As a hiring manager in cybersecurity, you know hiring the right InfoSec professionals for your organization isn’t always exactly easy. The conventional job listings aren’t getting you very far and the hole in your team’s staff represents a glaring burden.
But why? There is a growing need for cybersecurity professionals - it’s one of the leading jobs in IT. As a hiring manager, it’s your job to know how and where to look for cybersecurity
Thankfully, there are some methods you can incorporate to improve your hiring process and become an expert-level hiring manager.
Here are five interesting things to know about while hiring for cybersecurity.
1) Create A Unique Job Listing
Too many hiring managers fail to understand the nuance of a clear and distinct job listing. Instead, they rely on the human resources department to create an unimpressive advertisement and wonder why they’re receiving dismal results.
As a hiring manager, especially in this competitive field, you must break the mold, think outside of the box. Create an exciting and specific job listing for the position you hope to fill – that effort goes a long way.
Remember that you are making a sales pitch - you want to make someone want the job you are offering. Put effort into selling the job opportunity and the security team instead of offering a basic explanation of the company.
If you can’t convince a prospective employee why they would love to work for your team, you won’t go far. But if you can properly sell the position on an awesome job listing, you will surely find a great employee.
2) Relax Degree Requirements
Cybersecurity has greatly changed over the years, and so has employment in this field. There’s growing precedence for hiring cybersecurity specialists without a degree.
Whereas cybersecurity used to be reserved for those with master’s degrees, requirements have steadily been lowered to expand the workforce. Many organizations hire candidates with a variety of certifications and experiences, including, yes, those without a degree.
Consider an individual with no degree but over a decade of hands-on experience in the military. They are qualified regardless of certification status, and so you should be open to these professionals in your search.
Veterans are ideal cybersecurity candidates, even if they have no degree, and you should consider giving them a shot. Veterans tend to be motivated to take further training and classes once hired, and employers realize and appreciate this fact.
3) Offer Further Training
When creating your job listing and when conducting an interview, stress that the position offers on-the-job training and education. This may not cost as much money as you may think and some options are free.
Not only does this make them a more rounded employee, but it helps them advance their career from the jump. This way, both you and your prospective employee benefit greatly and instantly upon the rendered hiring decision.
It’s essential that you fulfill these promises of training and education, and that your approach is methodical. Organize how often and how long they will train and monitor their progress.
By prioritizing training when hiring, you will incentivize the right worker to come and work for your team in cybersecurity. By following through once that individual is hired, you will unlock the potential of your new hire and your company.
4) Hire Internal Candidates
Sometimes a hiring manager doesn’t have to look very far to find the solution to their staffing problems. You may be surprised to find that the candidate for your unfilled InfoSec position is already hired by the organization!
Indeed, many corporations realize investing in the workers they already have is the way to close their cybersecurity workforce gap. As a hiring manager, you can implement this change by offering leadership and mentorships to interested candidates.
One organization named the Executive Women’s Forum, which focuses on women’s representation in information security, offers a relevant solution for such expansion. Offer women-specific training and mentorship to help diversify your workforce and amplify the untapped potential of talent you already have.
Women often do not see other women in leadership positions in InfoSec – and this deters women from considering these positions. Only by paying equal attention to all genders, which means amplifying underrepresented groups, can a change in workforce shortages occur.
5) Know Your Market
The Bureau of Labor Statistics (BLS) expects a continued information security job growth of 32% by 2028. But not all regions have the same density of talent pool to pick from when hiring for cybersecurity.
It’s important to understand the nation’s cybersecurity market, and how the landscape varies depending on where you search. According to Cyberseek, Washington, D.C. has ten times the national average of cybersecurity positions and listings. In contrast, Arizona falls 30% below the national average.
If you offer work-from-home options for employees, searching for talent in these areas where jobs are dense could be fruitful. But in order to pull someone from Washington D.C., for example, you must be offering something worthwhile.
But if you don’t offer work-from-home, consider accommodating candidates in your area, even if you must train them some. Fill your staffing gap with an employee who offers 80% of what you need instead of letting that gap continue.
The increased reliance on technology in our world suggests that demand for cybersecurity jobs isn’t going anywhere soon. But as the landscape of information security changes, so must the practices of hiring managers - that’s where you come in.
Above all else, you must be dedicated to the changes you wish to see – Rome wasn’t built in a day. If you wish to expand your workforce and close your staffing gaps, you’re going to have to get creative.
But by following these easy yet somewhat unconventional tips, you can actualize a change in pace for your organization. Now go be the awesome hiring manager you know you can be!