Top 5 reasons to quit your cybersecurity job

The downsides with making a career switch go away in a market with zero-percent unemployment.

greener pastures
Credit: Thinkstock

Talk about a candidate's job market.

There are 1 million cybersecurity job openings in 2016, according to the Cybersecurity Jobs Report, published by Cybersecurity Ventures (disclaimer: Steve Morgan is founder and CEO of Cybersecurity Ventures). That number is expected to reach 1.5 million by 2019. The unemployment rate in the cybersecurity industry has dropped to zero percent, and all signs point towards a prolonged workforce shortage through 2021.

The cybersecurity job market statistics make it clear that opportunities abound for experienced professionals in an industry poised to spend more than $1 trillion on products and services to combat cybercrime over the next five years. Still, how does one know if the time is right for a career move?

Here's five reasons to quit your cybersecurity job and get a new one:

1. You're underpaid. If you've been with a company for two years or more, then your annual compensation increases are probably set to an incremental percentage (i.e. 10 percent) over your current income based on positive performance reviews. Potential new employers will have to compete for you, and offer fair market value (FMV) for your services. Research the top five IT security salaries and other compensation data that covers your title. If you are seemingly underpaid with a comp plan that will leave you there despite annual bumps in pay, then it may be time to go looking.

2. You want to switch industries. Two years ago financial services was the most cyber-attacked industry. Now the healthcare sector has moved to the top of the list, according to a CSO story last week. Hospitals and healthcare providers are scrambling to combat unprecedented levels of cybercriminal activity -- including a massive surge in ransomware. If you're an experienced cyber pro working in a field that isn't a top hacker target, then maybe you should be.

3. You want upward mobility. There's only one CISO (chief information security officer) per company. Maybe you've spent a decade honing your cybersecurity skills and elevating into progressively more important roles but there's nowhere else to go at this point. Basically, you've hit a ceiling. The CISO at your current employer is experienced, smart, energetic, and probably not going anywhere. So it's either a lateral move to gain even more experience, or time to move on to that CISO role you're ready for.

4. Your company has lousy security. Perhaps your current employer has their defenses down and they are practicing poor cybersecurity -- not allocating enough budget, not training employees on security awareness, not engaging senior management, and basically a sitting duck. Why work for a company that isn't as passionate about protecting their systems and data as you are? They'll get hacked sooner or later. It may be better to bail now rather than after a major breach when the post-attack reputational harm spills onto your resume.

5. You want to master new skills. Are you reading about IoT and mobile security, cyber forensics, automotive security and other cutting-edge technologies that excite you -- but there's no clear path to get hands-on experience in those areas with your current employer? You can wait, or you can bolt. It depends on how bad you want that experience. A lot of the downsides with making a career switch go away in a market with zero-percent unemployment. So maybe it's time to choose wisely, and then head for the door.

Ready to quit? Read our top 5 cybersecurity job hunting tips for 2016.

Oh, and beware of exploding job offers. They are offered to cybersecurity pros all too often.

To comment on this article and other CSO content, visit our Facebook page or our Twitter stream.
Insider: Hacking the elections: myths and realities
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.