledge, s

    Apply →Sign up to save jobs

  • Construction Site Security Officer

    Securitas Inc.

    Reynoldsburg, OHThe Muse

    Construction Site Security Officer Wage: $19.00/ hour Requirements: 1-2 years of security experience required Strong attention to detail Excellent customer service skills Punctual and reliable We help make your world a safer place. Are you interested in being part of our Security Team? Apply quickly and efficiently online Weekly pay Competitive benefits Employee Referral Bonus Security Officer/Guard Security Positions are Full and Part Time Must hav

    Apply →Sign up to save jobs

About Security & Cybersecurity jobs

Security and cybersecurity jobs cover the people who protect a company's systems, data, and people from threats both technical and human. The titles span SOC / security operations center analyst roles (tier-1, tier-2, tier-3), security engineer (network, cloud, application), penetration tester / red team, security researcher, incident responder, identity and access engineer, governance/risk/compliance (GRC) specialist, security architect, and security leadership (security manager, director, CISO / chief information security officer). The work splits between proactive (designing controls, hardening systems, threat hunting, security architecture) and reactive (incident response, breach investigation, vulnerability management).

Postings here come from the same multi-source feed: broad aggregators, federal feeds, remote-only listings, and tech-heavy boards. The full list refreshes once a day. You'll see SOC analyst roles at MSSPs / managed security service providers, security engineer positions at SaaS companies, penetration tester roles at consultancies and at large enterprises, GRC roles at companies in regulated industries, federal security positions, and CISO-track leadership openings.

Signed in? The list is re-ranked against your values assessment, so the roles at the top are the ones that line up with what actually matters to you: comp, the kind of security work (defensive, offensive, GRC, leadership), industry, on-call expectations, the team. The scoring math is the same for everyone; the weighting is yours.

What does a security or cybersecurity job pay?

Security pay sits above general IT and roughly tracks engineering at the same level. SOC analyst (tier-1): $55-80k entry, $80-110k tier-2/tier-3. Security engineer (network, cloud, app security): $120-180k mid-career, $180-260k+ at senior levels at growth-stage SaaS, $300k+ at staff/principal levels at FAANG-tier (Meta, Apple, Amazon, Netflix, Google) and top tech. Penetration tester / red team: $110-180k at consultancies, $180-260k+ at well-funded in-house red teams. GRC specialist: $90-140k mid-career; senior GRC manager: $140-200k. CISO at a growth-stage SaaS: $300-500k+ total comp; CISO at large public enterprise: $500k-$1.5M+ at the top. Federal security roles follow the GS / General Schedule scale; cleared positions in defense and intelligence pay premiums of 15-30% over comparable uncleared work. Major certifications (CISSP / Certified Information Systems Security Professional, OSCP / Offensive Security Certified Professional, CEH / Certified Ethical Hacker, GIAC / Global Information Assurance Certification) translate to real pay bumps at most companies.

Are security jobs hiring remote?

Highly remote-friendly for most security functions. SOC analyst work, security engineering, penetration testing, security research, and GRC roles all run heavily remote at most companies. The work is mostly on a computer with cloud-based tooling and collaboration over chat and video. Exceptions: physical security roles (rare in tech), forensics work that involves seized devices, classified work in defense and intelligence (mostly on-site or hybrid with SCIF / sensitive compartmented information facility access), and senior leadership roles at large enterprises with strong office cultures. The remote toggle on this page filters to listings tagged remote-only or remote-first. Pen testing engagements sometimes involve on-site assessments for clients, even when the home role is remote.

Entry-level vs senior security roles

Entry-level security is one of the harder fields to break directly into without prior IT experience. The traditional path: IT support to sysadmin or networking, then a SOC analyst role, then security engineering. Direct-entry SOC analyst roles do exist (especially at MSSPs running 24/7 operations) and often hire candidates with Security+ certification and demonstrable lab work. Senior security roles split sharply: defensive (security engineer, security architect, detection engineer, threat hunter), offensive (pen tester, red team operator, security researcher), and governance (GRC manager, compliance officer, privacy lead). The CISO track requires breadth across all three plus strong business and communication skills. Calibrating senior level from a listing: years of experience, scope of systems covered, on-call expectations, whether the role owns architecture decisions, and reporting line (does the role report to CIO, CTO, or directly to CEO/board).

How to compare two security offers

Security offers diverge on dimensions other roles don't have. Pin down: the company's security maturity (is there a real program with leadership support, or is security a cost center being squeezed?), the specific function (defensive, offensive, GRC, all-of-the-above), on-call expectations (how often, response SLA, how brutal the incidents are likely to be), the threat landscape the company actually faces (a small SaaS sees different attacks than a defense contractor), and the team's relationship with engineering (security partners with eng vs. security blocks eng releases). WorkWomp's offer comparison handles this kind of multi-variable decision. Save both offers, take the 5-minute values assessment so the scoring weights what actually matters to you, drop in interview notes (the team's maturity, the on-call burden, leadership exposure), and the breakdown shows which offer wins where.

See how WorkWomp compares offers

Common questions

  • What's the difference between SOC analyst, security engineer, and pen tester?

    Different roles along the security stack. SOC / security operations center analyst monitors alerts from security tools (SIEM / security information and event management, EDR / endpoint detection and response, network IDS / intrusion detection system), triages incidents, escalates to senior analysts when something looks real. The work is reactive and shift-based, often 24/7 coverage in MSSPs. Security engineer designs and builds security controls: firewall rules, authentication systems, vulnerability scanning pipelines, incident response runbooks. The work is mostly proactive engineering. Penetration tester / red team operator simulates attackers against the company's own systems, identifies exploitable weaknesses, and reports them in detail. The work mixes technical depth with creative thinking; engagements are typically project-based (1-3 week sprints per engagement). Pay tracks complexity: SOC analyst typically pays less than security engineer or pen tester at the same level (security engineer and pen tester pay similarly).

  • Do security jobs require a degree?

    Less than most fields require. Security hires aggressively from non-traditional backgrounds: self-taught practitioners with strong CTF / capture-the-flag competition records, military and government veterans with security clearances, IT support and network engineers transitioning into the field, and bootcamp grads with Security+ certifications. Degree requirements show up most in leadership tracks (CISO at a large enterprise often requires a master's), in federal security positions (degrees and clearances), and in security research (academic-oriented roles). For entry and mid-career individual contributor work, capability beats credential almost universally.

  • How do I break into cybersecurity without prior security experience?

    Two reliable paths. Path 1: IT support to security. Move into a tier-1 helpdesk or sysadmin role, build IT fluency, then pivot into a SOC analyst position. Most SOC teams hire from internal IT pipelines. Path 2: technical bootcamp plus lab work. Build skills via Security+, hands-on labs (TryHackMe, HackTheBox, Cybrary), CTF competitions, and a small portfolio of self-directed projects (a home lab running pfSense, Suricata, ELK stack), then pitch yourself into entry-level SOC roles at MSSPs that hire aggressively. Federal security agencies (CISA / Cybersecurity and Infrastructure Security Agency, NSA / National Security Agency, DOD / Department of Defense) also run direct-entry programs for non-traditional candidates with strong aptitude. Avoid the common trap of stacking certifications without hands-on work; cert-only candidates without lab evidence struggle in interviews.

  • Is security a recession-resistant field?

    More resistant than most, less than people assume. Compliance-driven security work (GRC, audit response, regulatory reporting) is genuinely recession-resistant because the regulations don't pause when budgets tighten. Defensive security engineering at well-funded enterprises (banking, defense, healthcare, large tech) holds up well. Offensive security and security research at smaller companies cut more aggressively during downturns because the work feels like 'nice-to-have' to non-security executives. Federal security jobs are very stable. The roles most exposed in cuts: junior security analysts at non-regulated companies, security consultants at less-established firms, and security 'evangelist' or 'developer relations' roles. The roles most stable: GRC at regulated industries, security engineering at financial services, federal cleared positions.

  • Is AI changing security work?

    Yes, in both directions. AI is augmenting defensive work: automated triage of SOC alerts, AI-assisted code review for vulnerabilities, AI-driven threat hunting across large logs. The roles being squeezed: tier-1 SOC analyst doing volume alert triage, junior compliance analysts doing repetitive evidence collection. AI is also enabling attackers: AI-generated phishing at scale, automated reconnaissance, faster vulnerability discovery. The roles holding or growing: senior security engineers who architect AI-aware controls, detection engineers who build novel signatures faster with AI tools, threat hunters who interpret AI-generated alerts critically, and security researchers studying AI-native attack patterns. The honest framing: if your security work is mostly running standard playbooks, AI is competing for your seat. If your work involves judgment about novel threats and architectural trade-offs, you're fine.