ByteSizedSecurity Cybersecurity Insights & Analysis
DevSecOps 5 min read Updated

Cybersecurity Hiring Is Up 11% in 2026 — Here's What Changed

Marc David
Marc David Senior Security Engineer · CISSP
AI in Cyber Cybersecurity Careers Future of Work
Cybersecurity Hiring Is Up 11% in 2026 — Here's What Changed

AI Is Creating More Cybersecurity Jobs, Not Fewer. Here’s What It Means for You.

TL;DR: A new NYT report confirms cybersecurity hiring is surging as AI generates more code, more vulnerabilities, and new threats. Job postings are up 11%, executive search firms are overwhelmed, and pay is spiking. The roles are evolving, but the demand is undeniable. Here’s what this means for security professionals at every level.


The narrative around AI and jobs tends to go one way: AI replaces humans. Layoffs. Automation. Fewer opportunities.

But in cybersecurity, the opposite is happening.

On 5/24/2026, the New York Times published “One Job Is Growing in the A.I. Era? Cybersecurity Experts.” The article lays out what many of us in the field already feel: demand for security talent is outpacing supply, and AI is the primary driver.

The Numbers

According to the article:

  • Cybersecurity job postings in Q1 2026 were up 11% year over year (per Glassdoor)
  • Executive search firms specializing in security are turning away clients
  • One firm reported a five to sevenfold increase in requests for security executives since fall 2025
  • Pay packages for security leaders are reaching $7-8M
  • Midlevel security engineers are negotiating higher pay and more interesting work

Austin Cowan, a headhunter at Heidrick & Struggles, summarized it: “Roles typically come along every 12 months. We’re seeing those roles come along every week.”

Why AI Is Fueling Security Demand

Three forces are converging:

  1. AI-generated code is creating more vulnerabilities.

Developers are using AI tools to write code faster than ever. Speed comes at a cost. AI-generated code introduces bugs and security flaws traditional code review processes weren’t built to catch. The volume of code is growing, but security review capacity hasn’t kept pace.

  1. Advanced AI models find and exploit software flaws.

Anthropic’s Mythos model, announced last month, is exceptional at discovering and exploiting vulnerabilities in critical infrastructure software. OpenAI followed with GPT-5.4-Cyber. Both companies released these tools to limited partners for testing, but the implications are clear: attackers will eventually access similar capabilities.

  1. Companies are racing to protect infrastructure they don’t fully understand.

AI is being integrated into systems faster than security teams assess the risk. This creates gaps. And gaps create demand for people who identify and close them.

What This Means for Different Career Stages

If you’re trying to break into cybersecurity:

This is validating news. The jobs are there. But notice the pattern in the article. Brian Gaudenti, a security engineer with 10+ years of experience, struggled to find work for months. What changed? He started using AI tools himself. He built projects with AI. He added them to his portfolio. He demonstrated adaptability.

Entry-level candidates need to show the same thing. Technical fundamentals still matter. Linux, networking, cloud, detection engineering. But you also need to show you work alongside AI, not talk about it. We’ve covered this shift in detail: portfolios now outrank degrees as the #1 hiring signal. For entry-level candidates weighing where to start, my Google Cybersecurity Certificate review breaks down the cheapest structured on-ramp — including two free routes and how it stacks up against Security+.

If you’re mid-career:

You have leverage. The article makes clear midlevel security engineers are negotiating better packages. Lea Kissner, LinkedIn’s CISO, noted security engineers are asking for higher pay and more interesting work, and the competition for them is intense.

Use this moment to level up. Learn how AI changes your specific domain. If you’re in detection engineering, understand how AI-generated code affects your detection logic. If you’re in AppSec, learn how to review AI-produced code at scale. Specialization within the AI-security intersection makes you significantly more valuable.

If you’re a security leader:

The pressure is real. Companies want executives with breach response experience, data protection expertise, and the technical ability to review code. This combination has always been rare. Now it’s essential.

The article suggests companies are paying $7-8M packages to attract top security leaders. This signals how seriously boards are taking this risk.

The Bigger Picture

Meta cut 8,000 people. Amazon cut 16,000. Snap, Stripe, and Block shed thousands. These layoffs are real, and they’re affecting real people.

But cybersecurity is growing within the same economy. Not because it’s immune to change. Because AI itself creates the problems security teams solve.

More AI-generated code means more bugs. More advanced AI models mean more sophisticated attack capabilities. More AI integration means more complex systems to defend.

This isn’t a bubble. It’s structural demand.

What to Do Right Now

  1. Build with AI. Use AI tools in your work. Document what you learn. Add it to your portfolio.
  2. Understand the threat. Read about Mythos, GPT-5.4-Cyber, and how these models change the threat picture. You’ll be asked about them in interviews.
  3. Focus on fundamentals. Incident response, risk assessment, secure architecture, and clear communication. These remain the core of every security role.
  4. Show your work publicly. Write about what you’re learning. Post case studies. Share your lab projects. The article shows demonstrating adaptability is what separates candidates who land roles from those who don’t.
  5. Don’t wait for the perfect role. The market is moving fast. If you see an opportunity stretching you, take it.

Final Thought

The cybersecurity profession isn’t being replaced by AI. It’s being reshaped by it. The people who adapt will have more opportunities, better compensation, and more interesting work than ever before.

The people who wait for their old jobs to reappear won’t find them.

As Brian Gaudenti put it: “People who are not doing this and waiting for their old jobs to reappear, they’re not going to find them again.”

The demand is real. The question is whether you’re building the skills to meet it.

If you’re mapping your path, Okurrrr is a free career roadmap with 627 certifications and 759 free resources. And for the complete playbook on breaking into the field — including a 90-day action plan — read our Cybersecurity Career Guide.

Share This Article

Comments