AI Finds Flaws — Cybersecurity Jobs Are Rising

Rapid adoption of AI in software development has accelerated engineering velocity, which has in turn created a heavier security burden for defenders who must find, prioritise, and fix flaws that appear faster than before. SANS research has identified more than 2,500 active AI/ML security engineer postings on job platforms as of March 21, 2026, a category that has grown quickly and that suggests employers are expanding teams to meet new needs. If organisations do not build AI-aware testing into development pipelines, vulnerabilities can persist at scale.

Anthropic’s restricted Claude Mythos preview has underscored this dynamic by surfacing thousands of vulnerabilities across major operating systems and web browsers; industry testing found that more than 99 percent of the issues Mythos flagged remained unpatched in initial scans. Project Glasswing—an industry effort that includes multiple large vendors—has been used to share and triage those findings, and Anthropic has allowed partners to publish what they find publicly while it studies risks.

At the same time, vendors are deploying AI to defend systems. Microsoft’s Autonomous Code Security work has helped researchers identify sixteen new vulnerabilities in Windows networking and authentication components, including four critical remote code execution flaws, showing that AI can speed both offense and defence. Tenable’s 2026 Cloud & AI Security Risk Report has documented an exposure gap driven by AI-driven development, third-party code, and weak identity controls, which complicates remediation priorities.

Consequently, employers are seeking engineers who combine software fluency with security expertise; data from recruitment firms and market reports show AI security roles commanding higher pay. For professionals who can bridge code and risk, the field is expanding, and teams will likely continue to reshape hiring and training practices.