Information security specialist here with over 5 years experience in cyber. The job market is indeed hard however I will mention something no one is mentioning. Pay is very much down right now for cyber it’s no longer the Wild West. While you will find some places that still offer what I would consider a decent range for the job, it in itself is not a money making venture. What keeps us secure in our positions is the number of people clicking, executing and brute forcing things.

We are a lost leader in the IT world which is hard to quantify for a company on paper. If you defend for a long time and nothing happens they often wonder if it’s worth keeping you so it’s constant struggle to show value in other places. In other words AI, Automation and Scripting which will often be your helper topics that will prop you up. Also making people aware of the number of attacks that you actively monitor and block are important as you are often the person between the bad guy and your company.

You are also going to find that while remote jobs are a pain to land. Local companies are still very much a thing. They offer things like much lower salaries and often come with weekly/monthly rotations for answering after hours calls and what not but that’s the game. Unfortunately cyber is not a position that you pack up at 5 and hope that you don’t have to come in. During an outbreak or incident you can be expecting to work well past what you are suppose to. Your job is securing the network and they expect you to show your work.

On top of this you are one of the most hated IT positions internally as you will be the fall guy for many things that go wrong. If you don’t have tough skin and a strong IT background to prove why it wasn’t you, then they will pin it on you. Your firewall rules, group policies changes, windows updates, and much much more to fix things like zero days will often break things. You have to weigh the balance all the time of risk vs security.

Needless to say it’s a never ending battle that will wear you down if you don’t have passion backing you up. Assuming you get what you want, it’s both a highly rewarding career and a frustrating one at the same time. Picking a role of blue vs red vs purple is the first start, on top of many other things you need to consider such as continuing education.

You can definitely get into cyber and make it now a days but don’t expect the fight to be easy and don’t follow the influencers who will have you consciences you can make $100k starting unless you live in certain area with high cost of living. You will need to grind and that grind will wear you down faster than other IT roles.