Description
The SANS Institute released the document “AI Cybersecurity Careers 2026”, dedicated to how artificial intelligence is changing the cybersecurity job market and which professions are becoming the most in demand. It covers current AI security roles, why they are emerging, salary levels, market requirements, and key skills that specialists will need in the coming years.
The main idea is that the market has already started hiring specialists at the intersection of AI and cybersecurity, but most career guides are lagging behind. The document divides roles into 3 groups:
- Hiring Now - roles that already exist in the market
- Building - existing current roles that are being reshaped into new ones
- Horizon - roles that will actively enter the market in 2027-2028
Hiring Now
These are roles that are actively appearing in job postings right now and already exist in the market.
AI/ML Security Engineer - the specialist is responsible for building and protecting AI systems across the full lifecycle, from training pipelines to production deployment. Responsibilities include threat modeling for ML models, implementing guardrails for LLMs, protecting input data from poisoning attacks, and integrating AI security tooling into CI/CD and MLOps workflows. Salary: $152K-$210K.
AI Red Team Specialist - the specialist conducts various attacks and techniques against LLMs and agentic AI systems. Salary: $130K-$220K.
AI Governance, Risk & Compliance Lead - AI risk management, policies, compliance with regulations and other regulatory requirements. Salary: $160K-$240K.
AI Threat Intelligence Analyst - tracking and analyzing new attacks against AI systems, looking for attack indicators, responding to discovered patterns, and turning them into practical rules. Salary: $110K-$165K.
Building
These are not necessarily new positions, but an evolution of existing security roles.
AI SOC Orchestrator - a new type of SOC analyst who coordinates AI agents, validates their outputs, configures playbooks, and works in human-in-the-loop mode. The document describes this role as an evolution of the classic SOC analyst. Salary: $95K-$145K.
AI Incident Response Orchestrator - this role is responsible for managing AI-based response systems that automatically detect, localize, and neutralize threats. Salary: $120K-$180K.
AI Security Specialist - a bridge between technical AI security and the business. The specialist evaluates AI projects, risks, and implementation, and helps leadership make decisions. The document calls this role the most accessible entry point for security specialists moving into AI security. Salary: $130K-$185K.
AI Supply Chain Security Engineer - DevSecOps/MLOps for AI. Protection of models, datasets, containers, third-party AI components, and CI/CD. Salary: $130K-$185K.
Horizon
These are areas where there are fewer vacancies for now, but SANS considers them promising.
AI Identity Deepfake Defense Specialist - a specialist who builds verification architecture that does not rely exclusively on deepfake detection. Responsibilities include creating live-user verification systems, behavioral biometrics systems, context-aware access policies, and authentication systems that are resilient to AI attacks. Salary: $130K-$185K.
Post-Quantum Cryptography Migration Specialist - a role related to the transition from classical cryptography to post-quantum cryptography. The specialist inventories cryptographic assets, assesses risks, plans migration transitions, and implements various architectures. Salary: $175K-$260K+.
Conclusion
The authors of the document conclude that the AI Security market is at an early stage of development. Many roles are only forming, but there is already high demand for specialists in AI governance, AI red teaming, AI incident response, AI supply chain security, and post-quantum cryptography. The document states that 74% of cybersecurity teams are changing their structure because of AI, 34% of organizations have already filled AI/ML Security Specialist positions, and 77% of security specialists use GenAI/LLMs in their stack. Special attention is paid to the growing speed of attacks. The document says that attacks using AI systems can perform actions in less than a minute, while a human needs 47 to 79 minutes for similar operations. The authors emphasize that the industry’s main problem is no longer a shortage of employees, but a shortage of specialists with the required AI Security skills. Many organizations are actively adopting generative AI, but a significant share of them do not have full-fledged frameworks, AI policies, or trained specialists to support these technologies safely.