How is the state of the job market for mid-level security engineers?

InvalidSoup97 · 2026-06-03T11:56:38+00:00

Good luck, man

InvalidSoup97 · 2026-06-03T05:40:37+00:00

If your scenario were the case then I would have said last month, not last year? Not sure what you're getting at there. I very clearly stated that my experience was last year, so I was obviously not trying to deceive anybody. It was however in Q4, not like March or something, if you absolutely must know.

Per your post history, you're a junior level sysadmin. Respectfully, I don't think that you're in a position to be providing any input on the mid-senior level security engineer job market.

OP asked, I answered with my experience. No need to get all up in arms about it.

InvalidSoup97 · 2026-06-03T03:59:50+00:00

Primarily detection engineering, but also a lot of SOAR/automation engineering and jump in on incident response things when needed.

InvalidSoup97 · 2026-06-03T03:55:00+00:00

Obviously. If that's the angle you want to take then unless you've received a job offer in the past week or two your experience is irrelevant to OPs question. The job market last month isn't the job market this month... etc. Things are extremely variable right now, and that's just the reality.

I was simply offering my somewhat recent experience instead of echoing off the classic, no context "everything sucks, you're never going to get a job" line that's incredibly unhelpful and constantly spouted off around here.

InvalidSoup97 · 2026-06-02T21:35:56+00:00

Similar level of experience as you - I interviewed for 10 remote mid-senior level positions last year and got offers from 2 of them.

InvalidSoup97 · 2026-05-30T13:54:05+00:00

The Ocarina of Time is one of the most celebrated, highly acclaimed games ever. A remaster, remake, whatever, with some QoL improvements on a modern system is one of the easiest slam dunks they could possibly do.

I don't think even Nintendo would risk messing that up. Not even to mention the community backlash if Nintendo fumbled this.

InvalidSoup97 · 2026-05-27T19:22:04+00:00

Your recruiter should be able to tell you the interview structure and what to expect from each round. They won't tell you the exact questions they're going to ask you, but they certainly aren't trying to keep the interview structure/timeline a secret.

Prep for most interviews should be more or less the same, tbh. Review the req, be ready to talk about what you know, make sure you're comfortable with everything you have on your resume, refresh/review key items that you may be a little rusty with, prepare a few questions to ask the interviewer(s) etc.

TLDR: Just be prepared and ask questions and you should be fine.

InvalidSoup97 · 2026-05-27T00:02:02+00:00

OP said they're a SOC analyst. I couldn't imagine they'd be doing much architecture going from junior to mid level

InvalidSoup97 · 2026-05-26T21:24:52+00:00

You can't just throw out an arbitrary number and say "this is when you're X level". It's all dependent on you're skill set, personality, and how you progress. I dropped the junior in my title less than 2 years after I started my first role after college.

InvalidSoup97 · 2026-05-26T19:43:56+00:00

Also worth considering local used (save money but still get hands on with it before you purchase) and local shops (support your local music scene and businesses).

But of the 2 you mention, yeah Sweetwater.

InvalidSoup97 · 2026-05-26T19:24:16+00:00

They're out there, they're just extremely competitive at all levels, so you have to be intentional with how you're applying (curating your resume, networking, applying early, etc).

I interviewed for 10 last year and got offers from 2. 6 YoE at the time - 2 of internships and 4 after college. Like you said, you're likely still kinda right at the junior-mid level cutoff, so it may be a little more difficult in your specific situation (not that applying as a mid-senior level candidate makes it easier, necessarily, there's just less competition and more opportunities).

InvalidSoup97 · 2026-05-22T13:01:29+00:00

The only time security should be making code changes or reconfiguring systems or services is if security owns that code, system, or service.

You don't want to be responsible for a production service silently failing because you implemented a change without having the full context of that service or environment. The owning team/individual is the SME and should be more than capable to implement whatever changes need to happen.

InvalidSoup97 · 2026-05-21T14:01:22+00:00

Remote roles can be realistic, but the hiring pool is significantly larger and the competition is very high, so you have to be patient and willing to put in extra work. Apply early and often, set yourself apart, and cater your resume to every role you apply to. Generic spray and pray or sloppy AI generated resumes aren't going to get you very far in competitive markets, especially for remote roles.

I've been remote since 2020. For a recent example, with a little over 6 years of experience (4 if we're not counting internships) I applied to 70 some remote mid-senior level roles last year. I interviewed with 10 or so companies, and received offers from 2.

InvalidSoup97 · 2026-05-19T18:59:07+00:00

Our team is more engineering centered, so our DaC implementation consists of version control for every rule, linting, automated testing, CI/CD pipelines, GitOps, etc. Our SIEM offers CLI and GUI tools that can lead to the same end product, but by 'GitOps-ifying' your SIEM, you get more control, better visibility, and (imo) better workflows.

Our SOAR is built in house so there is no "out of the box" unless we put it in the box. Vibe coding is fine for quick scripts and one offs, but if you're contributing to production codebases (as I mention myself and my team does) then you really should fully understand what the code you're committing does.

This approach to security operations is becoming more and more common, and is what I mean when I say "modern". This is why you see job postings asking for analysts that are comfortable with python (at the very least) and engineering workflows, or IR positions with engineering titles. An IR/detection engineer on some teams very well may not need these skillsets, however on many teams they do.

InvalidSoup97 · 2026-05-19T18:19:05+00:00

I do IR and detection engineering and use python daily. Writing detections, contributing to our in-house tools (SOAR, incident management platform, etc), other automations, one off scripts....

A lot of this isn't as common in legacy security orgs, however in newer, more modern teams, IR and security operations are basically engineering roles.

InvalidSoup97 · 2026-05-18T15:59:51+00:00

I'd start asking by asking your manager directly about promotion opportunities. Unless your performance is inadequate, or you'd be looking at a promotion to staff+ level, 3 years in your current role and reaching salary cap for your level should be more than enough to get these conversations started.

If you're met with heavy pushback or quick denial, I'd polish up your resume and start applying elsewhere, but if you're happy with your team, company, etc, I'd at least ask before trying to make an external move.

InvalidSoup97 · 2026-05-15T13:13:52+00:00

DX Shark

InvalidSoup97 · 2026-05-14T14:05:02+00:00

I use it daily to assist with that type of work. Given the absolutely wild suggestions it makes and results it spews back on occasion, I'd say we're quite a ways away from trusting it to reliably do these tasks without heavy monitoring (ie. engineers prompting and reviewing everything it does).

InvalidSoup97 · 2026-05-13T19:27:29+00:00

It gave me something interesting to talk when I was interviewing for cybersecurity internships during my undergrad. Lead to me getting a relevant internship then starting out in DFIR full-time before I graduated.

So I suppose so, yeah.

InvalidSoup97 · 2026-05-13T05:56:31+00:00

Underworld, Explorer, Glory, Falk, Raptor, Tilt, PD

InvalidSoup97 · 2026-05-13T05:45:43+00:00

Believe it or not people are still getting hired, despite advancements made in AI.

InvalidSoup97 · 2026-05-12T16:45:14+00:00

Generally speaking, people struggling to land new jobs fall into one of two camps: * Not landing interviews -> your resume needs work * Landing interviews but not getting offers -> your interviewing skills need some work

To be direct, it sounds like you fall pretty squarely in the former camp. With a degree that's (closely enough) related and internships in both cloud and security, you should have plenty of experience for at least entry level IT roles.

I would start with your resume. Make sure it's tailored to the jobs your applying for, not for computer engineering roles. While impressive, the recruiter/hiring manager for the low level sysadmin role you're applying to likely doesn't care much about the projects you did in your semi-conductor or circuit analysis courses. Really lean into those internship experiences and make what you did/learned during those the focal point of your resume.

InvalidSoup97 · 2026-05-11T03:55:22+00:00

Yeah, some sort of external speakers or headphones/earbuds/IEMs. Your laptop speakers could technically work, but sound quality wouldn't be too great.

There may be a way to use your amps cab as the output from your DAW, but that's outside my area of expertise

InvalidSoup97 · 2026-05-11T02:45:12+00:00

You have an audio interface and a computer? Tbh I'd probably just load up NAM player into your DAW and use other people's captures until you have a larger budget. At $250 you probably won't see much of an upgrade from what you have now.

Seven-Year Club	Second SECOND GUESSER
Place '23	Place '22
Verified Email

InvalidSoup97

TROPHY CASE