Cybersecurity Workforce | CIS2208

Slide 1 of 14  |  CSP-W1  |  Week 1
The Cybersecurity
Workforce
The Gap  •  NICE Framework  •  Career Paths  •  Certifications  •  Emerging Roles
There are 3.5 million unfilled cybersecurity positions worldwide. Every 39 seconds, a cyberattack occurs somewhere on the internet. The talent pipeline cannot keep pace with the threat landscape -- and that gap is not just a staffing problem. It is a national security crisis, an economic vulnerability, and a career opportunity unlike anything else in technology.
14 Slides CSP-W1 Week 1 CIS2208 -- Cybersecurity Policy
Slide 2 of 14
The Workforce Gap: 3.5M+ Unfilled Positions
ISC2 2023 Workforce Study -- the global cybersecurity workforce gap continues to grow despite record hiring.
4.07M 2019 3.12M 2020 2.72M 2021 3.40M 2022 3.99M 2023 Unfilled Positions
The Numbers
ISC2 estimates 5.5 million cybersecurity professionals worldwide in 2023 -- an all-time high. Yet the gap grew to nearly 4 million. Demand is outpacing supply at an accelerating rate. The workforce grew 8.7% year-over-year, but the gap grew 12.6%.
Economic Impact
Organizations with critical staffing shortages report 3.5x more breaches than adequately staffed peers. The average cost of a data breach is $4.45 million (IBM 2023). Understaffed security teams mean slower detection, slower response, and greater damage per incident.
The Burnout Factor
66% of cybersecurity professionals report significant stress levels. 51% have experienced burnout. When teams are understaffed, existing personnel absorb the workload -- leading to attrition that further widens the gap. The workforce crisis is self-reinforcing.
Slide 3 of 14
NICE Cybersecurity Workforce Framework
NIST SP 800-181r1 -- the national standard for describing and organizing cybersecurity work into categories, specialty areas, and work roles.
NICE Framework Securely Provision Operate & Maintain Oversee & Govern Protect & Defend Analyze Collect & Operate Investigate
Why NICE Matters
NICE provides a common vocabulary for employers, educators, and job seekers. When a job posting says "SOC Analyst," NICE maps that to specific knowledge, skills, abilities, and tasks -- removing ambiguity. Federal agencies are required to use NICE; private sector adoption is growing rapidly. It is the Rosetta Stone of cybersecurity hiring.
Slide 4 of 14
NICE Work Role Categories in Detail
Each category contains specialty areas and specific work roles with defined KSAs (Knowledge, Skills, Abilities).
Securely Provision
Design, build, and deploy secure IT systems. Includes software development, systems architecture, risk management, and test/evaluation. These are the builders.
Operate & Maintain
Provide day-to-day management and administration. System admins, network ops, data admins, and customer support. These keep infrastructure running securely.
Oversee & Govern
Management, policy, legal counsel, training, and strategic planning. CISOs, cybersecurity attorneys, program managers, and workforce developers live here.
Protect & Defend
Identify, analyze, and mitigate threats. SOC analysts, incident responders, and vulnerability assessment specialists. The frontline defenders of the network.
Analyze
Highly specialized review and evaluation of incoming cybersecurity intelligence. Threat analysts, exploitation analysts, and all-source intelligence analysts. They interpret the data so defenders can act.
Collect & Operate
Specialized denial and deception operations, collection of cybersecurity intelligence. Offensive cyber operations and intelligence collection. Primarily government and military roles.
Investigate
Digital forensics and cyber crime investigation. Law enforcement, forensic analysts, and cyber defense forensics specialists. They reconstruct what happened after a breach and build the case.
Slide 5 of 14
Career Pathways: Entry to Executive
Cybersecurity careers are not linear -- they branch, specialize, and converge. But the general trajectory follows a recognizable pattern.
Entry Level 0-2 years SOC Analyst (Tier 1) Jr. Pen Tester IT Auditor Mid Level 3-7 years Security Engineer Incident Responder Threat Intel Analyst Senior Level 8-14 years Security Architect Principal Engineer Red Team Lead Executive 15+ years CISO VP of Security CRO / CTO
Non-Linear Paths Are Normal
Many of the best security professionals entered from system administration, software development, military intelligence, or even entirely unrelated fields. The "start in helpdesk, move to SOC, become CISO" path is one option -- not the only one. Domain expertise in healthcare, finance, or manufacturing combined with security knowledge creates unique value.
Salary Ranges (US, 2023)
Entry: $55K-$85K. Mid: $90K-$135K. Senior: $140K-$200K. Executive (CISO): $200K-$500K+. These figures vary significantly by region, industry, and clearance level. Federal positions with TS/SCI clearance command substantial premiums. Remote work has compressed geographic salary differences.
Slide 6 of 14
Key Certifications Landscape
Certifications validate knowledge, satisfy employer requirements, and often meet DoD Directive 8140 mandates for government roles.
FOUNDATIONAL Security+ | CC | CySA+ INTERMEDIATE CEH | SSCP | CCNA Security ADVANCED CISSP | CISM | GCIH | GPEN EXPERT OSCP | OSCE | CCIE Sec | GXPN
CompTIA Security+
The entry point. Vendor-neutral, DoD 8140-approved for IAT Level II. Covers threat management, cryptography, identity management, and risk. Approximately 750K+ holders worldwide. Often the first cert employers look for.
CISSP
The gold standard for experienced professionals. Requires 5 years of experience across 2+ of 8 domains. Covers security operations, asset security, software security, and governance. ~156K active holders globally.
OSCP
The hands-on offensive security benchmark. 24-hour practical exam -- no multiple choice. You must compromise machines to pass. Widely regarded as the most respected penetration testing certification. Proves you can actually do the work.
DoD Directive 8140
All DoD personnel performing cyberspace work must hold approved certifications mapped to their work role. This single policy drives massive demand for Security+, CISSP, CEH, and related certs in the federal space. Knowing the 8140 matrix is essential for anyone targeting government cybersecurity careers.
Slide 7 of 14
Education Pathways
There is no single path into cybersecurity -- the field draws from multiple educational pipelines, each with distinct advantages.
Associate's Community College 2 years | $8-20K Bachelor's University / CAE 4 years | $40-160K Master's Specialization 2 years | $30-80K PhD Research 4-6 years | Funded Alternative Paths Bootcamps | Self-Study 3-12 months | $0-20K Cybersecurity Career All paths converge on capability
CAE Designation
The NSA/CISA Centers of Academic Excellence (CAE) program designates institutions that meet rigorous cybersecurity curriculum standards. CAE-CD (Cyber Defense), CAE-CO (Cyber Operations), and CAE-R (Research). Students at CAE schools are eligible for federal scholarships and recruitment pipelines, including the CyberCorps Scholarship for Service (SFS) program.
The Self-Taught Path
Platforms like TryHackMe, HackTheBox, and SANS Cyber Ranges provide hands-on training. Many successful professionals have no formal degree -- they have Home labs, GitHub portfolios, CTF competition records, and bug bounty submissions. Employers increasingly accept demonstrated skill over credentials, especially for technical roles.
Slide 8 of 14
CyberSeek.org -- The Workforce Heatmap
A free, interactive tool funded by NIST/NICE that maps cybersecurity supply and demand across the United States.
CYBERSEEK.ORG -- Supply/Demand Heatmap DC/VA/MD 85K+ openings TX 52K+ CA 68K+ NY 38K+ FL 31K+ IL 22K+ High demand (50K+) Medium demand (20-50K) Growing demand National Supply/Demand Ratio: 68 workers available for every 100 job openings (32% gap)
Interactive Career Pathways
CyberSeek maps feeder roles, common transitions, and required certifications for each position. You can trace a path from helpdesk to CISO and see exactly what certifications, skills, and experience each step requires.
Supply-Demand Heatmap
View job openings vs. available workforce by state and metro area. The DC-Maryland-Virginia corridor consistently shows the highest concentration of demand due to federal agencies, defense contractors, and intelligence community presence.
How to Use It
Research your target role. Identify your geographic market. Understand what certifications employers in that area require. CyberSeek is built on Burning Glass labor market data and updated regularly. Bookmark it -- you will use it throughout your career.
Slide 9 of 14
Diversity and Inclusion in Cybersecurity
The workforce gap cannot be closed by recruiting from the same demographics that have historically filled these roles.
WOMEN IN CYBER 25% of global workforce Up from 20% in 2019 (ISC2) 17% in leadership roles RACIAL DIVERSITY (US) White: 56% | Asian: 22% Black: 9% | Hispanic: 8% Black + Hispanic = 17% of cyber workforce vs. 32% of US pop. AGE + PIPELINE Under 30: only 13% of the cyber workforce Pipeline problem: fewer young people entering than retiring
Why Diversity Matters for Security
Homogeneous teams share blind spots. Adversaries are globally diverse -- defenders who all think the same way miss attack vectors that a more diverse team would catch. Research from RAND Corporation shows that cognitively diverse teams detect and respond to threats 20% faster. Inclusion is not just equitable -- it is operationally superior.
Pipeline Programs
CyberCorps Scholarship for Service targets underrepresented populations. Women in CyberSecurity (WiCyS) provides mentoring, scholarships, and networking. The SANS Diversity Academy offers free training. GenCyber camps introduce K-12 students to cybersecurity. These programs are expanding but still reach a fraction of the potential talent pool.
The Math Is Simple
If you have 4 million unfilled positions and you only recruit from the same 40% of the population that has historically filled these roles, you will never close the gap. Expanding the pipeline to the full talent pool is not optional -- it is arithmetic.
Slide 10 of 14
Public Sector vs. Private Sector Careers
Two fundamentally different career ecosystems -- each with distinct advantages, constraints, and professional cultures.
Public Sector (Government)
Federal agencies (NSA, CISA, FBI, DoD), state/local government. Mission-driven work with national security impact. Structured GS/GG pay scales -- lower than private sector at senior levels but competitive at entry. Federal retirement, health benefits, job stability. Security clearances (Secret, TS, TS/SCI) are career accelerators that transfer to private sector.
Private Sector (Industry)
Tech companies, consulting firms, financial services, healthcare. Higher compensation at mid/senior levels -- 20-40% premium over equivalent government roles. Stock options, bonuses, faster promotion cycles. Greater tool selection and technology variety. Less bureaucracy but also less mission permanence. Market-driven priorities shift frequently.
Clearances
A TS/SCI clearance costs an employer $15K-$50K to sponsor and takes 6-18 months. Once you have one, you are worth more -- immediately. Many professionals start federal, earn a clearance, then move to defense contractors at significantly higher pay. The clearance premium is real: $15K-$40K more annually.
The Revolving Door
Government to contractor to private to government is a common career pattern. Each rotation builds different skills: government teaches mission discipline, contractors teach scale, private sector teaches speed and business alignment. Strategic rotation maximizes career value over time.
CyberCorps SFS
Scholarship for Service pays full tuition + stipend in exchange for equal time federal service. A $150K+ investment in your career with guaranteed placement. Applications are competitive but the return on investment is extraordinary. Federal service obligation builds your clearance and network simultaneously.
Slide 11 of 14
Emerging Roles in Cybersecurity
The threat landscape evolves, and so does the workforce. These roles barely existed five years ago -- now they are among the fastest growing.
AI AI Security Adversarial ML, LLM safety, prompt injection defense, model supply chain security +300% demand since 2022 CLD Cloud Security CSPM, CWPP, CNAPP, container security, IAM, multi-cloud governance Highest avg salary: $185K OT OT/ICS Security SCADA protection, industrial control systems, critical infrastructure Colonial Pipeline changed everything PRV Privacy Eng. GDPR/CCPA compliance, PETs, data governance, consent architecture Regulation-driven growth
Why These Roles Are Exploding
AI security barely existed before 2023 -- now every major enterprise needs someone who understands adversarial attacks on machine learning models. Cloud security emerged because 94% of enterprises use cloud services. OT/ICS security surged after the Colonial Pipeline and Oldsmar water treatment attacks proved that cyber threats to physical infrastructure are real and present.
How to Position Yourself
Emerging roles offer the highest entry-point advantage. There is no 20-year veteran of AI security -- everyone is learning. Getting hands-on experience now, building a lab, earning early certifications (CCSP for cloud, GRID for ICS, AIGP for AI governance) puts you at the front of a very short line. First movers in emerging specializations command premium compensation.
Slide 12 of 14
Professional Development
Cybersecurity changes faster than any curriculum can track. Continuous learning is not optional -- it is the cost of staying relevant.
Continuing Education
Most certifications require CPE/CEU credits for renewal. CISSP requires 40 CPEs per year. Security+ requires 50 CEUs over 3 years. This is not busywork -- it forces professionals to stay current. SANS, Pluralsight, Cybrary, and vendor training portals provide structured learning. Budget $2K-$5K/year for training or negotiate it into your compensation.
Conferences
DEF CON (Las Vegas, August) -- the largest hacker conference in the world. Black Hat -- enterprise-focused, same week. RSA Conference -- governance and vendor ecosystem. BSides events -- community-driven, affordable, local. ShmooCon, SANS summits, regional ISC2 chapters. Networking at conferences has launched more careers than any job board.
CTF Competitions
Capture the Flag competitions are the proving ground. CCDC for defense, CPTC for penetration testing, NCL for individual skills. CTFs develop skills that no classroom can replicate -- time pressure, incomplete information, creative problem-solving. Put CTF placements on your resume. Employers notice.
Community Engagement
Open-source contributions to security tools (YARA rules, Sigma rules, MITRE ATT&CK contributions). Bug bounty programs (HackerOne, Bugcrowd). Security blogs and write-ups. Local OWASP chapters. These activities build reputation, demonstrate capability, and create the network that sustains a 30-year career.
Home Lab
The single highest-ROI investment in a cybersecurity career. A $200 used server running Proxmox with pfSense, Security Onion, Splunk Free, and vulnerable VMs teaches more than most $5K courses. Build, break, detect, respond, and document everything. Your home lab is your portfolio.
Slide 13 of 14  |  Key Takeaways
Key Takeaways
The cybersecurity workforce landscape in eight facts you should carry out of this lecture.
The cybersecurity workforce gap is not abstract -- it is the reason breaches succeed, critical infrastructure is vulnerable, and national security is at risk. Every person who enters this field closes the gap by one. Your career decision has strategic consequence.
8 Facts to Carry Forward
1 3.5M+ unfilled cybersecurity positions globally. The gap is growing faster than the workforce. This is the defining labor market reality of the field.
2 The NICE Framework (NIST SP 800-181r1) defines 7 categories and 52 work roles. It is the common language between employers, educators, and job seekers. Learn it.
3 Career paths are non-linear. Entry through helpdesk, military, development, or self-study are all valid. Demonstrated skill matters more than pedigree.
4 Certifications are career currency. Security+ opens the door. CISSP proves experience. OSCP proves hands-on capability. Know the DoD 8140 matrix if targeting government.
5 CyberSeek.org maps supply, demand, career pathways, and certification requirements by region. Use it to make data-driven career decisions.
6 Diversity is not just equitable -- it is operationally necessary. The gap cannot be closed by recruiting from the same 40% of the population.
7 Emerging roles (AI security, cloud security, OT/ICS, privacy engineering) offer the highest entry-point advantage. No one has 20 years of AI security experience.
8 Continuous learning is the cost of relevance. Home labs, CTFs, conferences, and community engagement are not extracurricular -- they are the core curriculum of a cybersecurity career.
Slide 14 of 14  |  Complete
Module Complete
You have completed the Cybersecurity Workforce presentation. Mark it complete to record your progress.
What You Covered
The global workforce gap and its implications. The NICE Framework and its 7 categories. Career pathways from entry to executive. The certification landscape and DoD 8140. Education pathways and CAE designation. CyberSeek as a career planning tool. Diversity imperatives. Public vs. private sector career differences. Emerging roles in AI, cloud, OT/ICS, and privacy. Professional development strategies.
Next Steps
Visit CyberSeek.org and explore the interactive career pathway for your target role. Identify two certifications that align with your career goals. Research one CAE-designated institution in your state. Begin building your home lab if you have not already.