How to attract Cyber Security talent into your organisation

How to attract Cyber Security talent into your organisation Image 1

As specialist recruiters in the world of cyber security, we are often asked by our clients for suggestions on how to attract Cyber Security talent into their organisations. According to Cybersecurity Ventures Research there will be over 3.5 million unfilled cyber security jobs by 2021 (globally I must add) and a recent survey by RSA indicated that only 26% of CISO’s felt that their company was ready to respond to a cyber threat (and that’s the companies that have CISO’s – some ASX listed businesses still don’t!). The market for talent in Information Security is extremely competitive as Australian companies face bigger threats year on year. Being equipped with the right talent to help mitigate these risks is as important as ever.

Consider the following points on attracting top Cyber Security talent into your organisation:

Money isn’t everything

But it helps. Many of the cyber security professionals we work with are motivated by more than just money. It’s important to pay your people well, but a recent survey of jobseekers in this space suggested that working with a competent team and having a supportive and able manager is just as important. Ensure that you allocate time for team collaboration and that your leadership team is on point. Pay market rate or above for the skills you are hiring otherwise you may lose talent to your competitors.

Have a clear training budget

InfoSec professionals are passionate about learning and developing their skills. Having a training budget, whether it be for courses or conferences is an important addition to your offering. In this fast growing sector enabling your people to be ahead of the curve is imperative and it will also help attract the best talent to your organization as well as keeping the ones that matter.

Consider allocated “research” days

Many of the top people in this industry self-learn; do their own research and keep up to date with industry changes. For minimal cost, allocating a research day every 3 months to allow them to do this can be an attractive proposition.

Keep entry requirements flexible

“CISSP, CISM, SABSA and OSCP are essential with a minimum of 20 years cyber security experience” - We see this all too often on job advertisements but it won’t get you the top talent. Be flexible on entry requirements – people grow into roles and learn essential on the jobs skills. Dictating strict application requirements deters some of the brightest talent in the industry. Ensure you are being realistic with your expectations.

Don’t rely on job adverts

Advertising on job websites can work but won’t always get you the best people in the market. In this highly competitive industry good security people tend not to be scouring job ads for the next opportunity. Explore other options such as networking, referrals and appointing a specialist recruiter who has invested time and knows the market well.

Ensure your recruitment process is smooth

Shoddy recruitment processes are rife and will send a poor message to potential hires. Ensure a clear process that’s not too long and is communicated well to candidates. Having someone co-ordinate this for you is helpful. All to often candidates are put off by poor processes meaning companies miss out on the best talent.

Consider being opportunistic

Businesses that have taken an opportunistic stance on recruitment have been able to secure some of the top talent in the industry. An ability to create opportunities when these top tier individuals become available has ensured these companies are better equipped to navigate the headwinds more effectively.

Consider hiring entry level talent

Career changers, graduates and internal movers can sometimes turn out to be the best hires one can make. Individuals that show promise and can demonstrate a passion & drive for cyber security need to be given a chance in the industry. Bringing greater value whilst been given the opportunity to flourish, entry level talent can become your most loyal personnel.

If you are looking for advice on how to attract the best cyber security talent into your organisation then we can help - The Decipher Bureau specialise in recruitment for Asia-Pacific’s growing cyber and information security industry. Established in 2014, with offices in Sydney, Brisbane, Melbourne and Singapore - we are powered by experience.