When you have one or more cybersecurity positions to fill, it’s only a matter of time before the pressure will start to mount to get someone in the role ASAP. You know you can’t just throw anyone in the role. When you consider that the top data breaches in 2018 affected more than 100 million people, finding skilled, experienced, trustworthy talent makes getting cybersecurity recruitment right that much more important.
Having a positive company culture and being active on social media are ways to raise the profile of your company and help with cybersecurity recruitment, but they won’t get you more resumes in your inbox like the right job description and a solid network of connections will. We’ve mined the expertise of our recruitment team to put together this list of cybersecurity recruitment tips to help you find better talent in less time.
Know Where to Look
Chances are the best and brightest in cybersecurity are already working at another company. It’s why most cybersecurity professionals will tell you they are contacted by recruiters on a near daily basis. To find the right candidate for your cybersecurity post, you will have to be more aggressive than managers hiring in other fields.
If you have a position that’s been open longer than six months and your traditional recruitment avenues have produced nothing, you need to look somewhere else. Are you attending local industry meetups? Do you know what local cybersecurity professionals are reading? Where are they chatting online? To find new talent you’re going to need to do some good old fashioned networking.
While this may seem like a challenge, for many companies it can be an opportunity to increase diversity. Breaking outside of your regular recruiting network and connecting with groups like Secure Diversity introduces you to candidates from different backgrounds who are likely to bring balance to your company’s experience set. For example, a report by Cybersecurity Ventures estimates women made up 20% of the cybersecurity workforce in 2019, so it’s clear there is still a lot of work companies can do to increase diversity in this field.
Look for Skills Not Just the Degree
One of the biggest mistakes companies make when it comes to cybersecurity hiring is immediately eliminating candidates without the required degree. Any hiring manager will tell you a great candidate has so much more than the required college degree, yet we see plenty of companies get hung up on this. Many companies are finding that experience, trustworthiness, and a range of skills are more important.
Focusing on candidates with an eagerness to learn and develop will open a new pool of great talent that’s likely to be more interested if your company offers them the opportunity to grow. Highlighting professional development opportunities and the value of growth as part of the company culture will entice motivated and talented job seekers to not only apply, but once hired, be likely to stay longer too.
Reexamine the Job Description
One of the toughest challenges in cybersecurity recruitment is getting the job description right. Often, a company may not even have the right job title, going unnoticed by dozens of great candidates who are searching for other titles.
If you have a job posting that’s been languishing unfilled for months, it’s time to take an honest look at what you’re putting out there to candidates. It may have one or more red flags that turn off promising talent. Start at the beginning with whoever wrote it. Was the description cut and pasted from other cybersecurity job descriptions? Is it asking the candidate to work the job of two or more people? If so, you’ll need to loop back with HR and come up with a better job description if you want to see new resumes come in.
Don’t Let HR Bog You Down
Speaking of HR, human resources can be a pain point for hiring managers and candidates alike. While they are working hard to check all the boxes, it can slow the process down, leaving candidates wondering if your company is really serious about filling the post. With an estimated 3.5 million cybersecurity positions expected to go unfilled by 2021, you will need to act in a timely fashion when a good candidate applies.
Know When to Ask for Help—And Who to Ask
Sometimes, you just don’t have the bandwidth to hunt down quality talent. Making connections and attending networking events takes time. Hiring a recruiter who can invest the resources into finding the right candidate can save your company time in the long run. Look for a recruiting firm that specializes in cybersecurity. Recruiters who don’t speak the language of cybersecurity and aren’t well-versed in the skillset you’re looking for won’t yield the same results a cybersecurity recruitment firm will.
Another way to shift your search into high gear is using the tool KnowMore. This talent matching platform is a resource for both job seekers and employers, allowing you to browse candidates, search by role, and even start a conversation directly with the candidate.
Acing cybersecurity recruitment begins with acknowledging that it’s different than filling other jobs. The specialized skill set and high level of trust required makes finding the right talent more difficult. By adopting these approaches, however, you can start to attract better talent faster.