Cybersecurity’s 750,000 Job Openings: Who Can Transition and How?
The cybersecurity field is experiencing unprecedented demand, with professionals earning between $97,000 and $159,000 annually (SimpliLearn, 2025) and approximately 750,000 unfilled positions in the U.S. alone (Cybersecurity Ventures, 2025).
Yet, the tech industry is grappling with significant layoffs, with 61,000 jobs cut in 2025, creating a pool of talent eager to pivot into more secure roles.
As organizations face a 4.8 million cybersecurity talent gap (SHRM, 2025) and rising threats like “harvest now, decrypt later” attacks (Forrester, 2025), the opportunity for tech professionals to transition into cybersecurity has never been clearer.
The Techronicler team asked tech leaders and experts:
Cybersecurity engineers earn $97,000-$159,000 (SimpliLearn 2025) with approximately 750,000 unfilled positions in the U.S. alone (Cybersecurity Ventures, 2025). Considering the current trend of tech layoffs, which of these professionals can train for a role in cybersecurity? What tips would you offer them?
Their insights reveal which tech roles are best suited for this shift—such as software developers and IT specialists—and provide actionable tips, from upskilling in cloud security to earning certifications like CompTIA Security+, to help professionals secure a foothold in this high-demand field.
Read on!
Carla Niña Pornelos
One of our longtime tech contributors—an app developer—was unexpectedly laid off during the 2023 downturn. Instead of panicking, she pivoted.
With a solid foundation in code, she enrolled in a cybersecurity bootcamp and six months later, landed a junior analyst role. That shift inspired our entire creative tech circle to explore the resilience of cybersecurity careers.
Professionals in systems administration, network engineering, software development, and even QA testing are well-positioned to transition into cybersecurity. Their familiarity with codebases, infrastructure, and troubleshooting gives them a head start.
My advice, start with fundamentals—CompTIA Security+ or CISSP—depending on experience level. Explore platforms like TryHackMe or Hack The Box for hands-on learning.
And don’t underestimate the power of peer communities; Reddit’s cybersecurity threads or Discord study groups can accelerate learning and provide crucial moral support.
Lastly, frame your existing skills in a security context. Did you debug APIs? That’s secure coding. Managed servers? That’s endpoint defense. Cybersecurity isn’t a new language—it’s often a new lens.
Carla Niña Pornelos
General Manager, Wardnasse
Bob Gourley
In my opinion, here are the top 5 roles perfect for laid off IT employees pursuing a fresh start in cybersecurity.
Cloud Security Architect: If you’ve dabbled in AWS or Azure, double down. Learn cloud-native security tools, zero trust frameworks, and how to secure multi-cloud environments.
Penetration Testers: Anyone with a curious, hacker mindset can train here. Start with Capture the Flag (CTF) challenges and learn tools like Metasploit or Burp Suite.
Ethical Hackers: Got a nose for mischief and a legal compass? Start with the Certified Ethical Hacker (CEH) or go grassroots with HackerOne and Bugcrowd programs.
Threat Intelligence Analyst: Use your incident response background to dig into attacker behavior. Learn to analyze TTPs (Tactics, Techniques, Procedures) and contribute to threat feeds.
Application Security Engineer: If you’ve been working on securing infrastructure, try moving up the stack. Learn static and dynamic code analysis, and integrate security into the SDLC.
Bob Gourley
CTO & Author, The Cyber Threat
Russ Munisteri
Even with tech layoffs occurring in 2025, cybersecurity is still a strong and growing field with decent salaries and many job openings.
People who have worked in IT support, system and network administration, or software development have a positive movement into cybersecurity due to many of their overlapping skills.
For example, IT support personnel already know how to troubleshoot, work with networks, and use different operating systems, which are important for jobs like Security Analyst or Cloud Security Specialist.
To make the switch into cyber, here are my thoughts:
- Education is key. Learn the basics of cybersecurity through educational institutions.
2. Get industry recognized certifications such as CompTIA Security+, CySA+, PenTest+, CEH, SSCP or CISSP to show your skills.
3. Practice hands-on with labs, internships, or volunteer projects.
4. Find a mentor in cybersecurity who can guide you and share advice.
By building on existing skills and staying committed to learning, professionals can successfully start a career in cybersecurity. With the right mindset and preparation, a career in cybersecurity can be a smart and fulfilling next step.
Russ Munisteri
Program Chair & Lead Instructor, MyComputerCareer
Nic Adams
Professionals with experience in the following areas are particularly well-positioned:
Network/Systems Administration: Understanding of network infrastructures and system configurations is foundational for roles like security analysts and incident responders.
Software Development: Proficiency in coding and app development aids in secure software practices and vulnerability assessments.
Cloud Computing: Experience with cloud platforms is valuable for cloud security roles (given the increasing reliance on cloud services).
Data Analysis: Skills in data interpretation support threat intelligence and security monitoring functions.
Such multi-faceted backgrounds provide a solid foundation for various cybersecurity roles, such as: penetration testing, security engineering, governance, and industrialized black hat ethical hacking ops.
Training paths or certifications that offer the fastest route to readiness:
I get asked this every week. Certs are slowly fading in significance and relevance. But if I had to provide a few:
CompTIA Security+: An entry-level certification covering fundamental security concepts.
Certified Ethical Hacker (CEH): Focuses on identifying and addressing system vulnerabilities.
Certified Information Systems Security Professional (CISSP): For those with more experience (covering a broad range of security topics).
Google Cybersecurity Professional Certificate: Offers hands-on experience with industry-standard tools and is suitable for beginners.
Yes, these certs can be pursued through various online platforms, providing flexibility for learners. However, that should tell you enough, pertaining to real-world efficacy. Last time I checked, the best hackers have zero certs because in my world, it’s purely comedic. Try-hards never amount to much.
Common mistakes transitioning professionals make and how they can be avoided:
Neglecting IT Fundamentals: A solid understanding of networking, operating systems, system admin is crucial.
Overemphasis on Certifications: Practical experience through labs, campaigns, and projects is the most valid cert.
Lack of Specialization: Cybersecurity is broad; identifying a specific area of interest can guide more effective learning and career development.
Underestimating Soft Skills: Communication and problem-solving abilities are essential for roles that require collaboration and incident response.
Never overshadow/conflate theoretical knowledge with practical application and continuous learning. The cybercrime world ain’t Geek Squad. Because you should’ve been living on the ‘dark web’ a long time ago.
Additional tips for someone aiming to move into cybersecurity after a tech layoff:
Leverage Transferable Skills: Identify how your existing experience aligns with cybersecurity requirements. Don’t listen to industry experts because most of them are boneheads who’ve never done what they claim to protect against. Seriously.
Engage in Continuous Learning: Stay updated with the latest threats and security practices through webinars, workshops, and industry news.
Network with Actual Professionals: Join forums or ping me for some feedback or suggestions. Hint: NOT at RSA, DEFCON, or xyz conference.
Build a Portfolio: Document your projects, lab exercises, tools, plus any freelance work to showcase your capabilities to potential employers. If all else fails, show me. I may be able to help more than most.
Strategically aligning your background with cybersecurity demands, concurrently committing to ongoing development, helps successfully transition into this dynamic field.
Sergios Sergiou
Professionals with backgrounds in IT support, networking, software development, or systems administration are well-positioned to transition into cybersecurity.
Their existing technical skills—like understanding system architecture, managing servers, or writing code—provide a strong foundation for security roles.
In light of tech layoffs, many of these professionals are seeking more stable, high-demand fields. Cybersecurity offers that, with over 750,000 unfilled roles in the U.S. (Cybersecurity Ventures, 2025) and competitive salaries averaging $97,000–$159,000 (SimpliLearn, 2025).
My Advice, Start with foundational certifications like CompTIA Security+ or Certified Ethical Hacker (CEH). Gain hands-on experience via labs or Capture the Flag (CTF) events. Leverage free platforms like TryHackMe or Hack The Box, and follow cybersecurity blogs and podcasts to stay updated. Networking with professionals on LinkedIn or attending local security meetups can also help open doors.
Jared Bauman
Professionals in software development, IT support, and network engineering are primed to transition into cybersecurity. They already understand core systems, coding languages, and network structures—skills directly applicable to security roles.
The smartest move is to earn certifications like CompTIA Security+ or CISSP and start hands-on learning through platforms like TryHackMe or Hack The Box.
Cybersecurity is one of the few tech sectors with explosive demand and staying power. If you have a tech background and a problem-solving mindset, you’re absolutely qualified to make the switch.
Jared Bauman
Co Founder & CEO, 201creative
Lydia Lightfoot
Many professionals impacted by tech layoffs—especially those in Systems, Cloud, and Network Engineering —are well-positioned to pivot into cybersecurity. Their transferable skills in system administration, scripting, or infrastructure provide a strong foundation.
To stand out, earn industry-recognized certifications like CompTIA Security+, (ISC)² SSCP, or Cisco’s CyberOps Associate to validate your knowledge. For those with more experience, consider CEH or CISSP. Hands-on practice is key—use platforms like TryHackMe or Hack The Box.
Finally, network in cybersecurity communities and contribute to open-source projects or bug bounties to build your resume and credibility. The demand is high—strategic upskilling can unlock great opportunities.
Lydia Lightfoot
Technical Recruiting Team Lead, Carex Consulting Group
Jason Hishmeh
Cybersecurity is still hiring, and if you’re a laid-off developer, systems administrator, QA engineer, or network engineer, you’re halfway there. You know how systems can be made to function, where they are prone to failure, and how to calmly solve problems under pressure.
The real shift is in mindset. There’s less of a focus on buzzwords and more on practical experience: finding vulnerabilities, reading logs, automating the simple checks, getting to grips with attack paths. You will learn more from Capture the Flag challenges and sandbox labs than in any textbook.
Certifications matter, but do not chase them with blinders on – employers are looking for thinkers, not badge collectors. If you have built or repaired software in high-stakes contexts, you have already got the instincts. Now, aim them at defense.
Jason Hishmeh
Co-Founder, Varyence
Antony Marceles
Professionals from software engineering, network administration, IT support, DevOps, and even QA testing are well-positioned to transition into cybersecurity. These roles already involve system-level thinking, problem-solving under pressure, and familiarity with infrastructure, all highly transferable to security.
At Pumex, we’ve seen backend developers successfully pivot to security engineering roles by layering in knowledge of secure coding, vulnerability assessment, and threat modeling. With the cybersecurity skills gap growing despite tech layoffs, it’s a timely opportunity for displaced tech workers to upskill in a space with long-term stability.
My Advice, Start with foundational certs like CompTIA Security+, then advance based on interest, whether that’s ethical hacking (CEH), cloud security (CCSP), or governance (CISM). Hands-on labs via platforms like TryHackMe or Hack The Box help bridge the theory-to-practice gap. Also, get familiar with SIEM tools, IAM frameworks, and Zero Trust principles.
The most successful transitions I’ve seen come from people who embrace continuous learning and get proactive about building a security mindset, not just learning tools, but thinking like an attacker and a defender. That shift is what turns a tech generalist into a cybersecurity asset.
Antony Marceles
Founder, Pumex
Jacob Bonnett
Moving into cybersecurity from IT may mean lower initial pay and earning new certifications—but your experience is a solid foundation.
Leverage Transferable Skills: Helpdesk, networking, or sysadmin roles often involve patch management, firewalls, access controls, and endpoint security—all valuable in cyber.
Choose a Path: Explore roles like SOC Analyst, GRC, Pen Tester, or Cloud Security. Tools like MyCyberPath help match your strengths.
Earn Certifications: Start with Security+, SC-900, or Google’s Cybersecurity Cert. Can’t afford them yet? Self-study and list them as “In Progress.”
Gain Practical Skills: Use labs like TryHackMe or Hack the Box. Build simulations with Kali Linux or VirtualBox.
Apply & Network: Tailor your resume, join LinkedIn groups, attend ISSA/ISC2 events, and volunteer for CTFs.
Stay Persistent: Expect setbacks. Progress takes time—but one “yes” can launch your new career.
Jacob Bonnett
Career Services Specialist, MyComputerCareer
On behalf of the Techronicler community of readers, we thank these leaders and experts for taking the time to share valuable insights that stem from years of experience and in-depth expertise in their respective niches.
If you wish to showcase your experience and expertise, participate in industry-leading discussions, and add visibility and impact to your personal brand and business, get in touch with the Techronicler team to feature in our fast-growing publication.
