Incident response jobs
The cyber security industry has faced well-documented challenges in recruitment and employment, a problem that has only been exacerbated by continued discussion of the skills gap. But despite these issues, Louise Barker, head of talent at NCC Group, thinks it’s important to celebrate the successes that the industry has achieved in employment and understand what we can do to continue attracting talent to the sector.
The cyber security employment landscape
A report published by the government last year revealed that there are over 30,000 – and as many as 40,000 – staff employed in the UK’s cyber security sector, with over 800 firms providing cyber security products based in the country.
These numbers are encouraging, but even more impressive is the fact that the number of active firms has grown by more than 50% over the last five years, with over a hundred new businesses entering the sector within the last two years. This surge in new entrants to the market can help to make the industry more attractive for prospective employees, particularly as there are no signs that this growth will decelerate in the near future.
These employment figures aren’t just constrained to the capital, either, with the report also revealing that the North West is responsible for 29% of cyber security employment in the UK, with 22% in the South East. This is promising for businesses that are concerned about prospective employees and opportunities being poached by London-based organisations.
Sustaining this growth is going to necessitate careful strategies from businesses within the sector to ensure that talent is being channelled into it and that every possible step to narrowing the skills gap is taken.
What is the government doing to help?
Previously, the cyber security market’s relative infancy may have hindered recruitment of talent into the industry, with no widely accepted definition of a cyber security professional and no gold standard qualification to work towards.
However, the government is addressing this by making up to £2.5m of funds available to establish a new Cyber Security Council in the UK, which is due to start work in April this year. Combined with the ongoing work of the Cyber Security Body of Knowledge (CyBOK), these initiatives will help to establish professional standards further, deliver certifications and provide access to defined career pathways,
Such initiatives should be welcomed, but cyber businesses also have a responsibility to attract and capture talent by informing potential security professionals about the variety of roles available, and the diverse career pathways they can take to achieve success in the industry.
How can cyber security businesses play their part?
The skills gap can’t be forgotten, and Cybersecurity Ventures has predicted that there will be 3.5 million unfilled cyber security job openings by 2021, meaning that the industry needs to tap into new and existing talent pools now.
Many businesses within the industry already understand the importance of graduate schemes and internships in attracting talented young people, and a lot of work is being done to ensure that they understand the value of studying computer sciences and related disciplines.
What isn’t stressed quite so much is the value of the skilled workers from other sectors, who might not think that a career in cyber security is attainable for them and that many can utilise the transferable skillsthey already have to make an impact in the industry.
The perception outside of the sector is that many of the roles are too technical, with many unsure how their skills can be put to use. But by advertising in the correct channels, and showcasing the talent already working within the industry, we can help to change this perception. This will subsequently help to attract technical writers, sales, risk managers, recruiters and more – again helping to change this perception even further.
Additionally, developers, network engineers and Active Directory specialists can all apply their expertise into more technical roles in the industry in an assessing and testing capacity. With a supportive and scalable framework in place, there is no reason that individuals from a diverse range of backgrounds can’t achieve a solid career in cyber security.
This is also true for internal talent, and we have seen success in this area first hand: after developing a deeper interest in developing his technical skills, one of our technical recruiters recently qualified as a Security Consultant.
Working together
The recently published UK Government Cyber Security Skills Strategy also acknowledges the importance of attracting individuals from other areas, and has moved from discussing the concept of cyber security skills to the concept of cyber security capabilities to reflect that what is required is “the right blend and level of skills in a truly secure digital economy”.
In practice, this means that cyber security should both be embedded across the workforce and become a facet of a wider range of roles like basic financial or commercial literacy, but also that greater efforts are required to unlock untapped talent in less technical areas of cyber security.
Again, the Government has also pledged to support this path by demystifying cyber security careers, with plans to introduce Cyber Security Skills Ambassadors to promote cyber careers for a wide range of individuals. Other recommendations suggest increasing the provision of non-technical modules in higher and further education cyber security courses and increasing the involvement of the industry in the development of such courses.
Demand for talent – both technical and otherwise – within the cyber security industry is only set to increase in the coming years, and businesses need to lay the foundations to facilitate this growth as soon as possible to ensure that the skills gap doesn’t come to widen any further. By thinking laterally and helping to change perceptions about the industry at large, we can continue to ensure that talented individuals can make the leap to a new career, bolstering employment for a thriving industry in the process.
source informationage
Industry: Cyber Security News
Latest Jobs
-
- Account Director | Cyber Security Consulting | UK - South East
- London
- N/A
-
Account Director | Cyber Security Consulting - Financial Services | UK - South East. New Role due to Growth We are looking for an experienced Account Director to develop and expand existing relationships across the financial services sector, working with investment firms, asset managers, private equity groups and strategic partners to deliver intelligent cyber consulting and a bespoke Cyber product offerings. You will act as a trusted advisor, helping organisations strengthen digital resilience, manage third-party and regulatory risk and adopt a proactive approach to cyber assurance. Key Responsibilities Manage a defined portfolio of financial clients, understanding business priorities and aligning tailored cyber solutions. Drive new client engagement while nurturing existing partnerships through a consultative, long-term approach. Present the benefits of advanced cyber services including threat intelligence, vulnerability management, incident readiness, and continuous risk monitoring. Collaborate with technical and delivery teams to ensure smooth engagement from proposal through to implementation and ongoing support. Prepare proposals, negotiate commercial terms, and clearly articulate value and business outcomes. Build trusted relationships at senior and board level. Ideal Profile Strong background in cybersecurity, consulting, or risk management within financial services. Skilled communicator with proven success managing and growing key accounts. Able to translate complex technical insight into commercial and strategic value for clients. Confident engaging with senior stakeholders and decision makers. Please note: Sponsorship is not available.
-
- SOC Analyst- Level 2- Hybrid Greater London
- London
- N/A
-
SOC Analyst- Level 2- Hybrid Greater London New opportunity created through continued growth. We’re looking for a SOC Analyst (Level 2) to strengthen a growing managed security team. You’ll work hands-on with Microsoft Sentinel and Defender XDR, investigating alerts, responding to incidents, and helping improve how clients stay protected. This role is ideal for someone who enjoys unravelling security events, thinking critically under pressure, and making a real difference day to day. What you’ll do · Investigate and respond to security activity across SIEM and endpoint tools · Analyse network and log data to uncover real threats · Support automation initiatives to streamline response processes · Help maintain visibility, data flow, and performance across SOC platforms What you’ll need · Practical experience using Microsoft Sentinel and Defender XDR · Confident working with KQL or similar query languages · Understanding of attacker tactics and response techniques · SC-200 certifications would be nice. · Experience supporting multiple customer environments Please note: Sponsorship is not available.
-
- Senior SOC Engineer - UK - New role due to growth
- London
- N/A
-
Senior SOC Engineer – New role due to growth We are hiring a Senior SOC Engineer to take the lead across security operations for a growing managed service. You will lead detection, response and onboarding activity across multiple clients, helping shape how the SOC evolves. Expect variety; from fine-tuning alerts and threat hunting to supporting customers and mentoring junior analysts. What you’ll bring · Strong experience across SIEM, EDR, and threat detection tools · Confident working with customers in a managed service environment · Skilled in scripting or query languages such as KQL or PowerShell · Knowledge of frameworks like NIST, ISO27001, MITRE ATT&CK · Calm communicator with a problem-solving mindset · Experience with Azure Lighthouse or delegated access models · Prior involvement in automation or SOC improvement projects Location: South East England- Hybrid role Please note: Sponsorship cannot be offered now or in the future.
-
- SENIOR Cyber Risk Consultant. Cyber Risk consultancy - the right way. UK. Hybrid - Remote first
- United Kingdom
- N/A
-
Senior Cyber Risk Consultant needed. New position due to growth Seeking a passionate Cyber Security Risk Consultant who enjoys helping clients make a different to their business. Dedicated training budgets, Unlimited holiday structured career path, Work life balance guaranteed Cyber Risk consultancy done the right way. A successful individual will have experience working with clients to identify business cyber security risk. This is a remote first opportunity which means you will spend the majority of your time working remotely. You will however spend some time meeting clients as well as meeting up with the team on a monthly basis.. Some of the nice to have certifications. CRISC, ISO27001 Lead implementer, CISA, CISM, CISSP Unable to offer Visa sponsorship now or in the future.