This post was originally published on this site.
Cybersecurity has long been an industry that draws a specific type of tech professional: someone who is detail-oriented, well-versed at spotting unusual patterns within reams of data, has a good grasp of risk, is technically savvy and, finally, willing to endure long hours over nights, weekends and holidays when threats increase.
To balance out all these demands, organizations offer cyber pros good pay. In addition, with thousands of open positions throughout the industry, these pros could climb the leadership ladder or pursue another, better-paying job at a new company.
In the past several years, however, job satisfaction among cyber professionals has begun to drop. A pair of recent studies show that layoffs, budget cuts, return-to-office mandates, and vocational burnout are profoundly affecting the security workforce at a time when threats are rising and critical positions remain open and unfilled.
First, a study from ISC2, released this month, looked at women in the cybersecurity field and found that their job satisfaction dropped from 82 percent in 2022 to 67 percent in 2024. The report also noted that satisfaction rates among men also fell during this same period, from 73 percent to 66 percent.
Among the reasons for this drop in job satisfaction among women and men include budget cutbacks and layoffs. The ISC2 report also noted that women tended to experience higher levels of spending cuts within their organizations, leading to less job satisfaction.
Other factors play into this trend. “The decline in job satisfaction over the last two years has also been impacted by changes in working practices. In particular, the scaling back of remote and hybrid working at many organizations has translated into differences in workplace contentment,” according to the ISC2 report.
The second report, produced by IANS Research and Artico Search, found that only about a third of cybersecurity professionals would recommend their employer. Researchers also found that job satisfaction coincides with perceptions of limited career growth, with fewer than 40 percent of respondents satisfied with their advancement opportunities. In addition, about 45 percent of those surveyed expressed frustration over slow progression.
These findings come despite high salaries at many organizations for cyber pros with the right skill sets. Security architects and engineers, for example, can earn average annual cash compensation of $206,000 and $191,000 respectively, according to the IANS report.
The data points to a confluence of changes within cybersecurity (as well as the larger tech industry) that are having a negative effect on security pros even as compensation remains competitive.
“I am [also] noticing a huge churn in CIOs happening, and so it is not only cyber—this trend of burnout is across many other digital roles,” Agnidipta Sarkar, vice president for CISO advisory at security firm ColorTokens, recently told Dice. “And what I see worries me. Companies are laying off experienced people above an age group and hiring less costly resources without realizing that experience counts in cyber. Every cyberattack is making it very clear. We are far less prepared than earlier.”
While return-to-office policies, budget cuts and other factors are having an effect within the cybersecurity industry, cyber leaders, their organizations and security pros can take steps to help alleviate some of the stress and help push job satisfaction numbers back up.
A Need for Flexible RTO Policies
Starting last year and picking up added steam in 2025, Amazon, Google and other large tech firms began instituting return-to-office (RTO) policies, with other companies following suit. This placed additional stress on numerous business units, including cybersecurity, which has grown used to remote work and flexible schedules.Â
As several experts noted, many women who entered the security field over the last several years are feeling the pressure of these mandates, since many are taking care of children or relatives in addition to their everyday work duties.
“Undoubtedly, RTO is hurting because it is changing the status quo, just like it hurt working from home during the pandemic,” Sarkar added. “And it is hurting women more because, like it or not, even in 2025, a majority of women are still juggling homemaking and a professional career. It was definitely easier multitasking when working from home, and RTO is upsetting all the effort they put in earlier.”
With many cybersecurity professionals in their mid-30s and raising families, keeping commutes short is more valuable than in-office time. Organizations can benefit from showing more flexibility, said Alex Quilici, the CEO of YouMail.
“These [cybersecurity] folks get little benefit from going into the office and actually have a materially negative change to their lifestyle. Yet, these are the folks who are often the best performers,” Quilici, whose company is fully remote, told Dice. “Keeping them happy requires making exceptions to RTO policies. The good news about letting them remote work is that they can then find the best living situation, which may be in places with few other jobs, leading to better overall retention.
Combating Cybersecurity Burnout
One of the most significant issues within cybersecurity is burnout—especially keeping younger workers engaged and sane as they take on lower-level jobs within security organizations as a career start.
Organizations are having so much trouble recruiting and retaining entry-level talent that some are experimenting with technologies such as artificial intelligence (AI) to handle routine and manual processes to free up resources for more complex tasks.
The concern now is that AI remains in an experimental stage but full deployments aren’t ready as of yet. Still, the threat of AI use by cybercriminals is high, which can lead organizations to burn out their security professionals as they scramble for solutions in anticipation of what might happen, said Neal Humphrey, vice president of market strategy at Deepwatch, which specializes in cyber resiliency.
“The issue of burnout is also directly impacted by both the promise and the threat of AI and machine learning capabilities in security. The promise of AI is to make detection and analysis easier, helping security analysts to dig deeper, faster and to be smarter with their time,” Humphrey told Dice. “However, the threat of AI to security is the anxiety around what, when is it going to impact a security expert’s job or role. It has to be taken into account as the transformational technology it is, but as transformation occurs it also re-organizes needs and groups within enterprises—potentially leading to layoffs. It’s a bit of a vicious circle.”
The issue right now is organizations have not managed to balance the need for AI investments with how the technology is affecting their security organizations and workers.
“Organizations will need to be smarter with their staff, their partners, technologies and workloads to truly alleviate the burnout and personal satisfaction,” Humphrey added.
Ensuring Women Thrive in Cybersecurity
The ISC2 reports show that women now make up about a quarter of the cybersecurity workforce, but this has come at a price with sinking job satisfaction. Within the report, the researchers note that women are experiencing more setbacks compared to their male counterparts. These include:
Â
- The ISC2 report found that about 40 percent of women reported budget cuts compared to 36 percent for men.
- When it comes to hiring freezes, 42 percent of women reported that this affected their organization compared to 37 percent of male respondents.
- Finally, 36 percent of women reported that they or their team has experienced promotion and raise freezes compared to 31 percent of men.
“The climate for women in cybersecurity is showing signs of improvement but still faces significant challenges. Significant work still needs to be done to ensure equal opportunities and a supportive environment for women in this industry,” Teresa Rothaar, a governance, risk and compliance analyst at Keeper Security, told Dice. “Continued efforts from educational institutions, industry leaders and advocacy groups are needed to address the cultural and structural barriers within the industry to achieve true gender parity.”
Rothaar suggests five ways security organizations can create a more equitable and supportive environment for women in cybersecurity, which can also help increase job satisfaction and address issues such as burnout. These include:
Â
- Mentorship and sponsorship: Women leaders can mentor other women, offering guidance, advice and support to help them navigate their careers. This includes sharing experiences, providing career advice and helping mentees build their networks. Female leaders can also actively sponsor women by advocating for them in promotion discussions, recommending them for key projects and opening doors to new opportunities.
- Advocacy and representation: Women leaders can advocate for policies and practices that promote gender diversity and inclusion within their organizations. This includes pushing for equal pay, flexible work arrangements and family-friendly policies. By serving in leadership roles, women provide visible role models for other women in the industry, demonstrating that it is possible to reach high-level positions.
- Policy development: In leadership positions, women can influence company policies to support gender diversity and inclusion. This includes creating strategies for talent development, retention and succession planning that consider the needs of women.
- Strategic initiatives: Leading strategic initiatives that focus on diversity and inclusion can help institutionalize these values within the organization, ensuring they are integral to the company’s mission and operations.
- Thought leadership: Women leaders can contribute to thought leadership in the field by publishing articles, participating in panel discussions, and speaking at industry events. This not only showcases their expertise but also elevates the presence of women in the cybersecurity discourse.