The university of tulsa Online Blog

According to the 2024 cybersecurity workforce study from ISC2, a member association for cybersecurity professionals, there are currently 5.5 million active cybersecurity workers globally. However, the growth of the cybersecurity workforce has mostly stalled over the past two years. What didn’t stall was the growing need for cybersecurity professionals.

As of 2024, the estimated number of cybersecurity workers needed is 10.2 million, up from 9.5 million in 2023, an 8.1% increase year over year, according to ISC2. That means there are 4.8 million unfilled cybersecurity roles, demonstrating a large gap between the number of qualified cybersecurity workers and the number of cybersecurity workers employers want.

This supply-to-demand ratio issue is what’s known as the cybersecurity skills gap. By earning a master’s degree in cybersecurity, you can better prepare to help close that gap.

What Is the Cybersecurity Skills Gap?

The cybersecurity skills gap is the difference between the number of cybersecurity professionals qualified to meet the expectations of employers and the number of cybersecurity positions. According to ISC2, 67% of cybersecurity professionals say there’s a shortage of qualified cybersecurity workers in their organization. In the U.S., the cybersecurity skills gap grew by 4.4% between 2023 and 2024.

Why Is There a Cybersecurity Skills Gap?

Many employers require specific qualifications to enter cybersecurity roles, which can make it challenging for professionals entering the field. For instance, according to a hiring report from ISC2, 34% of hiring managers want entry-level candidates to hold the certified information systems security professional (CISSP) credential. However, to earn that certification, one would already need to have a minimum of five years of cumulative and paid experience in a role or roles related to cybersecurity.

Cybersecurity employees also need to keep their skills up to date. With the development of more advanced artificial intelligence (AI), cloud computing, and other technologies, bad actors have more opportunities to launch cyber attacks than ever before.

What Skills Do Cybersecurity Professionals Need?

Cybersecurity roles require a mix of both hard and soft skills. According to ISC2’s hiring report, hiring managers are looking for candidates with skills in these top five areas to help close the cybersecurity skills gap:

• Teamwork: Collaborating to combat threats, often on growing teams.

• Problem-Solving: Working through real-time problems quickly and effectively.

• Analytical Thinking: Gathering, organizing, and evaluating data, and finding patterns and trends to uncover threats

• Data Security: Expertise in techniques for keeping data safe.

• Cloud Security: Maintaining the security of data stored in the cloud.

Growing Roles in Cybersecurity and Their Associated Skills

While the number of positions for cybersecurity professionals is expanding quickly, some jobs are growing faster than others. These three roles each require a particular set of cybersecurity skills, and the projected job growth for each of them significantly outpaces the national average.

Penetration Tester

Cybersecurity professionals use two types of skill sets: defensive skills and offensive skills. Penetration testers largely employ offensive skills. Penetration testers, a type of cybersecurity specialist, attempt to think like cybercriminals and identify vulnerabilities in an organization’s networks. They find places where an attacker could exploit a flaw in the security system.

Relevant Skills

• Soft skills, such as communication and teamwork

• Technical skills, including vulnerability assessment, security auditing, and network security management

The U.S. Bureau of Labor Statistics (BLS) tracks penetration testers as a type of information security analyst, and the projected job growth rate for these professionals is 29% from 2024 to 2034. For some perspective, the BLS projects 3% job growth for all professions during this time period. According to Payscale, penetration testers have a median annual salary of about $101,100 as of September 2025.

Cybersecurity Architect

Cybersecurity architects are responsible for designing the systems, processes, and procedures to secure their organizations’ networks.

They oversee their cybersecurity team in developing the pieces of the security plan’s modules. Once the employees complete the individual pieces, cybersecurity architects create the final security structure, test it to ensure it works, develop policies for using the security structure, and work with other teams to implement it across the organization.

Relevant Skills

• Offensive skills to test their security structures

• Defensive skills for building out security structure defenses

• Competency in information technology (IT) infrastructure, security risk management, and cloud computing

The BLS categorizes cybersecurity architects as computer network architects, and projects these professionals will see 12% job growth between 2024 and 2034. According to Payscale, cybersecurity architects have a median annual salary of about $148,100 as of 2024.

Cybersecurity Manager

Cybersecurity managers lead cybersecurity teams and make key decisions regarding cybersecurity and IT security. These managers may have some hands-on security responsibilities, but they mainly oversee technical employees. They focus on the big picture and make important decisions such as which new technologies to invest in and how to implement a new security policy.

Relevant Skills

• Offensive and defensive skills to guide entry-level and junior-level cybersecurity employees

• Soft skills in leadership, communication, and strategic planning

The category of cybersecurity managers encompasses chief information security officers, cybersecurity directors, and cybersecurity managers, all high-level cybersecurity professionals. The BLS categorizes them under computer and information systems managers, and projects they will see 15% job growth between 2024 and 2034. According to Payscale, the median annual salary for cybersecurity managers is about $139,100 as of 2024.

Help Close the Cybersecurity Skills Gap With TU

The cybersecurity skills gap can only be closed with enough workers who understand the security needs of today’s organizations. Today’s employers expect even entry-level workers to have a background in cybersecurity and a thorough knowledge of both the technical and nontechnical sides of this growing field.

The University of Tulsa’s online Master of Science in Cyber Security program offers both technical and leadership tracks, allowing you to learn about all the unique facets of cybersecurity and prepare for either technical roles, such as a penetration tester, or leadership roles, such as a cybersecurity manager.

In select elective courses, you can also prepare for taking the CompTIA Pentest+, CompTIA Security+, and CISSP exams, which are required to obtain the certifications that many of today’s employers expect cybersecurity professionals to have.

Find out how you can become a cybersecurity professional with TU.

Recommended Readings

5 Types of Hackers

What Are the 8 Types of Cybersecurity?

Do You Need a Degree for a Cybersecurity Career?

Sources:

Gartner, “Gartner Says Cloud Will Become a Business Necessity by 2028”

ISC2, “2025 Cybersecurity Hiring Trends: Why Investing in Entry- and Junior-Level Talent Is Key to Building a More Resilient Cybersecurity Workforce”

ISC2, “Employers Must Act as Cybersecurity Workforce Growth Stalls and Skills Gaps Widen”

Payscale, Average Cyber Security Manager Salary

Payscale, Average Penetration Tester Salary

Payscale, Average Security Architect, IT Salary

TechTarget, “Cybersecurity Skills Gap: Why It Exists and How to Address It”

U.S. Bureau of Labor Statistics, Computer and Information Systems Managers

U.S. Bureau of Labor Statistics, Computer Network Architects

U.S. Bureau of Labor Statistics, Employment Projections — 2024-2034

U.S. Bureau of Labor Statistics, Information Security Analysts