Skip to content

← Back to blog

State of Cloud Security Hiring - June 2026

I pulled 383 cloud security job postings from June 2026 and dug into the data. This month we also added Workday as a job source, so the dataset is broader than May's. Some of the absolute number increases reflect better coverage, not just market movement. The percentage-based comparisons are where the real signals are.

Here's what companies are actually asking for right now.

The short version

  • Azure is closing the gap with AWS. The lead shrank from 38% to 16%.
  • Onsite jumped to 50%, up from 41% in May. Remote dropped to 23%.
  • Wiz appears in 12% of postings, up from 8% in May. It's pulling away from every other CSPM.
  • Entra ID overtook Active Directory. The on-prem identity era is behind us.
  • Entry-level ticked up to 3%, but 5 years is still the floor for most roles.

Platforms

AWS still leads, but Azure is right behind it. In May, AWS had a 38% lead over Azure. In June, that gap shrank to 16%. Azure appears in 63% of postings now, up from 59% in May. GCP dropped from 52% to 41% of postings. It gets listed as a platform requirement, but employers rarely ask for GCP-specific security services.

Multi-cloud is the default expectation. Most postings ask for two or three. Single-cloud experience is becoming a liability.

Skills

Terraform and Kubernetes are nearly tied at 153 and 152 mentions. Container security is no longer a nice-to-have.

Python leads languages at 142, Go at 56, and the scripting pair of PowerShell (54) and Bash (50) round it out. PowerShell shows up in 14% of postings, likely tracking Azure's rise.

AWS-native security services remain heavily demanded: Security Hub (45), GuardDuty (43), EKS (23), CloudTrail (15). Compare that to GCP's ecosystem: GKE (15), Chronicle (8), and not much else. Azure's native tools (Sentinel, Defender, Entra ID) are covered in their own sections below.

CSPM tools

Wiz appears in 12% of postings, up from 8% in May. Defender for Cloud sits at 9%, riding Azure's growth. Prisma Cloud at 7% is a distant third.

If you're picking one third-party CSPM tool to learn, Wiz is no longer a suggestion. It's the answer.

Compensation

The highest-paying roles this month come from enterprise tech, security vendors, and finance:

Salesforce's Cloud Security Architect at $263-401K tops the list. Vercel ($208-312K) and Temporal ($225-275K) show that developer infrastructure companies pay well for cloud security. Arrowstreet Capital, a hedge fund, is offering up to $315K, confirming that finance competes hard for this talent. May's $400-500K AI company outliers (Mercor, xAI, Perplexity) didn't post new roles this month.

Experience levels

Entry-level ticked up from 1% to 3%. Progress, but still bleak if you're starting out. The path in remains the same: get a broader security or DevOps role first, build cloud hours, then pivot.

308 of the 383 postings specify years of experience:

Postings by minimum years required

5 years is still the magic number. 74 postings ask for exactly "5+" as the minimum, and it's the floor for almost every senior role. Staff-level postings asking for 7-10+ years are the largest bucket at 101. Companies are hiring across the experience spectrum, but they want depth.

Work mode

The biggest shift from May. Onsite went from 41% to 50%. Remote dropped from 35% to 23%. Hybrid stayed roughly the same at 27%.

Of the 87 remote postings, 36 are locked to the US. Only 10 are truly remote-anywhere with no country requirement. The rest are country-locked to the UK (7), Canada (4), or scattered across Europe. "Remote" in cloud security still means "work from home in a specific country."

Geography

The US holds 40% of postings. India is a strong second at 16%, driven by PwC and Concentrix hiring in bulk. France showed up with 19 postings, mostly Thales and defense-adjacent roles. Canada sits at 6%.

Certifications

CISSP appears in 28% of postings, up from 22% in May. CCSP jumped from 9% to 26%. Employers are leaning harder on certifications.

If you're planning a cert path: AWS Security Specialty first for hands-on credibility, then CCSP for the cloud security generalist signal, then CISSP when you're ready for senior or leadership roles.

CKS shows up in 3% of postings. Still small next to Kubernetes' 40%, but the gap between the skill demand and the cert demand will close.

Detection and identity

EDR: Microsoft Defender leads at 60 mentions, CrowdStrike follows at 39. The Microsoft stack owns this category.

SIEM: Microsoft Sentinel (41) leads Splunk (28), with Chronicle (8) as the GCP option.

Identity: Entra ID (45) leads Active Directory (36). In May they were nearly tied. The on-prem to cloud identity shift is showing up in hiring. Okta sits at 8 as the non-Microsoft alternative.

CI/CD: GitHub Actions (35) overtakes Jenkins (22), with GitLab CI (13) growing. Securing the pipeline is standard cloud security scope now, not something you hand off to DevOps.

What I'd do with this data

The same core advice from May holds, but sharper: learn Terraform and Kubernetes security deeply, pick AWS as your primary cloud and get comfortable with Azure as your second (not optional anymore), write Python for automation, and know GuardDuty, Security Hub, and CloudTrail inside out. Get Wiz experience if you can. Start with AWS Security Specialty, then CCSP.

The new signal this month: be prepared to go onsite. Remote dropped hard and the trend isn't reversing. If you want remote, target UK or Canada-based companies, but know that truly remote-anywhere roles are rare. 10 out of 383.


· Chandrapal Badshah