What the Twin Decrees Demand
Presidential Decree 25-321, signed December 30, 2025, established Algeria’s National Cybersecurity Strategy for 2025-2029. Weeks later, Decree 26-07 of January 7, 2026 created the operational framework, mandating dedicated cybersecurity units within public institutions and defining their missions, organization, and responsibilities.
Together, the decrees require every operator of critical infrastructure — energy companies like Sonatrach and Sonelgaz, telecom providers Algerie Telecom, Mobilis, Djezzy, and Ooredoo, banks, healthcare systems, transportation networks, and government digital services — to establish dedicated cybersecurity functions. This is legal mandate, not advisory guidance.
For organizations that previously treated security as a part-time IT responsibility, this means creating entirely new positions: Chief Information Security Officers, SOC teams, incident response specialists, security architects, and compliance officers. The strategy also mandates incident reporting within defined timeframes to a national CERT, regular security audits, and workforce training programs across government agencies and critical sectors.
The urgency is quantifiable. Kaspersky recorded over 70 million cyberattacks targeting Algeria in 2024, along with 13 million phishing attempts and nearly 750,000 malicious email attachments. Algeria ranked 17th globally among the most-targeted nations, yet remains at the “establishing” stage (Tier 3) on the ITU’s 2024 Global Cybersecurity Index.
The Talent Gap Algeria Must Close
ISC2’s 2024 Cybersecurity Workforce Study found 4.8 million unfilled cybersecurity positions worldwide, with the gap growing 19% year-over-year. The 2025 study shifted focus from headcount to skills shortages, but the underlying supply-demand imbalance persists. In the MENA region, the deficit is particularly acute because cybersecurity developed later as a professional discipline than in North America and Europe.
Algeria has no published data on its exact cybersecurity workforce size, but indicators suggest the gap is severe. The State of Software Engineering in Algeria survey found only 8 cybersecurity engineers among 517 IT professional respondents. Across all of Africa, only 20,000 certified cybersecurity professionals exist. Algeria’s universities — USTHB, ESI, University of Oran, University of Constantine — offer computer science programs with security coursework, and the Sidi Abdellah technology campus houses schools covering cybersecurity alongside ENSIA’s artificial intelligence programs. But university output is heavily theoretical: graduates understand RSA encryption mathematically yet may never have configured a firewall or triaged a security incident.
The government is responding. In February 2026, the Ministry of Vocational Training launched new certificate-oriented cybersecurity qualification programs in coordination with the Information Systems Security Agency (ASSI), as part of 285,000 new vocational training places that include cybersecurity certification tracks aligned with international standards like ISO 27001, CISSP, and CEH. These programs address the medium-term pipeline but cannot fill the immediate staffing gap.
Advertisement
What Roles Pay and What They Require
The cybersecurity career hierarchy in Algeria is forming rapidly, with compensation data beginning to stabilize.
Entry-level (0-2 years): SOC analysts and IT security administrators earn approximately 80,000-100,000 DZD per month at Algerian companies. SOC analysts monitor alerts, perform triage, and escalate incidents using SIEM tools. Security awareness trainers, a new role driven by the strategy’s training mandates, are in growing demand at government agencies.
Mid-level (3-7 years): Penetration testers, incident response analysts, and security engineers earn 100,000-200,000 DZD monthly, with freelance testers earning significantly more from international clients. GRC analysts managing compliance with the new regulatory framework represent the fastest-growing mid-level role. About 22% of Algerian cybersecurity professionals work remotely for international employers, accessing considerably higher compensation.
Senior (8+ years): CISOs and security architects command 300,000-600,000 DZD monthly or more at major organizations. Algeria has perhaps a few dozen individuals genuinely qualified for CISO roles across all sectors, against demand for several hundred. The supply constraint at this level is extreme.
How to Break Into Cybersecurity From Algeria
The certification ecosystem remains the primary barrier and the primary differentiator. Exam fees are denominated in foreign currency — CompTIA Security+ costs $425, CEH runs $950-$1,199, CISSP is $749, and OSCP is $1,749 — prohibitively expensive relative to local salaries and complicated by international payment restrictions. The few Algerians holding CISSP or OSCP certifications are among the most sought-after professionals in the country.
More accessible pathways exist. CTF competitions organized through CyberTalents Algeria, OWASP Algiers, and local security communities expose participants to real challenges in reverse engineering, web exploitation, and forensics at minimal cost. Algeria’s national CTF teams have achieved respectable results in the Arab and Africa Regional Cybersecurity CTF competitions, demonstrating that raw talent exists even where formal training infrastructure lags. Several employers now recruit directly from CTF leaderboards.
Online platforms — TryHackMe, Hack The Box, and SANS Cyber Ranges — offer structured paths from beginner to job-ready in 6-12 months. The barriers for Algerians are payment access and internet reliability for lab exercises, but these remain more accessible than formal certification.
Employers consistently report that practical demonstration outweighs paper credentials. A candidate with CTF results, a documented home lab, or open-source security contributions will outperform someone who has only memorized exam answers. Communication skills matter equally: a SOC analyst who can write incident reports that non-technical executives understand is more valuable than a technically superior analyst who communicates poorly.
Regional Benchmarks and Honest Trade-Offs
Morocco’s DGSSI has been operational since 2011, giving it a 14-year institutional head start. Tunisia’s cybersecurity agency (ANSI, now replaced by ANCS since 2023) has been active since 2004. Algeria’s strategic advantage is the current regulatory catalyst — mandatory demand on a compressed timeline means early movers face less competition than professionals in more mature markets.
The honest trade-offs deserve acknowledgment. Algerian cybersecurity salaries, while competitive locally, remain a fraction of international rates — the same SOC analyst earning 100,000 DZD monthly in Algiers would earn three to five times more in the Gulf or Europe. This creates persistent brain drain pressure. Many organizations are implementing security functions for the first time, meaning professionals may spend as much energy building organizational security culture as performing technical work. And for highly specialized roles — malware reverse engineering, advanced threat intelligence, red team operations — the local market may not yet offer sufficient depth, pushing advanced practitioners toward remote international work.
None of these realities diminish the core opportunity. Algeria’s cybersecurity market is projected to reach US$183 million by 2029. The regulatory framework guarantees sustained demand for at least four years. And in a market this supply-constrained, those who invest in practical skills now will define the profession’s trajectory in the country.
Frequently Asked Questions
What cybersecurity jobs are most in demand in Algeria right now?
SOC analysts, security engineers, and GRC specialists top immediate demand. Decree 25-321 requires all critical infrastructure operators — telecom, energy, banking, healthcare, and government — to establish dedicated security functions, creating particularly strong hiring pressure. Penetration testers and CISOs are in extreme demand but require more experience and certifications.
Do I need a university degree to work in cybersecurity in Algeria?
A degree helps but is not strictly required at entry level. The new vocational cybersecurity tracks under the 285,000 training places initiative, CTF competition experience, certifications like CompTIA Security+ ($425) or CEH ($950-$1,199), and demonstrated practical skills through platforms like TryHackMe or Hack The Box all provide viable pathways. For senior and government roles, a degree is typically expected.
What certifications should I pursue first from Algeria?
Start with CompTIA Security+ at $425 — it is the most accessible, widely recognized, and achievable with self-study in 3-6 months. After gaining work experience, consider CEH for penetration testing or CISM for management roles. CISSP ($749) is the long-term goal for senior professionals but requires five years of experience. OSCP ($1,749) commands the highest market premium in offensive security.
Sources & Further Reading
- ISC2 2024 Cybersecurity Workforce Study — 4.8 Million Global Shortfall
- Algeria Adopts 2025-2029 National Cybersecurity Strategy — WeAreTech Africa
- Algeria Expands Vocational Training for Cybersecurity — TechAfrica News
- Cybersecurity in Algeria: Rise as a Strategic Hub — Systelium
- Cybersecurity and Governance — State of Software Engineering in Algeria
- CyberTalents Algeria National Cyber Security CTF
- CompTIA State of Cybersecurity 2025 — Skills Gap Analysis
🔗 Related Intelligence
From Student to CISO: The Cybersecurity Career Pathway in Algeria
Algeria’s National Cybersecurity Strategy 2025–2029: A Deep-Dive Analysis
The Global Cybersecurity Skills Crisis: What Algeria Must Teach Now
The 4.8 Million Cybersecurity Professional Gap: What It Means for Algerian Companies
