Cyber security is a principal issue for many organisations and the COVID-19 pandemic has only heightened its significance. Large workforces are now working remotely and connecting across numerous collaboration tools and file-sharing platforms, not to mention the current increased state of cyber threat.
There’s no room for complacency when it comes to having an expert in-house cyber security team but how do you go about procuring and securing talent in a candidate-short market?
As cyber security recruitment specialists, we help organisations to find and secure the top talent and to adapt as the organisational needs and risks shift. Here are our top recommendations for employers on how to get the best candidates working for your business.
Firstly, It’s imperative to understand which skills you really need to best mitigate the risk within your organisation. Not all trained cyber security specialists are the same and understanding the nuances within the field is the first step to procuring the right talent. With access to the most extensive networks in the industry, we appreciate the spectrum of cyber security talent, from entry-level hackers, to CISOs and have come to learn how to best attract and vet these candidates.
In such a competitive space, organisations can’t expect their name to do the heavy lifting in attracting candidates. It’s not enough to simply outline the job requirements and expect that talent will flock.
Companies now need to go out of their way to not only sell the opportunity but the chance to work with them in general, and articulate how they differ from competitors.
Today it’s all about speed to market. Blink, and you could miss the best talent. Be quick to identify when you need to hire and act with urgency to make your needs known to the relevant pool of cyber professionals.
Clearly define the job specifications and the Employee Value Proposition (preferably 1 page). So often we see organisations with an EVP that is an amalgamation (read: dog's breakfast) of multiple iterations of the business over the years.
Ensure that you’re clear about what your values and culture are, why you’re different, what you can bring to the table for an employee, the benefits you offer and what you expect from your workers. If you’re stuck it might be helpful to chat to your current employees about what they feel about the business and the value it provides to them.
The recruitment journey doesn’t end when a candidate accepts the offer, or even signs the contract. Everyone knows that the two to four week notice period can be a difficult time for many new hires and needs to be handled with care and consideration.
Stay in contact with your new employee during this time and alleviate any dissonance a candidate may experience during this transitory phase. To not maintain a conversation is to risk losing them to another potential employer and the reality is, in this industry, a candidate can have up to five offers on their plate at one time.
Ensure you have a well structured Interview - Induction Schedule ready for new hires. Example:
Week 1: Preliminary interview (with 1-2 key stakeholders) Week 2: Secondary Interview (with 1-2 key stakeholders) DECISION
24 hours later: Offer in writing
2 days later: Follow up on contract
Weeks 4 - 8: Introduce them to the team, Invite them to a team zoom, maybe set up a team morning tea for when they start.
Remember, this is the first real experience that a candidate is having with your company - so make sure it’s a good one and that they feel valued and included.
Introduce your new cyber security professional to leaders within your company to give them a preview into other roles they can aspire to progress towards. In doing so, you are also connecting them with potential mentors who will help them to hone their craft and complementary business skills.
Be sure to discuss any available training and development programs or allowances your organisation might have that can go towards their professional development.
Paint a picture about how their role and the work they are doing contributes to the broader success of the company and impacts the industry at large. We know cyber security professionals are highly intelligent and driven individuals who are likely more motivated and fulfilled once they understand how their invested time and energy is contributing towards a greater cause.
If you’d like any more information about recruiting or retaining top cyber security talent, get in touch with the Decipher Bureau team. With offices across Brisbane, Sydney and Melbourne, and an experienced team around the world, we’d love to help you out.