The current state of my country's network security talent market

State of the Cybersecurity Talent Market

This chapter is based on the rich recruitment and job-seeking information big data formed by Zhaopin Recruitment over the years, combined with the professional research experience of Qi Anxin Group in the field of network security for many years, and the relevant research results are highly representative. Analyze the full-platform recruitment needs and job-hunting resumes involving security talents (Note: The demand index in this chapter uses full data statistics, and other dimensions of analysis generally use sampling data statistics), and changes in demand, supply and demand structure, employment The characteristics of the unit and the characteristics of the talents themselves have carried out a comprehensive and in-depth research on the current situation of the network security talent market.

The full version of "Research Report on Cyber ​​Security Talent Market" can be downloaded from the official website of Qi Anxin by clicking the link below. Download link: https://www.qianxin.com/threat/reportdetail?report_id=27

1. Supply and Demand Trends of Cybersecurity Talent Market

Based on the total number of cybersecurity talent recruitment demands received by Zhaopin Recruitment Platform in January 2016, we set the total number of government and enterprise cybersecurity talent recruitment demands received by Zhaopin Recruitment Platform in January 2016 as A, and Assuming that the scale index of network security talent demand at this time is

Index (2016.1) = 1

Then, if within a certain period of time x (note: generally refers to a certain month, or several months, or half a year, or a whole year), the total amount of cybersecurity talent recruitment needs received by Zhaopin Recruitment Platform from government and enterprise institutions is B , then in this time period, the demand scale index of network security talents is

Index (x) = B/A × Index (2016.1) = B/A

The figure below shows the monthly changes of the domestic cybersecurity talent demand scale index (referred to as the scale index) from January 2016 to June 2019.

It is obvious that since October 2018, the demand index has shown a rapid growth trend, breaking through single digits for the first time in November, reaching a double-digit scale. That is, the demand for the talent market has expanded more than 10 times from the beginning of 2016 in three years. In June 2019, the index reached a three-year high of 24.6, an astonishing growth rate!

]

Since the talent recruitment demand of government and enterprise units has a certain relationship with the seasonal cycle, we have calculated the talent demand scale index with a cycle of half a year. Among them, the value of the semi-annual index is the sum of the six-month index during the period. As can be seen from the figure below, in the first half of 2019, the demand scale index for cybersecurity talents increased by 104.9% compared with the second half of 2018. Historically, the growth rate has once again exceeded 100%, with a year-on-year increase of 173.2% compared with the first half of 2018, indicating that in the first half of 2019, government and enterprise institutions "opened doors" and "seeking for talents", and at the same time, to some extent, It indicates that the network security position has become one of the most popular positions!

]

From a geographical perspective, cybersecurity talents, whether in demand or supply, are mostly concentrated in first-tier cities such as Beijing, Shanghai, and Shenzhen. Sampling statistics show that Beijing, Shenzhen, Shanghai, Chengdu, and Guangzhou are the cities with the largest demand for cybersecurity talents. The total demand for cybersecurity talents in these five cities accounts for 48.8% of the total national demand. Compared with the top five cities in 2018, which accounted for 60.7% of the national total, the total demand this year has decreased by about 16 percentage points. More regions have increased their investment in network security and increased the demand for network security talents. .

The cybersecurity talent market in 2019 is characterized by further growth in demand, further decline in the geographical distribution of employers, and more diversified, basic, and systematic (normalized) talent needs.

From the perspective of talent supply, the proportion of job seekers in Beijing dropped from 59.4% last year to 44.3%, and job seekers in other cities are steadily increasing. It is slowly changing from "you can only find jobs if you go to Beijing, Shanghai, Guangzhou and Shenzhen" to "all regions need network security talents".

]

Compared with 2018, the top five cities in the recruitment demand rankings are: Beijing, Shenzhen, Shanghai, Guangzhou, and Hangzhou. By 2019, Chengdu's cybersecurity talent recruitment demand has rebounded to the top five, from 2.5% (ranking seventh) in 2018 to 5.5% (ranking fourth) in 2019, and the demand has skyrocketed.

Statistics show that the average salary expected by job seekers in 2017 is about 7,533.5 yuan/month, 8,587.5 yuan/month in 2018, and 11,263.9 yuan/month in 2019, an increase of 2,676.4 yuan/month compared with 2018. Salaries are increasing year by year. The average salary of cybersecurity-related positions provided by government and enterprise agencies is about 11,728.9 yuan per month. In addition, the average salary provided by security companies for network security-related positions is about 12,004.8 yuan per month.

Overall, the salaries offered by employers to security personnel are much higher than job seekers expect, and the average salary for cybersecurity-related positions in government and enterprise institutions is slightly lower than in 2018, probably because more government and enterprise institutions have increased their cybersecurity-related foundations. The setting of positions, and these positions do not require practitioners to have strong advanced protection capabilities, but the ability to maintain daily operation and maintenance and basic services.

2. Analysis of Employers of Network Security Talents

Judging from the institutional nature of the recruiting unit (Note: the recruiting unit is the "government and enterprise organization", the same below), among the government and enterprise organizations with cybersecurity talent recruitment needs, private enterprises have the most recruitment needs, and employment needs account for the majority of cybersecurity. 55.7% of the total talent recruitment; followed by state-owned enterprises, accounting for 10.9%; listed companies ranked third, accounting for 10.2%. (The number of employees employed by the above-mentioned types of government and enterprise institutions is independently counted and does not overlap with each other).

]

From the perspective of the employer's industry, the industry with the largest demand for cybersecurity talents is IT information technology, and the number of cybersecurity talent recruitment released by it accounts for 42.4% of the total number of cybersecurity talent recruitment, followed by the Internet, accounting for 13.7% . In fact, due to the nature of the IT information technology and Internet industries, the demand for cybersecurity-related jobs is significantly higher than other industries. The third place is the manufacturing industry, with 12.3% of the total number of recruits. The communications industry (6.8%) and the business services industry (4.3%) came in second.

]

Salaries offered by employers in different industries also vary. Judging from the average salary provided by employers in different industries, the real estate/construction industry-related employers provide the most salary to cybersecurity talents, with an average salary of about 16,428 yuan/month, followed by the business service industry, with an average salary of 15,384 yuan/month. The average salary in the Internet industry is 14,707 yuan/month. The specific distribution is shown in the figure below.

]

It should be noted that it is not possible to simply think that the salary treatment of different industries is different by the difference in the average salary of employers in various industries. According to statistics, industries with high salaries often have higher requirements for the experience and ability of network security talents for the corresponding positions.

Therefore, it is not possible to judge the difference in the salary of the same person in different industries simply by the average salary of each industry.

The salaries of network security talents will also vary according to different positions. Based on the analysis of the average salary of different positions by general enterprises, the first is CIO/CSO (Chief Information Officer/Chief Security Officer, Chief Security Officer) with an average salary of 33,200 yuan/month, followed by project managers related to The average salary is 15,344 yuan/month, and the penetration testing and vulnerability mining position ranks third with an average salary of 14,990 yuan/month.

]

From the perspective of the average salary of each position in the security enterprise, the CIO/CSO still has the highest salary at 30,000 yuan/month, which is basically similar to the average salary level of the CSO position in government and enterprise institutions. The second is the product manager position, with an average salary of 15,704 yuan/month, and the pre-sales position, with an average salary of 14,102 yuan/month.

]

It is expected that in the next 3-5 years, security operation and maintenance personnel with practical skills and high-level network security experts will become the most scarce and sought-after resources in the network security talent market.

3. Analysis of the characteristics of network security talents

By analyzing the resumes of job seekers applying for cybersecurity positions, we found that men are the absolute main body of cybersecurity talents, accounting for 82.1%, while women account for only 17.9%. It can be seen that the field of network security is basically dominated by men.

]

In terms of age group, among job seekers for cybersecurity positions, post-90s (including post-95s and post-90s) account for the most, accounting for 60.9%, followed by post-80s, accounting for 31.5%. The combined proportion of these two age groups is more than 90%.

]

It is worth noting that in 2019, post-00 cybersecurity talents entered the cybersecurity industry, and it is expected that more post-00s post-00s will enter the cybersecurity industry in the next 2-3 years.

On the Zhaopin recruitment platform, among the talents applying for cybersecurity positions, the most talents graduated from Hebei University of Science and Technology, Shanxi University of Technology and Business, Zhengzhou University of Science and Technology, and China University of Petroleum. The table below shows the top 20 domestic universities where job seekers who posted cybersecurity positions graduated on the Zhaopin Recruitment platform. Job seekers from these 20 universities accounted for 9.56% of all job seekers. In particular, Hebei University of Science and Technology and Shanxi University of Technology and Business, job seekers from these two universities for cybersecurity positions accounted for 1.49% of the total number of job seekers.

Number of schools accounted for
1 Hebei University of Science and Technology 0.75%
2 Shanxi Institute of Technology 0.74%
3 Zhengzhou University of Science and Technology 0.66%
4 China University of Petroleum 0.60%
5 Beijing Institute of Technology 0.60%
6 National Open University 0.57%
7 Beijing City University 0.56%
8 Hebei Media College 0.55%
9 Jilin University 0.47%
10 Yellow River University of Science and Technology 0.44%
11 Beihang University 0.44%
12 Renmin University of China 0.41%
13 Peking University 0.38%
14 Zhengzhou University 0.37%
15 Beijing Jiaotong University 0.37%
16 Beijing Union University 0.36%
17 Beijing University of Posts and Telecommunications 0.36%
18 University of Science and Technology Beijing 0.33%
19 University of Electronic Science and Technology 0.30%
20 Beijing University of Technology 0.30%
Table 5 Top 20 colleges and universities with the proportion of job seekers graduating from

From the above table, it can be found that the distribution of colleges and universities has become more people-friendly. Students from key colleges and universities are no longer at the top of the rankings, and more provincial/city local colleges and universities have also joined the army of cultivating network security talents. However, judging from the proportion of graduate schools in the TOP20, the majority of network security talents are still key universities. Excellent cybersecurity talents depend not only on the graduate schools, but also on whether their abilities meet the needs of employers. The quality of network security talents in these ordinary colleges and universities is what we need to pay more attention to in the future.

From the perspective of the disciplinary background of network security talents, only a very small number of job seekers have a disciplinary education background in network security or information security, while more job applicants for network security positions actually come from computer, electronic information engineering, software engineering Brother majors such as network engineering. This also shows once again that the number of talents that the network security profession exports to the market is very limited.

]

4. Special investigation and analysis of new network security talents

To better understand the characteristics and development status of newly recruited cybersecurity talents, we adopted a questionnaire survey method to conduct special research and analysis on more than 600 newly recruited cybersecurity talents nationwide. Next, the relevant research data and analysis conclusions will be discussed in detail.

At present , informatization construction and network security have become new heights of competition among countries. New cybersecurity talents have different views on the competition in the global cybersecurity industry. 59.2% of new cybersecurity talents believe that China has unique advantages; 32.5% of new cybersecurity talents Security professionals believe that there is still a big gap with Europe and the United States, and the domestic security industry started late. The specific situation is shown in the following figure:

[External link image transfer failed, the source site may have an anti-leech mechanism, it is recommended to save the image and upload it directly (img-acIYnVQq-1663989492543) (http://public.host.github5.com/imgs/pdf/pdf4.pdf .013.jpeg)]

In recent years, network security incidents such as ransomware and information leakage have occurred frequently, and the whole society has paid more and more attention to strengthening network security construction. In this context, new cybersecurity talents also have different views on the development prospects of the cybersecurity industry: 72.1% of them are very optimistic about the development of the cybersecurity industry, thinking that there is demand and legal support, and they will definitely become the next new 26.7% of the talents think that the cybersecurity industry still has a lot of market space, and they are more optimistic about its development prospects; 0.5% of talents are not optimistic about the cybersecurity industry, they think that the competition in this industry is too fierce, and the current market space is limited.

]

According to the survey, 69% of new cybersecurity talents are interested in big data security in the cybersecurity field or technical direction , and 62.1% of new cybersecurity talents are most interested in AI security, followed by 5G/IoT security. People are more interested in areas with more actual contacts and greater publicity.

]

V. Development Trend of Network Security Talent Market

Combined with the big data of network security talents from Zhaopin Recruitment and the research results of Qi'anxin Industry Security Research Center on educational institutions, large government and enterprise institutions and security enterprises , we have summarized several major trends in the development of the network security talent market.

1) Network security talent positions from matching to standard

From the growth trend of the 2018-2019 cybersecurity talent demand index, it can be seen that the overall demand for cybersecurity talents in the society has surged, indicating that the social level has begun to pay attention to the protection of cybersecurity, actively introduce professional security talents, and establish a network Security team to deal with threats and risks in all aspects of cyberspace .

Combined with the current strength and depth of my country's legislation and supervision in the field of cybersecurity, the recruitment and use of cybersecurity talents by the majority of government and enterprise units is not only their own needs, but also the requirements of the country and the government.

With the further improvement of the legal system, the security team has gradually become the standard configuration of government and enterprise organizations. Government and enterprise institutions will definitely pay more attention to and recruit more security talents, gradually improve technology and management methods in accordance with relevant national compliance standards and requirements, and establish and improve a specialized institutional functional system for network security.

2) The demand for basic network security talents is more urgent

According to the survey of some government and enterprise institutions, we learned that the structure of the network security personnel they recruited is undergoing some changes. They no longer only focus on high-level offensive and defensive talents in network security, but pay more attention to the use of basic network security talents. From the perspective of defense capability, gradually absorb the required talents and form a network security professional team.

The demand for basic security talents and talents with high education and high IQ form a "pyramid" structure of talent demand. The base is a basic practical application-oriented talent, and the spire is a research-oriented and innovative talent with a high degree of education and long-term ability.

In the future, with the increase in the number of basic talents required by various industries, especially those who are familiar with the business of the employer and the security business, and who can skillfully use various security products on the market, there will be more and more urgent demand. .

3) Security requirements drive continuous innovation in talent training

In recent years, in the face of a market gap of nearly one million cybersecurity talents, colleges and universities , security companies, social training institutions, relevant scientific research institutions and associations have all actively explored and practiced a diversified and collaborative network security talent training model. Especially in 2018-2019, some innovative new characteristics of talent training are worthy of attention.

a) The base model opens up the last mile of talent transportation

b) Universities and security companies, tap potential, and jointly continue to innovate

While universities and enterprises continue to intensify their innovation efforts, the Ministry of Education of the People's Republic of China also issued the "Department of Higher Education of the Ministry of Education on Announcement of the Application Guidelines for Enterprise-supported Industry-University Cooperation and Collaborative Education Projects at the end of 2018 and early 2019 respectively (the first batch of /Second batch), which greatly encourages the creativity of cooperation between security companies and universities. In the future, we will see more new models and new paths for in-depth cooperation between schools and enterprises.

4) The new safety competition promotes the selection and training of special talents

In recent years, universities and groups have held various types of security competitions such as capture the flag, attack and defense. On the one hand, the competition can promote learning and cultivate and select professional experts in network security ; on the other hand, it can promote the whole society to pay more attention to it. Take network security seriously. There are still many cybersecurity competitions in 2018-2019, but there are some special competitions in subdivided security fields, as well as security competitions in some specific industries, which promote the cultivation of cybersecurity professionals The training selection is of exemplary significance.

This article is mainly compiled from the analysis report on the cybersecurity situation of Chinese government and enterprise institutions in 2019. If you have any questions, please feel free to contact us

Guess you like

Origin blog.csdn.net/m0_73803866/article/details/127022949