Cybersecurity Careers In The AI Era: New Roles Emerging in 2025 and Beyond
AI Is Going To dominate Cybersecurity Conversations In 2025 And Beyond
If you are sick of hearing about AI then I have some bad news ..
AI is going to continue to dominate cybersecurity related news in 2025 and beyond
You can either accept this and adapt OR get left behind
Traditional cybersecurity roles, such as penetration testers and risk managers, are expanding to include responsibilities specific to AI systems.
At the same time, new roles like AI Governance Officers and AI Risk Managers are being created to handle the ethical, regulatory, and operational challenges that AI is bringing .
In this article I want to break down these roles and (hopefully) give you an idea of what skills you need to thrive in the AI era.
Which Roles Are Changing ?
1 — Penetration Tester to AI Penetration Tester
Pentesters traditionally focused on finding vulnerabilities in networks, applications, and systems.
However, with AI, there’s now a need for AI Penetration Testers who specifically test AI models and systems for security flaws.
These professionals must understand adversarial machine learning techniques and how attackers might manipulate AI algorithms.
They work to expose weaknesses in AI systems, such as susceptibility to prompt injections, adversarial attacks, data poisoning, and model inversion.
Key responsibilities of an AI Penetration Tester include:
Conducting adversarial testing on AI models to simulate potential attacks.
Testing AI-based defenses in production environments.
Ensuring AI systems meet the same security standards as traditional applications.
Collaborating with data scientists and other teams to strengthen model robustness against manipulation.
2 — IT Risk Manager to AI Risk Manager
Traditional cybersecurity risk managers assess risks related to IT infrastructure, data security, and compliance.
With the integration of AI, a more specialized role of AI Risk Manager is emerging.
AI Risk Managers evaluate risks unique to AI systems, such as algorithmic bias, data quality issues, and model drift.
These professionals must have expertise in both AI and cybersecurity, as they assess potential vulnerabilities in AI systems and establish safeguards to mitigate them.
Key responsibilities of an AI Risk Manager include:
Identifying and assessing AI-specific risks using frameworks such as the NIST AI Risk Management Framework.
Developing risk mitigation strategies tailored to AI models.
Providing reports on the risk posture of AI systems.
Ensuring that AI systems align with organizational risk management frameworks.
3 — Data Scientist to AI Security Data Scientist
Data scientists play a vital role in training AI models, often focusing on accuracy and performance.
However, in the AI era of cybersecurity, AI Security Data Scientists are tasked with integrating security considerations directly into model development.
These professionals work closely with cybersecurity teams to ensure that models are not only effective but also resistant to adversarial manipulation and exploitation.
Responsibilities of an AI Security Data Scientist include:
Designing AI models with built-in security features to prevent manipulation.
Collaborating with cybersecurity teams to understand potential threat vectors.
Analyzing data pipelines to prevent unauthorized data access.
Implementing privacy-preserving techniques in model training.
New Roles in Cybersecurity for the AI Era
1 — AI Governance Officer
As AI grows closer and closer to sensitive business data, organizations are increasingly aware of the ethical and regulatory considerations associated with AI deployment.
An AI Governance Officer ensures that AI-driven systems comply with ethical standards, regulatory frameworks, and internal policies.
This role involves developing governance frameworks and enforcing policies that oversee the responsible and ethical use of AI within the organization.
Responsibilities include:
Developing and implementing AI governance frameworks and policies.
Ensuring AI practices align with ethical guidelines and regulatory standards.
Conducting regular audits of AI systems to confirm compliance.
Collaborating with legal, compliance, and ethics teams to mitigate AI-related risks.
2 — AI Ethics Officer
AI Ethics Officers address the moral and ethical implications of AI systems, such as algorithmic bias, fairness, and transparency.
This role involves scrutinizing how AI impacts decision-making and ensuring that AI implementations respect ethical standards.
They work to protect users from potential harm caused by biased algorithms or unfair outcomes generated by AI models.
Core responsibilities of an AI Ethics Officer include:
Reviewing AI models for bias, transparency, and fairness.
Collaborating with data scientists to identify and mitigate ethical concerns.
Educating organizational stakeholders on the ethical implications of AI.
Developing guidelines for the ethical use of AI in cybersecurity operations.
3 — AI Compliance Specialist
With regulations like the EU AI Act, organizations need dedicated AI Compliance Specialists to ensure their AI-driven systems meet legal standards.
This role focuses on the regulatory aspects of AI, ensuring that data privacy, consent, and transparency are upheld in every AI implementation.
Key responsibilities include:
Assessing AI systems for compliance with data privacy and security regulations.
Monitoring emerging AI regulations and updating policies as necessary.
Conducting compliance audits of AI-based tools and processes.
Educating teams on compliance requirements and best practices for AI.
4 — AI Security Specialist
Think of an AI Security Specialist as someone similar to a Cybersecurity Analyst
These professionals are skilled in identifying and mitigating risks with operational AI models.
These specialists focus on safeguarding AI systems against adversarial attacks, where attackers manipulate the AI algorithms to achieve malicious goals.
For example, attackers might trick an AI-powered fraud detection system into classifying fraudulent transactions as legitimate.
Core responsibilities of an AI Policy Strategist include:
Conducting risk assessments on AI models.
Developing and implementing security protocols specific to AI systems.
Understanding and mitigating adversarial attacks.
Collaborating with data scientists to ensure the security and privacy of datasets used in AI training.
Preparing for These Evolving and Emerging Roles
To prepare for the roles emerging in the AI era of cybersecurity, professionals should focus on building a strong foundation in AI, machine learning, and cybersecurity fundamentals.
Specialized training in adversarial machine learning, ethical AI practices, and AI model governance will be essential for those looking to enter these new positions.
1 — AI and Machine Learning Knowledge
A foundational understanding of AI and machine learning is a must.
Cybersecurity professionals in this era must understand the algorithms that power AI, as well as how to train, test, and deploy machine learning models.
Courses in AI and machine learning for cybersecurity are now available ( including mine on Udemy !), and many universities and training centers offer specialized programs to equip cybersecurity professionals with these skills.
2 — Data Science and Analytics
Data science is essential for analyzing the vast amounts of data produced by modern security systems.
Skills in data analysis, pattern recognition, and data-driven decision-making are now as important as traditional cybersecurity skills.
Familiarity with data analytics tools like Python, R, and SQL, as well as data visualization platforms, will give professionals an edge in this era.
3 — Adversarial Thinking and Threat Modeling
Cybersecurity in the AI era requires a proactive approach. Professionals must learn to think like attackers to anticipate how AI systems might be exploited.
Skills in threat modeling, red teaming, and adversarial machine learning are essential to identify vulnerabilities in AI models before attackers can exploit them.
4 — Knowledge of AI Ethics and Compliance
With growing concerns over AI ethics, bias, and data privacy, professionals must understand the legal and ethical implications of AI use. Knowledge of frameworks like the EU AI Act, GDPR, and CCPA will help ensure that AI-driven cybersecurity practices comply with regulatory standards and ethical principles
5 — Understanding Cloud Security and AI Infrastructure
Since many AI models run on cloud platforms, understanding cloud security is essential. Knowledge of cloud security best practices, familiarity with cloud platforms like AWS, Azure, or Google Cloud, and understanding how AI workloads are secured in cloud environments are critical skills for cybersecurity professionals working with AI systems.