Blog Img

H2 2023: What trends are we seeing in cyber recruitment?

Back to Market insights

​Last week the UK government released its long-anticipated report on the state of the cyber labour force. With the concerning assertion that 50% of businesses have a basic skills gap when it comes to cyber security, it’s clear that the industry is facing some pretty substantial challenges. When you combine this with the statistic that there are 1,248 damaging cyber-attacks per week in the UK, it’s obvious that we need to do more to recruit top talent into the defensive workforce.

Yet it’s not all doom and gloom, with industry-wide employment increasing by 10% over the last twelve months, and over 7,000 people entering the sector. In fact, 53% of cyber businesses have been actively recruiting this year and the average number of vacancies per firm has risen to around 8.2. There’s no shortage of opportunities for talented professionals looking to enter or progress in the industry, and in this candidate-driven market applicants can command more from potential employers.

It all makes for an interesting time for those of us in cyber recruitment. With data-driven market research forming the core of our business, we’ve pulled out some of the key trends employers and candidates can expect to see in H2 2023, and what you need to do to stand out in job market as it heats up towards the end of the year.

1. Speed is of the Essence

With the cyber security industry moving so quickly, speed is essential during the hiring process. It’s a candidate driven market, and with most professionals interviewing at several organisations, you cannot afford to hold off on hiring decisions. We’ve seen many examples of companies failing to secure their perfect candidate due to internal delays, meaning the individual in question is already off the market.

In fact, for roles like SOC Analysts and Security Engineers, especially those within Microsoft SOC teams, we would only expect candidates to be on the market for two weeks. These roles are particularly in demand due to the plethora of global threats and cyber risks we’ve seen across the industry, coupled with the continued release of new technologies. Here at Trident, we work to an average of just 27 days from sourcing a candidate right the way through to placement, saving our clients crucial time and resources.

2. The C-Suite is Starting to Shift

The executive recruitment scene has been particularly turbulent during H1 of this year. With roles in this category commanding higher salaries and greater responsibility than any others, we’ve witnessed a widespread hiring freeze on senior personnel as the market recovers and restabilizes. Yet around 80% of the leaders we speak to are open to moving. Reasons for this vary from business to business but include factors like limited buy-in from the Board, constant pushback from the business and a big restriction on budgets.

This has inevitably driven a large amount of competition for very few openings; we have ended up with Heads of or Junior CISO’s, experienced CISO’s and then the VP’s or Directors all fighting for the same role. On top of this, in Q1 a lot of businesses were skeptical about spending money due to economic concerns and have been biding their time or making do with what they have instead. Q2 saw businesses “plan” to make a senior hire, but it’s only now in Q3 that we are seeing the market flip as companies pull the trigger on those hiring decisions.

This is good news for senior candidates in H2, as once those who were waiting for a new role have moved, space will open up for the market to begin. This domino effect is now in full force, and we would expect the resulting surge to last for the rest of the year.

3. The Skills in Demand

Over half of all private sector businesses have a basic technical cyber security skills gap, with 50% reporting a lack in confidence in performing the basic tasks or functions that are essential to protecting business assets. A further 33% have a more advanced skills gap in areas like penetration testing, forensic analysis, security architecture or engineering, threat intelligence, interpreting malicious code and user monitoring.

There’s obviously a variance in the skills most in demand for different types of roles, but it all boils down to understanding how things actually work. With so much focus on how we make tools and security functions operate autonomously, the ability to fix issues has never been more important. In addition, a lot of companies who utilise cloud technologies are looking for candidates with experience across Azure, AWS and GCP. Those with exposure to securing cloud applications can demand a higher salary.

Yet technical skills are only half of the picture, and just over 4 in 10 cyber sector firms (43%) are experiencing a soft skills gap as well. As well as the technical abilities required for the role, the best applicants can show communication, leadership, management, or sales and marketing.

To really stand out in the job market, start digger deeper into alerts, policies or procedures and understand the inner workings of various technologies, as well as looking at the key strengths you can bring to the table.

4. Remote Working Makes a Return

During the pandemic we saw an unprecedented shift to remote working, with 49% of businesses operating full work from home policies at one point. However, as we move further away from Covid-19 more and more businesses are demanding a return to the office.

From research we conducted in Q2 of this year, we know that the majority of cyber security roles are still based in London, with 33% of our respondents working in the capital. However, a staggering 47% of cyber vendor professionals we spoke to and 24% of those in defensive roles now work in roles that are entirely remote.

Although employers sometimes struggle with a range of challenges, including retention and keeping a remote workforce secure, a recent YouGov poll found that 57% of British workers wanted the option to work from home. Indeed, most candidates expect at least a hybrid model with the option to work from home one or two days a week and will push back on employers asking for them to be in the office full time.

Employers also need to consider the increase in face-to-face meetings, expos and conferences that employees are expected to attend now when setting office working hours as candidates expect a much higher degree of flexibility in where they work then they did before the pandemic.

5. How will VC Funding Affect Cyber Vendors?

Last quarter venture funding for cyber security dropped to just $1.6 billion, a 63% drop from the same period in 2022. VC investment reached its absolute peak in 2021 but recent economic concerns have shaken the market.

Yet despite this cooling off, some cyber vendors are still hitting the big time. Several major public cyber companies, including Palo Alto Networks, Fortinet and CrowdStrike, have seen big increases in their share prices since the beginning of the year, and those success stories should help to spur on more M&A activity in the sector.

Ultimately, venture firms are choosier now, and with firms being stress tested throughout Q1 and Q2, those who can demonstrate their product quality and reputation can expect to do well in this latter half of the year. After summer we’ll see major funding rounds announced for the vendors who have thrived during H1, driving a surge in hiring for professionals in this space.

All of this equates to a lot of movement in the cyber job market during H2. It’s going to be a busy period of change and we’re excited to see how the domino effect we’ve started to see over the last few weeks translates into new hires across the market. For both candidates and cyber companies, it has never been more important to stay informed about recruitment trends if they are to remain competitive in the job market.

With an in-depth understanding of how fluid and disruptive the cyber employment landscape is, at Trident Search we pride ourselves on keeping ahead of trends and best practice. As the hub of cyber security recruitment, our consultants ensure they are always aware of the latest frameworks, methodologies, products, threat actors and tools; in such a fast-paced industry, staying at the forefront of change is vital if we are to offer genuine career advice. If you are ready to take the next step in your career, or are looking to expand your cyber security team, get in touch for the most up-to-date intelligence from the Trident team.

Stay up to date with our latest news and market insights

View more
Vc Brochure Covwr

Cyber Snapshot: Venture Capital Investment

Read more


  • 2024 Salary Guide: Cyber Vendors, EMEA
    Read more
  • Trident Search places CTO at Reliance Cyber
    Read more
  • Cyber Talent Solutions in Operational Technology
    Read more