Latest news with #SANSInstitute
Forbes
28-05-2025
- Business
- Forbes
20 Top-Paying Cybersecurity Jobs To Watch In 2025
Cybersecurity jobs are in high demand. getty With data breaches costing an average of $4.88 million and 4.8 million cybersecurity positions sitting empty worldwide, the cybersecurity job market faces a critical talent shortage. The Bureau of Labor Statistics (BLS) projects 33% job growth through 2033, driven by AI-powered cybercrime, rapid cloud migration and stricter regulatory requirements. This perfect storm creates "zero unemployment" for skilled professionals, with most breached organizations pointing directly to staff shortages as the root cause of their security failures. These 20 top-paying cybersecurity jobs, compiled by the SANS Institute, reveal exactly where organizations currently need talent the most. Beyond the impressive salaries, these roles offer a significant "cool factor" that most tech professionals find irresistible. What you'll do: Proactively search through network data and system logs to find hidden adversaries using behavioral analysis and threat intelligence. You'll develop hypotheses about potential attacks and hunt for indicators of compromise that automated tools missed. Create custom detection rules and share threat intelligence with security teams and industry partners. Average salary: $126,000 What you'll do: Plan and execute sophisticated, multi-phase attack simulations that mirror real-world threat actor campaigns over weeks or months. You'll test not only technical defenses but also human responses and organizational incident response procedures. Operate with strict rules of engagement while attempting to achieve specific objectives, such as accessing sensitive data. Average salary: $128,882 What you'll do: Collect, preserve and analyze digital evidence from computers, mobile devices and networks using specialized forensic tools. Recover deleted files, reconstruct user activities and document findings in legally admissible formats for court proceedings. Work with law enforcement, legal teams and corporate investigators on cybercrime cases. Average salary: $74,125 What you'll do: Bridge the gap between offensive red teams and defensive blue teams by facilitating communication and collaboration. Organize automated adversary technique emulations and identify new log sources to enhance detection coverage. Recommend security controls and foster understanding between traditionally separate offensive and defensive security roles. Average salary: $120,000 What you'll do: Reverse-engineer malicious software using specialized tools to understand attack techniques and develop countermeasures. Safely examine malware samples in isolated environments to document their capabilities and behavior. Create detection signatures and share threat intelligence to help organizations defend against similar attacks. Average salary: $86,474 What you'll do: Lead enterprise-wide cybersecurity strategy, develop security policies and manage incident response programs. Present cyber risk assessments to boards of directors and translate technical threats into business impact language. Oversee security budgets, vendor relationships and compliance with regulatory frameworks. Average salary: $200,000-$400,000 What you'll do: Monitor security alerts 24/7 and analyze network traffic patterns to identify potential threats. Investigate suspicious activities by correlating data from multiple security tools and systems. Escalate genuine incidents to response teams while filtering out false positives from thousands of daily alerts. Average salary: $99,157 What you'll do: Design enterprise-wide security frameworks that protect entire organizations rather than individual systems. Evaluate emerging technologies for security implications and create standards that guide technology decisions. Balance security requirements with business needs while ensuring compliance with regulatory frameworks. Average salary: $149,344 What you'll do: Lead containment efforts in response to cyberattacks, working under pressure to minimize damage and prevent lateral movement. Coordinate recovery processes across technical teams, legal departments and executive leadership. Document incidents thoroughly and conduct post-breach analysis to strengthen future defenses. Average salary: $127,177 What you'll do: Design and implement comprehensive security architectures, including firewalls, intrusion detection systems and encryption technologies. Configure and maintain security tools across on-premises, cloud and hybrid environments. Analyze threats and vulnerabilities to strengthen organizational security posture. Average salary: $122,890 What you'll do: Gather intelligence from publicly available sources, including social media, websites and databases to support security investigations. Research threat actors, their tactics and infrastructure using open-source intelligence techniques. Provide actionable intelligence to help organizations understand potential threats and attack vectors. Average salary: $85,000 What you'll do: Define technological strategies in collaboration with development teams and assess cyber risks across the organization. Establish security standards and procedures while participating in building and strengthening cybersecurity teams. Bridge the gap between technical security implementations and business objectives. Average salary: $165,000 What you'll do: Secure cloud workloads across AWS, Azure and Google Cloud Platform using identity and access management, encryption and monitoring tools. Design and implement cloud-native security controls that scale with business growth. Ensure compliance with shared responsibility models while maintaining visibility across multi-cloud deployments. Average salary: $152,773 What you'll do: Monitor security information and event management (SIEM) systems around the clock to detect potential security incidents. Investigate alerts, perform initial triage of security events and escalate genuine threats to incident response teams. Collaborate with security engineers to improve detection capabilities and reduce false positives. Average salary: $99,157 What you'll do: Develop and manage security awareness training programs to educate employees about cybersecurity risks and best practices. Create engaging content that promotes secure behaviors and builds a strong security culture across the organization. Measure the effectiveness of awareness programs and adjust training based on emerging threats. Average salary: $75,000 What you'll do: Research web applications, mobile apps and network infrastructure to find previously unknown security vulnerabilities. Develop proof-of-concept exploits and work with vendors through responsible disclosure processes. Contribute to the security community by sharing research findings and improving defensive capabilities. Average salary: $110,000 What you'll do: Conduct comprehensive security assessments of web applications, mobile apps and APIs to identify vulnerabilities before production deployment. Utilize automated scanning and manual testing techniques to uncover complex security flaws. Work directly with developers to implement secure coding practices and remediate security issues. Average salary: $119,895 What you'll do: Secure industrial control systems and operational technology environments that manage critical infrastructure. Assess vulnerabilities in SCADA systems, programmable logic controllers and industrial networks. Develop security controls that protect industrial processes without disrupting operational requirements. Average salary: $135,000 What you'll do: Integrate automated security testing and vulnerability scanning into continuous integration and deployment pipelines. Collaborate with development teams to implement secure coding practices and resolve vulnerabilities before production. Build security automation tools that enable rapid, secure software delivery without creating bottlenecks. Average salary: $101,752 What you'll do: Analyze digital media and storage devices involved in cybercrime investigations using advanced forensic techniques. Extract and examine data from damaged, encrypted or hidden sources to support law enforcement and corporate security investigations. Provide expert testimony and detailed reports for legal proceedings. Average salary: $80,000 The cybersecurity talent shortage represents both a crisis and an unprecedented opportunity for professionals seeking rewarding careers with meaningful social impact. As your next step, choose one role that aligns with your interests and background, then commit to starting your education. Organizations desperately seeking cybersecurity talent are waiting for candidates like you to step forward and help secure our digital future.
Tahawul Tech
09-05-2025
- Business
- Tahawul Tech
SANS Institute to host two cybersecurity training events in May
SANS Institute, the global leader in cybersecurity training and certifications, has announced two major training events in the United Arab Emirates this May: SANS Abu Dhabi May 2025 (May 18-23) and SANS Dubai May 2025 (May 25-30). The events offer a selection of world-class courses tailored to help cybersecurity professionals across the Middle East sharpen their skills and stay ahead of today's most advanced threats. The UAE's cybersecurity landscape is under growing pressure, with over 223,800 exposed assets and half of all critical vulnerabilities left unpatched for more than five years. According to the 2025 State of the UAE Cybersecurity Report, misconfigurations and improper usage are driving most incidents, while AI-powered threats like phishing and deepfakes are becoming more common. As government, finance, and energy sectors remain key targets, strengthening cyber resilience is now a national priority. 'The UAE's rapid digital growth has positioned the country as a prime target for increasingly sophisticated cyber threats', said Ned Baltagi, Managing Director for the Middle East, Africa and Türkiye, SANS Institute. 'By offering practical, mission-focused training in Abu Dhabi and Dubai, we're enabling teams to level up their capabilities, from ICS and forensics to red teaming and auditing – and build a stronger defence posture that meets the needs of 2025 and beyond'. SANS Abu Dhabi May 2025 Taking place at the Fairmont Bab Al Bahr, Abu Dhabi, from May 18-23, SANS Abu Dhabi May 2025 offers the following courses: ICS410: ICS/SCADA Security Essentials FOR572: Advanced Network Forensics: Threat Hunting, Analysis, and Incident Response SEC670: Red Teaming Tools – Developing Windows Implants, Shellcode, Command and Control In addition to training courses, SANS will host a Community Night session on 'Tales from the Cryptography' on May 19 (5:30pm–6:30pm GST). This free evening talk, open to all cybersecurity enthusiasts, will highlight real-world cryptographic failures from 2024 – from open-source libraries to Fortune 500 codebases – and offer practical insights into why cryptography remains a critical, yet misunderstood, area of cybersecurity. For more information and to register for SANS Abu Dhabi May 2025, visit: To attend the SANS Abu Dhabi May 2025 Community Night, visit: SANS Dubai May 2025 SANS Dubai May 2025 will take place from May 25-30 at the Hilton Dubai Palm Jumeirah, where participants can register for the following courses: SEC565: Red Team Operations and Adversary Emulation SEC566: Implementing and Auditing CIS Controls SEC511: Cybersecurity Engineering: Advanced Threat Detection and Monitoring SANS Dubai will also feature a Community Night session on Monday, May 26 (5:30pm–6:30pm GST): 'Same Findings, Different Organisation'. The talk will shed light on recurring vulnerabilities across companies and industries, raising tough questions about whether organisations are truly improving their security posture. For more information and to register for SANS Dubai May 2025, visit: To attend the SANS Dubai May 2025 Community Night, visit: Both events will be led by SANS-certified instructors with years of real-world experience, offering participants globally respected GIAC certifications, practical labs, and case studies. Whether attending virtually or in person, professionals will leave with actionable skills that can be immediately applied in their roles. Image Credit: SANS Institute
Tahawul Tech
08-05-2025
- Business
- Tahawul Tech
AI technologies Archives
Rob Lee, Chief of Research and Head of Faculty at SANS Institute, explores the rising AI-driven threats organisations must prepare for and the crucial security controls needed to adopt AI technologies securely. He also highlights SANS' initiatives to guide businesses in navigating the AI security landscape.
Tahawul Tech
08-05-2025
- Business
- Tahawul Tech
SANS Institute unveils key strategies for securing AI technologies in 2025
Rob Lee, Chief of Research and Head of Faculty at SANS Institute , explores the rising AI-driven threats organisations must prepare for and the crucial security controls needed to adopt AI technologies securely. He also highlights SANS' initiatives to guide businesses in navigating the AI security landscape.
Gulf Today
07-05-2025
- Business
- Gulf Today
GISEC is a global hub for cybersecurity innovation and collaboration: Experts
The first day of the GISEC Global 2025 has once again positioned Dubai at the heart of global cybersecurity discussions. Now in its 14th edition, the three-day event, taking place at the Dubai World Trade Centre, has become a key platform for advancing cybersecurity dialogue and innovation. Top global cybersecurity enterprises, government officials, CISOs, and experts from leading corporates in the Middle East, Africa, and Asia, are showcasing cutting-edge solutions, exchanging frontline insights, and forging strategic alliances aimed at strengthening cyber defenses across borders and industries. UAE's Strategic Cybersecurity Vision: The UAE is widely regarded as a global leader in cybersecurity, thanks to its forward-thinking policies and national strategies designed to strengthen its digital infrastructure. This vision is underpinned by initiatives like Cyber Sniper, which upskills local talent, and the Dubai Electronic Security Center's cybersecurity index, which ensures organizations adhere to strict security guidelines. Ned Baltagi, Managing Director for the Middle East, Turkey, and Africa at SANS Institute, shared his thoughts on the UAE's proactive approach to cybersecurity. Baltagi said: "The UAE's forward-thinking cybersecurity policies and national strategies are setting a global example. By aligning with frameworks like SCyWF and investing in programmes that develop homegrown talent, the UAE is building a sustainable cybersecurity ecosystem." He further emphasized that the SANS Cyber Academies are instrumental in developing local talent through industry-aligned training and certifications, helping to bridge skills gaps and enhance regional resilience. Cybersecurity Innovation: One of the key themes discussed on the first day was the increasing role of AI in both driving cyberattacks and advancing cybersecurity defenses. With AI-powered threats becoming faster, more targeted, and harder to detect, the cybersecurity community is responding by leveraging AI to enhance defensive measures. Sujoy Banerjee, Associate Director at ManageEngine, highlighted the growing complexity of cyber threats and the need for evolving regulatory frameworks to address them. He stated, "Although AI is intended to ease the burdens of organizations today, it has turned out to be a menace. Becoming an ally for bad actors, AI introduces potential (and scalable) cyber risks into the picture in the form of fake websites, hyper-realistic phishing attempts, and much more." Banerjee also called for updated policies and guidelines to combat AI-specific threats, such as data poisoning and misuse of AI agents, which could undermine traditional cybersecurity defenses. Endorsing a similar view, Meriam ElOuazzani, Senior Regional Director for META at SentinelOne, said. "GISEC plays a pivotal role in advancing the region's cybersecurity landscape by uniting global innovation with regional ambition. It's where the region shapes its cyber resilience blueprint and asserts its leadership on the global stage." ElOuazzani spoke about the significance of agentic AI, a technology that autonomously triages alerts, investigates threats, and triggers full-loop remediation workflows. This innovation is changing the paradigm from reactive security to proactive defense, ensuring faster response times and stronger protection. The Growing Threat of AI-driven Ransomware: AI-driven ransomware has emerged as one of the most pressing concerns. Attackers are leveraging AI to automate phishing, adapt in real-time, and bypass traditional defenses, resulting in more targeted and damaging attacks. Gopan Sivasankaran, General Manager, Secureworks, a Sophos Company, explained how this evolution is reshaping the cybersecurity landscape. "AI-driven ransomware is fundamentally changing the way cyberattacks unfold—making them faster, more targeted, and harder to detect," he noted. This rise in AI-powered cybercrime is not only challenging traditional security measures but also reshaping the dynamics of cyber insurance. Sivasankaran continued, "Insurers are looking for organizations to demonstrate proactive detection, rapid response, and end-to-end visibility before offering favorable coverage." As a result, businesses must invest in AI-driven security solutions like Sophos' XDR and MDR to reduce exposure to such threats and meet rising insurance expectations. Collaboration in Cyber Defence: GISEC 2025 highlighted the importance of collaboration between the public and private sectors in addressing the region's most significant cybersecurity challenges. Maher Jadallah, Vice President for Middle East & North Africa at Tenable, discussed how GISEC provides a unique platform for this collaboration: "Every year, GISEC unites the global and regional cybersecurity community, providing a vital platform for exchanging knowledge, forging partnerships, and driving innovation." Jadallah emphasised the growing importance of a risk-based approach to vulnerability management, particularly in sectors like energy, utilities, and manufacturing, where operational technology (OT) is increasingly converging with IT. "By combining continuous visibility across IT and OT assets with threat intelligence, security teams can focus on the most impactful risks," he added. This unified approach to cybersecurity is essential to ensure resilience across critical infrastructure environments, which are often prime targets for cybercriminals. Upskilling and Retaining Local Talent: A major theme throughout GISEC 2025 was the need to upskill local cybersecurity talent. As the region faces a growing cybersecurity skills gap, many organizations are now prioritizing internal development over external hiring. Ned Baltagi from SANS Institute noted, "Curiosity, adaptability, and cultural fit often outmatch technical credentials—and these traits already exist internally." Companies are recognizing that these qualities are crucial for building a resilient cybersecurity workforce. Baltagi's comments resonate with the findings of SANS' latest Workforce Research Report, which shows that 51% of organizations prefer to upskill their existing teams rather than hiring externally. By investing in tailored training programs and certifications, companies are ensuring that their teams are equipped to handle the complex challenges of today's rapidly evolving cybersecurity landscape. GISEC 2025's first day reinforced the UAE's commitment to becoming a global leader in cybersecurity. As the region continues to face increasingly sophisticated cyber threats, the emphasis on AI-driven solutions, collaboration, and upskilling local talent is more critical than ever. Industry leaders underscored the need for proactive cybersecurity measures, continuous innovation, and international cooperation to build a secure digital future. With GISEC providing the stage for these vital discussions, the UAE is well-positioned to lead the way in shaping the global cybersecurity landscape.
