Article

Profiling Cross-Border Remote Cybersecurity Employment for Jurisdictional Complexity via Unsupervised Role-Arrangement Clustering

---

Abstract

Cross-border remote work has expanded the practical footprint of cybersecurity labor beyond traditional organizational and national boundaries, raising jurisdictional questions about employment governance, taxation, and cross-border data access. However, empirical cyberlaw research is often limited by the availability of legal outcome variables at scale. This study presents a dataset-only, unsupervised method to detect and summarize cross-border remote work configurations that plausibly differ in jurisdictional coordination burden. Using a structured salary dataset of cybersecurity-related roles, we operationalize cross-border status as a mismatch between employee residence and company location. To avoid a trivial domestic-versus-cross-border split, clustering is performed exclusively on cross-border records. Mixed categorical and numeric features—remote-work intensity, employment type, experience level, company size, and optional role grouping and jurisdiction categories—are represented via Gower distance. We apply average-linkage hierarchical clustering to the resulting precomputed distance matrix and select a solution using silhouette score. To prevent unstable singleton patterns from being reported as typologies, we enforce a minimum cluster size (n≥5) by merging micro-clusters into the nearest larger cluster using mean inter-cluster Gower distance. The final cross-border typology yields two interpretable groups: a dominant “enterprise remote-first” configuration (n=52) with high fully remote prevalence and strong concentration in large firms, and a smaller “mid/small mixed-remote” configuration (n=6) with no large-firm representation and a tighter salary distribution. The dominant group spans many distinct residence→company corridors, suggesting broader cross-jurisdiction exposure and coordination needs, while the smaller group reflects more constrained organizational settings. The study contributes an interpretable clustering workflow with explicit micro-cluster handling for exploratory cyberlaw analyses, and it delineates the limits of inference when legal compliance variables are absent.

Keywords: cross-border remote work, jurisdictional complexity, unsupervised clustering, Gower distance, cybersecurity labor markets

How to Cite:

Bahurmuz, A. & Alhebi, M., (2025) “Profiling Cross-Border Remote Cybersecurity Employment for Jurisdictional Complexity via Unsupervised Role-Arrangement Clustering”, Journal of Cyber Law 1(4), 344-358. doi: https://doi.org/10.63913/jcl.v1i4.70