This post is about why you can get into the cybersecurity field while in your forties, or beyond. If you are looking for information on how to get started on our cybersecurity career journey, check out our Getting Into Cybersecurity plan here. You can also review our quiz on whether cybersecurity is for you.

I know several people in their late thirties, forties and even fifties looking to make a career change and move into cybersecurity.  We all assume that going into a career like cybersecurity is achievable for a younger person beginning their career, but what about a midlife career changer?  What are the chances of making a career change into a technical field like cybersecurity at midlife?

Can someone get a job in cybersecurity in their forties?  You can get a job in cybersecurity in your late thirties or forties if you leverage your existing strengths from your career experience, have realistic salary expectations and can commit to the training process to learn cybersecurity.

If you’re someone who is in their thirties or forties and looking to make a career change into cybersecurity, read on as we take a look at the factors in your favor and the roadblocks you may face, so that you can get a better idea of your chances for career change success.

The Factors in Your Favor

Here’s the good news:  There are several factors inherent in the current economy and in the cyber security field that work in the favor of anyone looking to move into cyber security, including those at or approaching midlife.  Consider the following:

Factor #1:  The current cybersecurity unemployment rate is low.  Really low. 

If you’re in your forties and have been in the job market for any amount of time, you know that the market is constantly a game of leverage.  Sometimes the job market is weak, which gives employers the upper hand, and sometimes the unemployment rate is low, and workers are in a position of strength.

So where do we stand now?  In 2018, the unemployment rate for cyber security hit 0%, with expectations of hundreds of thousands or even a million or more jobs going unfilled.  This trend shows no signs of stopping.  As someone in higher education who teaches cybersecurity, I have even heard it said this way:

“Even if colleges produce as many cybersecurity professionals as they possibly can, there will still be a worldwide shortage in cyber of more than one million workers.”

Yikes.  The indicators show that employers will be largely unable to find qualified, experienced cyber workers of any age.  You can read more about the demand for cybersecurity professionals here.

Factor #2:  Cybersecurity does not require advanced degrees or have standardized requirements. 

Yes, employers would love for every employee to have a master’s degree, but if you’ve read the paragraphs above you know that they just can’t have it.  For both the employer and the employee, a degree is a nice-to-have, not a must-have.  I’ve said many times that the tech field has always been a show-me field, meaning that if you can prove your skills, you’re in.  A lack of degree isn’t going to stop an employer in this job market from hiring a qualified candidate.  Period.  Also consider cybersecurity doesn’t have a standardized requirement, like passing the bar for attorneys or getting a license to practice medicine for doctors.  Read more about getting a job in cybersecurity without a degree here.

Factor #3:  The retraining process is shorter than many other knowledge careers. 

When I was in my late thirties, I thought about what options a person would have to make a career change at midlife that could be done quickly and would result in a six-figure salary.  I didn’t come up with many options.  Think about it.  Who do you know that is signing up for medical school at the age of forty?  No one.  People don’t make midlife career changes to become an engineer, accountant, doctor or attorney because the process is too long.  With cybersecurity, you can retool and get into the field in as little as two years.

Factor #4:  People are working longer. 

Forty is the new thirty and people in the United States and elsewhere are staying in the workforce longer now than ever.  Regardless of the economic or political reasons for this, we are living longer and working longer, which means a midlife career changer is in good company.

Factor #5:  Employers need the soft skills of customer service, management and sales experience. 

Many employers have told me that they need their technical staff to be able to communicate to customers and represent their companies well, and that this skillset is MORE important than the technical skillset.  If you’re in your forties, you probably feel that you’ve had the opportunity to build your customer service, leadership, managerial or sales chops.  Employers like that and they need that.  You can learn more about the skills that cybersecurity hiring managers request in our article here.

Factor #6:  Employers have trouble finding younger workers that are committed. 

Many younger workers entering the workforce are taking a different approach to employment than previous generations.  Their focus is often placed more on work-life balance and job flexibility.  We’ve all heard the rumors about millennials that don’t have a license, don’t want to own a home, and don’t want to come into work until 10:00.  They put their social life desires before their job responsibilities.  This of course is a generalization and doesn’t apply to all workers of any age group, but the data out there is enough to make employers weary.  As a candidate in your forties, you don’t get lumped into this generalization.

Factor #7:  Some employers will pay for life experience.

Every employer wants a deal, but quite a few employers have been burned by hiring inexperience or younger workers in the hopes of finding cheap talent.  As the cybersecurity market is maturing, there are many employers that are finding value in hiring, and paying for, employees with additional skillsets and life skills.  

In addition, as companies grow, many employers need to fill middle management spots or positions that are cyber-related but may have a sales focus.  Your work experience may help you win these types of opportunities.

The Roadblocks Working Against You

With the factors in our favor out of the way, we need to discuss the roadblocks that may pop up and derail our cybersecurity career plans.  The first one is pretty obvious, and for many workers, a non-starter right out of the gate.

Roadblock #1:  Salary demands. 

From my experience, hands down the biggest challenge midlife career changers face when planning a change into cybersecurity is the salary requirement the have.  This cuts both ways too.  Midlife workers often have higher salary needs, and employers often assume midlife workers have higher salary needs.  It may make it tough to get to the interview if an employer makes this assumption.

Since we can’t really control the employer side of the equation, you’ll need to decide if you can afford a entry level cybersecurity salary for some amount of time before you can get that salary number up as your experience builds.  This of course is a personal, case by case decision.

Roadblock #2:  A lack of computer or technology experience. 

If you can handle the salary challenge described above, then you also need to assess your technology background.  While you can learn anything that you put your mind to, most people would objectively assume that a construction worker who doesn’t use a computer for work and doesn’t have one at home is going to be a few steps behind an office manager who uses a computer every day and has a laptop in the living room.  Consider if technology is foreign to you or a part of your daily life.  Unfortunately, if you don’t have the general exposure to technology already, gaining that experience and then building cybersecurity knowledge on top of that may be nearly unsurmountable.

Roadblock #3:  An ability to adapt. 

If you’re still hanging in there, your next step is to objectively assess your ability to adapt and take orders from someone who may be younger than you.  Just like the millennial worker generalization described above, many employers assume or have experienced older workers who are too set in their ways.  A new career, and especially a field like cybersecurity, is going to require flexibility, adaptability, and a willingness to try things a different way than what we may have always known.  In assessing yourself, are you up for that challenge?

Roadblock #4:  Time. 

I suppose everything eventually comes down to time and money, so since we already covered the money we need to talk about the time.  Midlife career changers are prone to busier schedules and more responsibilities.  Will you be able to carve out time to pursue this career, possibility to the detriment of your time with your family?  Can you handle adding new career training to your probably already busy schedule.  No doubt it takes a commitment.  Take the time to think about the impact of going to classes after a long day of work or missing a child’s soccer game in order to study.  If time is limited, things can become challenging.

At this point, if you think the factors in your favor and the benefits of a cybersecurity career outweigh the roadblocks you personally may face, it may be time to start looking into starting your career change journey.  If that sounds like you, consider the following math:

Assume a person is 40 years old and has a salary of $45,000 per year.  They plan to work until age 65.  They are good at their current job but recognize it has limited future opportunity.  They estimate that in a technical career that is fully established, they can earn about $50,000 more per year than they would in their current field.  Even if it takes them 5 years to transition and build up the needed education and skills, they would only be 45 years old and still have 20 working years left in their career.  Those 20 years at $50,000 more per year means an increase of $1,000,000 in total lifetime earnings

In other words, this may be a million-dollar decision.  Choose wisely.

Related Questions

How can I find out how much cybersecurity professionals earn?  Check out the major career websites such as, and  Another good resource is the federal government’s Bureau of Labor Statistics site, which is  They provide data on every job classification, including education and salary numbers and regional data breakdowns.

Is cybersecurity hard?  Cybersecurity is probably equivalent in difficulty to any other knowledge career that requires continual education.  Cybersecurity generally is not physically demanding and doesn’t require excessive hours, but does require dedication and determination in order to stay relevant.

About the author 

Matt Day

Matt Day is a cybersecurity professional with over twenty years of experience in the IT, cybersecurity, and technology training fields. He has a degree in Computer Information Science and CompTIA A+, Network+, Security+, Server+, CySA+, and Cisco CCNA certifications.