Jobs for IT security experts: vocational training is becoming more attractive

According to the latest Dekra labor market report, employers are no longer so focused on university graduates when it comes to job advertisements for IT security experts. A degree in computer science is still the most frequently cited qualification in around 61 percent of job advertisements. However, IT vocational training follows at almost 43 percent, and in around 37 percent of cases, vocational training is also considered as an alternative to a degree. In the case of dual IT training, employers often did not specify which specialization they wanted.

According to Dekra, the situation was very different in 2018 – when only a quarter of IT security jobs were open to applicants without a degree. The testing company concludes that professional experience now simply carries more weight than formal qualifications. For the analysis of the security job market, which is part of a more comprehensive labor market report, Dekra said it examined 250 job offers.

Certifications in demand, AI not

Regardless of the degree, certifications and further training are an advantage for applicants in the security sector: in one in five cases, job seekers would have to demonstrate IT security further training and certifications. The international certifications CISSP Certified Information Systems Security Professional (14 percent) and CISM Certified Information Security Manager (11 percent) topped the list.

Despite the ubiquitous hype, AI plays no role in the job advertisements for security pros, neither in terms of knowledge nor tasks. In terms of knowledge, “general knowledge” in IT and cyber security was most frequently requested (84%), as well as norms, laws, and standards (63%), and network technology (59%). In 44 percent of cases, job seekers are also expected to be familiar with the concept of an information security management system and with the ISO/IEC 27000 series. A number of other norms and standards can be found in the job offers, such as IT-Grundschutz (BSI), NIST, ITIL, NIS2, and occasionally industry-specific standards.

Dekra has noticed slight shifts in the soft skills in demand: in 2018, characteristics such as assertiveness and a confident manner were still desired in a third of advertisements – but are now still desired in 17 percent. Even the willingness to travel, which used to be required by almost a quarter, is currently only in demand by around 10 percent, which is probably due to the changed office culture with video calls and working from home. Strong communication skills, the ability to work in a team, analytical thinking, structured work, and, at 32 percent, a sense of responsibility are still in demand, twice as often as in 2018.

Prefer not to mention salary?

According to Dekra, employers focus on work-life balance and personal development to convince potential candidates. Flexible working hours (almost 63%), working from home (62%), and health and fitness offers (43%), should score points with the sought-after specialists. More than half (58 percent) also promise to provide support for further training and development. At 27 percent, however, remarkably few companies offer the prospect of an “attractive salary,” although according to various surveys, this is usually the most important factor for job seekers and those looking to change jobs. However, IT is one of the professional fields in which employers rarely provide salary information anyway.

Overall, Dekra sees rosy times for IT security specialists. “Those who have mastered their craft here don't have to worry about their professional future,” says Katrin Haupt, Managing Director of the Dekra Academy, assessing the labor market situation.

(axk)