Recruitment in cybersecurity: a booming sector
In recent years, cyber threats have affected all businesses. Data theft, espionage, computer sabotage, ransomware: cyberattacks take different forms and are increasingly sophisticated. In addition, the health crisis and the rise of teleworking have boosted cybercrime. In this context, the need for cybersecurity frameworks is exploding. What is the state of the situation in France? What type of company offers the most positions? What professions are the most in demand and what are the training courses in cybersecurity? Here are some answers.
Cybersecurity: job offers have doubled in 5 years
A recent study by the National Information Systems Security Agency (ANSSI) reveals a significant increase in computer threats in France. Thus, malicious intrusions into the computer systems of French companies increased by 37% in 2021. Information to be compared with the study of the Association for the employment of executives (APEC), which points to an urgent need for cybersecurity professionals.
A growing need for cybersecurity recruitment
Between 2017 and 2021, the volume of executive job offers requiring cybersecurity skills has almost doubled. Their number has increased from 3,650 to more than 7,000 ads. The evolution in this sector is far superior to the other types of executive offers published on the Apec website during the same period (+20%).
Cybersecurity: job offers mostly in IT companies
Cyberattacks affect all companies, regardless of their size, their field of activity or whether they are private or public. These risks represent real dangers for the survival of a company. However, the typology of companies that submit the most job offers remains mostly in the IT field.
APEC reveals that 51% of the cybersecurity executive job offers published on its site come from IT companies. 34% of other offers are submitted by other service companies. 14% of them are research and development (R&D) engineering companies. Banks and insurance represent only 4% of ads. Public administration is also in demand, with around 6% of vacancies.
Industrial companies only advertise a few jobs in the field of cybersecurity: they represent only 6% of the positions offered. In general, these sectors — manufacturers of electrical equipment, automobile manufacturers, etc. — prefer to use external service providers. Commerce and telecommunications each account for just 3% of cybersecurity job openings.
Recruitment in cybersecurity: the difficulties of VSEs and SMEs
Less aware and with limited budgets, very small, small and medium-sized companies struggle to formulate job offers. They also have difficulty identifying their needs and are not immersed in the cybersecurity ecosystem.
Île-de-France, region with the most cybersecurity needs
Unsurprisingly, it is Île-de-France that tops the list of regions with the best cybersecurity job offers, with 50% of advertisements. It is ahead of the Auvergne-Rhône-Alpes region (10% of offers), Occitanie (9%) and the PACA region (8%).
Brittany rises to fifth place among the regions that publish the most proposals, but it is in first position in terms of progression. The volume of cybersecurity offers has tripled in 5 years in the region. It is also attractive to young graduates, with 44% of cybersecurity job offers aimed at them (compared to 22% nationally).
What are the most sought-after positions in the field of cybersecurity?
APEC has classified cybersecurity jobs into 6 major families, based on job offers written by companies. These correspond to the different areas of expertise and fields of action in which a cybersecurity professional intervenes. Although they bring together a great diversity of profiles, these job families are not necessarily disconnected.
Governance, Risk and Compliance (GRC)
Professionals in this profile develop cybersecurity strategies, analyze risks and ensure compliance of computer systems.
Design, deployment and IT maintenance (Build & Run)
This category includes cybersecurity strategy architects. They design infrastructures, systems and networks that are resistant to cyberattacks.
Incident management and response
These are the specialists who act in the event of an intrusion or suspected intrusion.
- Audit and expertise
- Several trades fall into the category. Consultants, experts or auditors, data protection professionals, research and development (R&D) engineers or cybersecurity trainers.
General engineering in cybersecurity
The more general term of this classification corresponds rather to a strategy of companies to attract a maximum of candidates. They also seek not to confine them to specific functions.
Trade and Marketing
This category includes the pre-sales and sales professions that allow companies specializing in cybersecurity to conquer the market.
Recruitment in cybersecurity: the “ build & run ” concentrates the most offers
The field of IT design, deployment and maintenance (“build & run”) has the most job vacancies, with 46% of profiles sought (3,210 vacancies in 2021). Next come the RCMP (18%, 1,240 offers). Then, incident management and response as well as auditing and expertise (760 offers each), trade and marketing (630 offers) and finally general cybersecurity engineering (430 offers).
In 2021, more than 7,000 cybersecurity job offers were published.
Cybersecurity training: the challenges of tomorrow
According to APEC, the need for specialized cybersecurity profiles is expected to increase in the coming years. Increased risks of cyberattacks and human error are the main causes. In view of this explosion in demand, the two essential pillars on which cybersecurity must move forward remain innovation and training. Raising the awareness of employees within companies is also essential to curb the risks of cybercrime.