Ambiguity in cybersecurity skill requirements hinders professional development and curriculum design. This study conducts the first large-scale empirical investigation, analyzing 12,161 job postings and 49,002 Stack Overflow posts to construct a role-oriented cybersecurity skills taxonomy. Leveraging text mining, statistical analysis, and job–skill association modeling, we systematically characterize skill distributions across distinct occupational roles. Results reveal that communication and project management are the most critical soft skills; Java is the most frequently required programming language; and technical skill demands differ significantly across roles—including security analysts, security architects, and others. Crucially, the study uncovers role-specific skill structures, demonstrating that skill requirements are not uniform but highly contextualized by job function. These findings provide data-driven, empirically grounded evidence to inform competency-based talent development, curriculum redesign, and personalized career pathway planning in cybersecurity education and workforce development.

Purpose: The increasing number of cyber-attacks has elevated the importance of cybersecurity for organizations. This has also increased the demand for professionals with the necessary skills to protect these organizations. As a result, many individuals are looking to enter the field of cybersecurity. However, there is a lack of clear understanding of the skills required for a successful career in this field. In this paper, we identify the skills required for cybersecurity professionals. We also determine how the demand for cyber skills relates to various cyber roles such as security analyst and security architect. Furthermore, we identify the programming languages that are important for cybersecurity professionals. Design/Methodology: For this study, we have collected and analyzed data from 12,161 job ads and 49,002 Stack Overflow posts. By examining this, we identified patterns and trends related to skill requirements, role-specific demands, and programming languages in cybersecurity. Findings: Our results reveal that (i) communication skills and project management skills are the most important soft skills, (ii) as compared to soft skills, the demand for technical skills varies more across various cyber roles, and (iii) Java is the most commonly used programming language. Originality: Our findings serve as a guideline for individuals aiming to get into the field of cybersecurity. Moreover, our findings are useful in terms of informing educational institutes to teach the correct set of skills to students doing degrees in cybersecurity.