Security Jobs: What’s Hot and What’s Cooling

Even before the COVID-19 pandemic, telecommuting was gaining momentum. Analysis from FlexJobs and Global Workplace Analytics shows that remote work grew 44 percent in the last five years and is predicted to increase even more post-pandemic.


When the pandemic hit, the transition to remote work was expedited dramatically, and the surge of newly remote workers meant businesses needed to expand security perimeters due to the wider attack surface.

Not surprisingly, remote workers present more security risks than on-site workers: Home WiFi networks’ security protocols are weaker than those in the office environment, and many remote workers access their applications via their own BYOD endpoints, which are less secure than corporate network-connected PCs. On top of that, remote workers are simultaneously using personal email, accessing personal web accounts, clicking on malicious links they should not, etc.

Meanwhile, hackers are stepping up their efforts to infect our computers using the pandemic as a ploy. This is business as usual for hackers, who often use current events combined with automated bot techniques to scam their victims. While everyone is feeling anxious, hackers are using social engineering and other tools to get us to act, often against our better judgment.

The Pandemic and the Future of Security Jobs

While many of us are aware of the cybersecurity talent gap – the world will have 3.5 million unfilled cybersecurity jobs by the end of 2021, according to Cybersecurity Ventures – many businesses are trying to cut costs to prepare for a COVID-related recession. What does that mean for the current climate and the immediate future of security jobs?

It means that despite the overwhelming security talent gap, some security jobs will likely be cut as companies struggle to remain in business. From a practical standpoint, security jobs that are not focused on remote work and cloud, such as jobs in older technologies and on-premises data centers, may be more at risk.

Cooling Security Jobs

Security jobs that are cooling focus on traditional on-premises defense, or preventing attacks we know about. These jobs often exist within the traditional company IT data center and focus on a specific product or program.

Examples include:

Data Center Security Manager: There is less demand for these roles as companies look to pare down their data centers. Organizations want fewer physical data centers as they push more workloads into the cloud.

Hardware Engineer for Security / Security Hardware Technician: These positions tend to focus on custom chip sets, hardware, and devices. Custom hardware is falling out of favor because they companies don’t want to be vendor locked into particular hardware solutions. Accordingly, organizations are getting rid of legacy platforms, which means they need fewer people to work on them.

IT Security Operations Specialist / Security Operations Center Analyst: These roles are on the operations side and focus on managing equipment, troubleshooting, and putting manual corrections into place. These jobs diminish when companies move to managed service models where these tasks are performed for them. Next, as businesses employ machine learning and automation, companies need fewer people running the equipment and manually troubleshooting. Some roles are getting automated out of existence.

Hot Security Jobs

While the cooling jobs tend to address known security issues on legacy on-premises systems, today’s environment requires security to take a more offensive than defensive approach. The skills required for these jobs include cloud security, DevSecOps, user behavior monitoring, and analytics expertise.

Artificial intelligence (AI) knowledge, implementation, and configuration skills will be in high demand, as will jobs in managed services for security experts.

Examples include:

Cloud Security Engineer / Managed Service Security Manager: As companies move to private and public clouds, they need people who understand the security implications of these environments. Or in the case of managed services professionals, people who actually run and operate that environment for enterprises.

Cybersecurity Manager of Machine Learning and AI / Cyber AI Architect: These rolesare responsible for analyzing big data analysis performed offline. They use AI to discover trends and correlations – in this case for security data and events.

Data Scientist for Machine Learning: This role analyzes small data in real time, to provide indications of trends occurring in the networks as the data passes through. It’s a critical role to have on security teams.

As companies move to AI and machine learning algorithms, they need fewer people who can troubleshoot security events and more people who are deep thinkers, who know how analyze data for trends, intent, and recognize early indications of the next cyber-attack.

During lean economic times, underperforming security employees who focus on older technologies, especially those who are inflexible, unreceptive to training, or who lack collaboration skills, will be vulnerable. Cybersecurity professionals who are motivated to stay relevant and evolve their skills will thrive in today’s increasingly demanding security environment.

The disappointment of Australia’s new cybersecurity strategy

Finally, after 11 long months, Home Affairs Minister Peter Dutton has delivered a drab and inward-looking cybersecurity plan and has complained about encryption yet again.

The most striking aspects of Australia’s new Cyber Security Strategy, launched on Thursday, are how vague and unambitious it is, especially when compared to the strategy launched by then-Prime Minister Malcolm Turnbull in 2016.

With the 2020 strategy now online, Turnbull’s vision has of course been thrown down the memory hole despite the government’s claim that it’s now building on its “strong foundations”.

Fortunately for us, the 2016 strategy and its first and only “annual” update are preserved at the Internet Archive.

A comparison of the two is far from flattering to the newcomer.

Turnbull had set out his vision, which in typical Turnbullian style, he referred to as his “philosophy” for a “cyber smart nation”.

“The need for an open, free and secure internet goes far beyond economics,” he wrote.

“It is important for ensuring public and financial accountability and strengthening democratic institutions. It underpins freedom of expression and reinforces safe and vibrant communities.”

The need for an all-optical network

Turnbull said that the internet had to be governed by those who use it, not dominated by governments.

He talked about innovation, about a “national cyber partnership”, and about Australia taking on “global responsibility and influence”.

His action plan included appointing Australia’s first Ambassador for Cyber Affairs and publishing an international cyber engagement strategy — perhaps two of the strategy’s greatest successes.

Indeed, Australia continues to play an important role in global cyber diplomacy.

The proposal for a cybersecurity growth centre turned into AustCyber, promoting Australian businesses internationally.

The strategy created the Cyber Security Cooperative Research Centre and the Joint Cyber Security Centres (JCSCs), although the latter have struggled to find their precise role.

Importantly, Turnbull appointed a minister to assist the prime minister on cybersecurity, giving the whole strategy some focus and leadership.

Also importantly, the action plan was to be completed by 2020, although admittedly most of the items didn’t come with measurable outcomes.

Turnbull’s strategy didn’t totally succeed. Far from it. But with its panoramic vision and international engagement, it was seen as world-leading.

Making cybersecurity more cybersecure

By comparison, the new strategy from the Minister for Home Affairs Peter Dutton is drab and inward-looking.

“The Australian Government’s vision is to create a more secure online world for Australians, their businesses, and the essential services upon which we all depend,” it says.

That’s it. Our vision for cybersecurity is to be more cybersecure.


Europe opened its internal borders six weeks ago. Bookings are up, but there’s a big difference between booking a trip and actually taking one.


It was just under six weeks ago that Europe opened its internal borders in the hopes of salvaging a summer season of travel. So it’s worth asking now how that season is looking.

The prospect of traveling in Europe versus the U.S. at this time is quite different. Europe has largely, if not wholly, beat the virus down. While no form of travel is risk-free during a pandemic, the lower level of virus circulation in Europe makes summer travel a different beast than in the U.S.

However, Europe’s progress remains tenuous.

It’s also worth noting that, in Europe, the July and August vacation season is seen as something of a human right. As journalist Yasmeen Serhan wrote in The Atlantic earlier this summer, unlike the U.S. “Europe savors the summer: a sacred time in July and August when vacations are planned, shops are closed, and the continent agrees to go on a collective pause.”

Given the complexities and uncertainties associated with travel at the moment, however, it’s been anyone’s guess whether or not Europeans would in fact take to planes, trains, and automobiles in order to claim this right of theirs. While no one is expecting 2020s summer to reach 2019 levels, there are some indicators that Europeans are hitting the road.

The opening in June certainly resulted in an increase in bookings to holiday hotspots, said Olivier Ponti, vice president of insights at ForwardKeys. “When Spain, Portugal and Greece announced they would reopen for travel, there was an immediate pick up in Intra-European flight bookings to those destinations,” Ponti told Skift. “In the five weeks following the announcements, the combined booking levels for the three countries rose to 65 percent of last year’s bookings during the equivalent period. By comparison, all intra-European bookings have recovered to 45 percent of last year’s levels over that period.”

ForwardKeys data also showed that during the week of July 13, there were more new bookings than cancellations to the European Union from Europe for the first time since the pandemic began.

In a survey conducted by Eurail, roughly a third of respondents said they intended to stick to their holiday plans for this year. Dutch citizens were the most steadfast, with 41 percent keeping their plans, followed by German (31 percent) and British citizens (30 percent). The survey also noted that 37 percent of respondents said that flexible cancellations and refund policies are most important to their decision making on taking trips, above low cost or promotional fares.

In some ways, Europe is in the best position to see some form of recovery. As the European Travel Commission noted in its second quarter report, the “likelihood of a stable and quick recovery of travel demand is likely to be greater for destinations that rely more heavily on domestic and short-haul travelers.” In that regard, Europe is well-placed. In 2019, the average share of international arrivals that were from short-haul markets in Europe was 77 percent. Meanwhile, the share of domestic travelers was 44.5 percent across Europe, based on data from hotel stays.

However while bookings are up overall compared to the depths of the lockdown, that doesn’t necessarily mean trips taken — especially in the era of hyper-flexible cancellations. Tim Fairhurst, secretary general of the European Tourism Association, told Skift that situations like Barcelona going back into some form of lockdown may remain a huge thorn in the summer season’s side.

“The appetite is there, and bookings are picking up, but fear of finding yourself on the wrong side of a newly closed border is proving to be a factor,” Fairhurst said. “As are situations such as Barcelona’s, where the regional government has reintroduced recommended (not mandated) restrictions, which don’t obviously affect visitors. So we’ve got the novel prospect of risk of resentment for tourism returning at precisely the time when destinations want to welcome its return.”

Refugee Status & Asylum


An Asylum Seeker

He is a person who has fled his or her country of origin and is seeking recognition and protection as a refugee in the Republic of South Africa, and whose application is still under consideration.

In case of a negative decision on his application, he has to leave the country voluntarily or will be deported.

A Refugee

He is a person who has been granted asylum status and protection in terms of thesection 24 of Refugee Act No 130 of 1998.

Under the 1951 United Nations Convention, a refugee can be a “convention refugee” who has left his home country and has a well-founded fear of persecution for reasons of race, religion, nationality, political opinion or a membership in a particular social group.

Under the same convention, a refugee can also be a person “in need of protection”whose removal to his home country would subject him personally to a danger of torture or to a risk to his life or a risk of cruel and unusual treatment or punishment.

Role of the Government of the Republic of South Africa

The Government of the Republic of South Africa has an obligation to grant protection to refugees and other persons in need of protection under a number of UN Conventions such as the 1951 Convention Relating to the Status of Refugees.

However, Convention refugees and persons in need of protection based on a risk to life, or a cruel and unusual treatment must have faced personally the risk all the way throughin the country in question

Eligibility Procedure: Asylum Seeker  

  • A person enters the Republic of South Africa through a port of entry (a land border post, airport or harbor), claims to be an asylum seeker and is, therefore, issued with a section 23 Permits which is a non – renewable “asylum transit permit” of the Immigration Act.
  • The permit is valid for a period of 14 days only and authorizes the person to report to the nearest Refugee Reception Office in order to apply for asylum in terms of section 21 of the Refugee Act.
  • The asylum seeker is required to furnish:


A section 23 permit


Any proof of identification from the country of origin


A travel document if in possession of one

  • The asylum seeker lodges in person his application at a designated Refugee Reception Office where an admissibility hearing takes place.The following are done:


Applicant’s fingerprints taken in the prescribed manner


Interpreter if secured (if necessary )


First interview conducted by a Refugee Reception Officer (RRO) and BI-1590 form duly completed


Applicant’s data and image captured in the refugee system


An Asylum Seeker’s permit (a section 22 permit) is printed, signed, stamped and issued to the Asylum Seeker

  • The section 22 permit which is valid for a period of six monthslegalizes the asylum seeker stay in the Republic of South Africa temporarily pending a final decision on his application. The permit can be extended by an RRO for a further six months while the process of status determination is in progress.
  • The holder of section 22 permit has the right to work and study in South Africa and is protected against deportation to his country of origin.



Refugee Status Determination

Before the permit expires, the asylum seeker reports to the Refugee Reception Office for:

  • A second interview is conducted by a Refugee Status Determination Officer (RSDO)
  • The RSDO proceed with a fair adjudication of the application, makes a decision on claims for asylum application and provides reasons for the decisions. The RSDO must on conclusion of the status determination hearing grant asylum; or reject the applicationas manifestly unfounded, abusive or fraudulent; or refer any question of law to the Standing Committee for Refugee Affairs (SCRA).
  • When granted asylum (written recognition of refugee status), a refugee is generally issued with a section 24 permit, which allows such person to remain for a specified period of 2 years in South Africa, and it is renewable upon expiration of its validity after the review process by an RSDO. In this case, the refugee must write a letter requesting the extension of his or her refugee status
  • He is also allowed to work and study in South Africa whilst the permit is valid.

​Refugee Enabling Documents

  • A refugee must apply for a refugee ID  at any Refugee Reception Office within 15 days in the prescribed manner.
  • After being issued with an ID, a refugee can apply for a UNCTD (United Nations Convention Travel Document) at any Refugee Reception Office in the prescribed manner.
  • An ID is free

Appeal and Review Process

  • In case of rejection, an asylum seeker or refugee who believes that he has a well-founded fear of persecution but whose claim has been rejected, may decide to appeal against the rejection decision of the RSDO to the Refugee Appeal Board (RAB) in the prescribed manner within 30 days after the decision has been handed over to them.
  • The Appeal Board conducts an appeal hearing during which the appellant who is entitled to a fair hearing have the rights to be heard and to present his case fully. The Refugee Appeal Board is responsible for considering and deciding appeals on decisions made by RSDOs.
  • The RAB may after hearing an appeal confirm or set aside or substitute the decision of the RSDO.
  • In respect of manifestly unfounded applications, the Standing Committee for Refugee Affairs (SCRA) reviews or confirms or sets aside decisions taken by the RSDO and refer cases back to RSDO for determination within 14 days as well as monitors in general the decisions of the RSDO.




  • The applicant must have 5 full years continuous residence in the Republic of South Africa as a formally recognized refugee  not as an asylum seeker
  • Write an application letter explaining the reasons for applying for the certification
  • Go to the initial refugee reception office where application for asylum was first lodged and complete the form. The Refugee  Reception Office will ensure that the applicant complies with all the requirements
  • The application will be referred to the Standing Committee for Refugee Affairs which is the body established to certify or not if the applicant will remain a refugee indefinitely
  • If successful, the applicant will then be issued with a “Certification” or Section 27© which will enable the applicant to apply at any Home Affairs office for an “Immigration Permit” or “Permanent Residence”

Legal Instruments

  • Refugee Act, 1998 (No 130 of 19998)
  • 1951 UN Convention relating to the Status of Refugees
  • 1969 OAU Convention Governing The Specific Aspects of Refugee Problems in Africa and 1967 Protocol relating to the Status of Refugees
  • 1993 Basic Agreement between the Government of South Africa and the UNHCR
  • The Immigration Act

Service Standard

Applications may take up to six months