{"id":7588,"date":"2026-02-10T09:00:00","date_gmt":"2026-02-10T09:00:00","guid":{"rendered":"https:\/\/www.securitytoday.de\/2026\/04\/02\/post_id-5313\/"},"modified":"2026-05-10T19:04:34","modified_gmt":"2026-05-10T19:04:34","slug":"cybersecurity-skills-shortage-104000-open-positions-in-germany","status":"publish","type":"post","link":"https:\/\/www.securitytoday.de\/en\/2026\/02\/10\/cybersecurity-skills-shortage-104000-open-positions-in-germany\/","title":{"rendered":"Cybersecurity Skills Shortage: 104,000 Open Positions in Germany"},"content":{"rendered":"<p style=\"margin-bottom:12px;\"><span style=\"background:#69d8ed;color:#fff;padding:4px 14px;border-radius:20px;font-size:0.85em;font-weight:600;\">\u23f1 8 min Reading Time<\/span><\/p>\n<p><strong>The (ISC)\u00b2 Workforce Study 2025 estimates the global cybersecurity skills gap at 4.8 million  &#8211;  a 19 percent increase from the previous year. In Germany, according to Bitkom, over 104,000 IT security positions remain unfilled. Meanwhile, regulatory demands from NIS2 and DORA are increasing. Companies that rely solely on the job market will not solve the problem.<\/strong><\/p>\n<h2>TL;DR<\/h2>\n<ul>\n<li><strong>4.8 million professionals missing globally:<\/strong> Over 104,000 IT security positions are unfilled in Germany  &#8211;  and the trend is rising ((ISC)\u00b2, Bitkom 2025).<\/li>\n<li><strong>Upskilling beats recruiting:<\/strong> Training IT admins, developers, and network technicians to become security specialists is faster and more sustainable than external hiring.<\/li>\n<li><strong>Automation as a multiplier:<\/strong> SOAR, AI-driven triage, and managed detection reduce personnel needs by 30-40 percent.<\/li>\n<\/ul>\n<h2>Why the Market Won&#8217;t Solve the Problem<\/h2>\n<p>The cybersecurity job market is structurally imbalanced. Demand is growing faster than supply  &#8211;  and has been for years. Three factors will exacerbate the situation in 2026:<\/p>\n<p><strong>Regulatory Pressure:<\/strong> NIS2 requires 30,000 additional companies in Germany to implement cybersecurity measures. Each of these companies needs at least one information security officer. DORA is driving the demand for specialized compliance and resilience roles in the financial sector.<\/p>\n<p><strong>Demographic Shifts:<\/strong> The baby boomer generation is retiring. By 2030, around 140,000 positions in the IT sector will become vacant due to retirement  &#8211;  a significant portion of these in security-relevant roles.<\/p>\n<p><strong>Competition:<\/strong> Cybersecurity professionals are sought not only by companies but also by government agencies (BSI, BKA, Bundeswehr), consulting firms, and international tech corporations offering much higher salaries. A senior SOC analyst in Munich earns \u20ac75,000 to \u20ac95,000  &#8211;  at a U.S. tech corporation with remote options, that figure can double.<\/p>\n<blockquote style=\"border-left:4px solid #69d8ed;margin:32px 0;padding:20px 24px;background:#fafafa;border-radius:0 8px 8px 0;font-size:1.1em;line-height:1.6;color:#333;\"><p>\n  \u201cThe shortage of cybersecurity professionals is not a temporary phenomenon  &#8211;  it is structural and will worsen without fundamental changes in education and automation.\u201d<br \/>\n  <cite style=\"display:block;margin-top:12px;font-size:0.8em;color:#888;font-style:normal;\"> &#8211;  <strong>Claudia Plattner<\/strong>, President of the BSI (2025)<\/cite>\n<\/p><\/blockquote>\n<h2>What Works: Upskilling, Career Changers, Diversity<\/h2>\n<p>Companies actively addressing the skills shortage focus on three strategies:<\/p>\n<p><strong>Internal Upskilling:<\/strong> IT administrators, network technicians, and software developers already have the technical foundation. A structured training program (6-12 months, certifications like CompTIA Security+, CISSP, or SANS GIAC) can develop them into full-fledged security specialists. The success rate is much higher than external recruiting, and employees are already familiar with the company&#8217;s infrastructure.<\/p>\n<p><strong>Career Changers:<\/strong> Mathematicians, physicists, and engineers bring valuable analytical skills to security roles. Companies like Siemens and Deutsche Telekom have established their own cyber academies to train career changers in 6-9 months.<\/p>\n<p><strong>Diversity as a Talent Pool:<\/strong> Only 25 percent of cybersecurity professionals in Germany are women. Companies that actively target women  &#8211;  through mentoring programs, flexible work models, and inclusive job postings  &#8211;  tap into a significantly underutilized talent pool.<\/p>\n<div class=\"evm-stat evm-stat-highlight\" style=\"text-align:center;background:#f0f9fc;border-radius:12px;padding:32px 24px;margin:32px 0;\">\n<div style=\"font-size:48px;font-weight:700;color:#004a59;letter-spacing:-0.03em;\">104.000<\/div>\n<div style=\"font-size:15px;color:#444;margin-top:8px;max-width:400px;margin-left:auto;margin-right:auto;\">Unfilled IT Security Positions in Germany (2025)<\/div>\n<div style=\"font-size:12px;color:#888;margin-top:8px;\">Source: Bitkom Research, 2025<\/div>\n<\/div>\n<h2>Automation and Managed Services as Scaling Levers<\/h2>\n<p>No company will meet its needs through recruiting alone. Automation is not a luxury but a necessity:<\/p>\n<p><strong>SOAR Platforms (Security Orchestration, Automation and Response):<\/strong> Automate routine SOC tasks  &#8211;  ticket creation, initial classification, standard responses to known attack patterns. This reduces the workload per analyst by 30 to 40 percent, allowing a smaller team to handle more alerts.<\/p>\n<p><strong>AI-Driven Triage:<\/strong> Machine learning models prioritize alerts based on severity and context. In a typical SOC, 80 percent of alerts are false positives or low-priority. AI triage filters these out automatically, allowing analysts to focus on the critical 20 percent.<\/p>\n<p><strong>Managed Detection and Response (MDR):<\/strong> For companies that cannot or do not want to operate their own SOC, MDR providers offer 24\/7 monitoring as a service. This is not a surrender  &#8211;  it is a pragmatic response to a market that does not produce enough professionals. Providers like Arctic Wolf, Sophos MDR, and CrowdStrike Falcon Complete have established themselves as serious alternatives.<\/p>\n<p>The combination of upskilling existing employees, targeted recruiting in underrepresented groups, and consistent automation is the only strategy that works in the current market situation.<\/p>\n<h2>Key Facts at a Glance<\/h2>\n<h2>Frequently Asked Questions<\/h2>\n<h3>Which Cybersecurity Certifications Are Most in Demand?<\/h3>\n<p>CompTIA Security+ for beginners, CISSP for experienced professionals, SANS GIAC for deep technical specialization, and CISM for management-oriented roles. For cloud security: CCSP or AWS Security Specialty. However, certification alone is never enough  &#8211;  practical experience is crucial.<\/p>\n<h3>What Does a Cybersecurity Professional Earn in Germany?<\/h3>\n<p>Entry-level salaries range from \u20ac45,000 to \u20ac55,000 (Junior SOC Analyst). Experienced security engineers earn \u20ac70,000 to \u20ac95,000. CISOs in medium-sized companies earn \u20ac100,000 to \u20ac140,000. In corporations and U.S. tech firms with remote options, salaries can reach \u20ac120,000 to \u20ac180,000.<\/p>\n<h3>How Long Does It Take to Retrain as a Security Specialist?<\/h3>\n<p>For IT professionals with prior knowledge: 6 to 12 months of structured training. For career changers without an IT background: 12 to 18 months in an intensive program. Cyber academies run by companies like Deutsche Telekom achieve this in 9 months.<\/p>\n<h3>Can AI Completely Compensate for the Skills Shortage?<\/h3>\n<p>No, but it can significantly reduce it. AI handles routine tasks (alert triage, log analysis, standard responses) but does not replace the judgment of experienced analysts in complex attacks. Realistically, expect a 30-40 percent efficiency gain  &#8211;  this does not replace professionals but makes existing teams more effective.<\/p>\n<h3>What Can Small Businesses Do That Don&#8217;t Have a SOC?<\/h3>\n<p>Managed Detection and Response (MDR) is the best option: 24\/7 monitoring as a service, without needing to build your own team. Costs: \u20ac5,000 to \u20ac15,000 monthly, depending on the number of endpoints. Much cheaper than a three-person SOC (personnel costs: \u20ac250,000+ per year).<\/p>\n<h2>Further Articles on the Topic<\/h2>\n<p>\u2192 <a href=\"https:\/\/www.securitytoday.de\/en\/2025\/07\/10\/post_id-3605\/\">Security Awareness 2025: Why Training Alone Isn&#8217;t Enough<\/a><\/p>\n<p>\u2192 <a href=\"https:\/\/www.securitytoday.de\/en\/2026\/02\/22\/post_id-3527\/\">Zero Trust for SMBs: Getting Started in 5 Steps<\/a><\/p>\n<h2>Further Reading in the Network<\/h2>\n<p>IT Careers &#038; Skills: Cybersecurity Careers: Opportunities and Entry Points (MBF)<\/p>\n<p>Managed Services: Managed Security Services for SMBs (CloudMagazin)<\/p>\n<p style=\"text-align: right;\"><em>Header Image Source: Pexels \/ Christina Morillo<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"\u23f1 8 min Reading Time The (ISC)\u00b2 Workforce Study 2025 estimates the global cybersecurity skills gap at 4.8 million &#8211; a 19 percent increase from the previous year. In Germany, according to Bitkom, over 104,000 IT security positions remain unfilled. Meanwhile, regulatory demands from NIS2 and DORA are increasing. Companies that rely solely on the [&hellip;]","protected":false},"author":55,"featured_media":5312,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_yoast_wpseo_focuskw":"cybersecurity skills","_yoast_wpseo_title":"Cybersecurity Skills Shortage: 104,000 Open Positions in Germany","_yoast_wpseo_metadesc":"Cybersecurity skills shortage: 104,000 jobs open in Germany \u2013 discover how to fill the gap and boost your career. Learn more now!","_yoast_wpseo_meta-robots-noindex":"","_yoast_wpseo_meta-robots-nofollow":"","_yoast_wpseo_meta-robots-adv":"","_yoast_wpseo_canonical":"","_yoast_wpseo_opengraph-title":"","_yoast_wpseo_opengraph-description":"","_yoast_wpseo_opengraph-image":"","_yoast_wpseo_opengraph-image-id":0,"_yoast_wpseo_twitter-title":"","_yoast_wpseo_twitter-description":"","_yoast_wpseo_twitter-image":"","_yoast_wpseo_twitter-image-id":0,"_evm_translation_lang":"","featured_post":0,"featured_post_sortierung":0,"_wp_old_slug":["post_id-5313"],"footnotes":""},"categories":[251],"tags":[],"class_list":["post-7588","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news"],"evm_reading_time_minutes":6,"wpml_language":"en","wpml_translation_of":5313,"_links":{"self":[{"href":"https:\/\/www.securitytoday.de\/en\/wp-json\/wp\/v2\/posts\/7588","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.securitytoday.de\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.securitytoday.de\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.securitytoday.de\/en\/wp-json\/wp\/v2\/users\/55"}],"replies":[{"embeddable":true,"href":"https:\/\/www.securitytoday.de\/en\/wp-json\/wp\/v2\/comments?post=7588"}],"version-history":[{"count":3,"href":"https:\/\/www.securitytoday.de\/en\/wp-json\/wp\/v2\/posts\/7588\/revisions"}],"predecessor-version":[{"id":10153,"href":"https:\/\/www.securitytoday.de\/en\/wp-json\/wp\/v2\/posts\/7588\/revisions\/10153"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.securitytoday.de\/en\/wp-json\/wp\/v2\/media\/5312"}],"wp:attachment":[{"href":"https:\/\/www.securitytoday.de\/en\/wp-json\/wp\/v2\/media?parent=7588"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.securitytoday.de\/en\/wp-json\/wp\/v2\/categories?post=7588"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.securitytoday.de\/en\/wp-json\/wp\/v2\/tags?post=7588"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}