Cybersecurity Recruitment: What To Look For (Other Than A Degree)

startup business, software developer working on computer at modern office

A degree in computer science isn’t the only qualification for cybersecurity talent – it may not be the best indicator of a high-quality candidate either.

Cybersecurity recruitment has been a subject of concern in recent years for two reasons:

1.Cybercrime becoming more prevalent, publicized, and devastating

2.Increasing demand alongside a shortage of skilled candidates for available positions

The cybersecurity workforce gap has increased year over year. In the U.S., there is an estimated shortage of half a million candidates, and a global gap estimate of over four million people. This means that companies are competing with one another for a limited group of qualified talent, which can be addressed by improving your competitive advantage or by reconsidering what constitutes a ‘qualified’ talent.

To do this, it is important that you begin your  IT recruiting strategy with thinking outside the box, exchanging stringent education or experience requirements for a candidate who has the potential, and can be trained, to be a successful cybersecurity professional.

Less than half – 40% - of the current cybersecurity workforce has a degree in computer or information sciences, while the remaining 60% either have no degree or studied an unrelated field.

So, if a degree isn’t the only way to spot cybersecurity talent, what else can a recruiter look for?

Valuable Traits To Look For During Cybersecurity Recruitment

 

1. Certifications

Cybersecurity certifications, each with unique requirements and parameters, are useful in understanding a candidate’s skill level and knowledge. How recently the certification was earned, or renewed, can provide confidence in the freshness of the candidate’s skill set, as well.

Some common certifications include:

CISSP. According to ISC, 36% of cybersecurity professionals have the Certified Information Systems Security Professional (CISSP) certification, while another 26% hold the CISSP with a concentration in systems architecture, engineering, or management.

New call-to-action

CCNA / CCNP. The Cisco Certified Network Associate (CCNA) certification is administered and granted by Cisco, and comes with a concentration in Security. CCNA Security verifies that the certificate holder has associate-level skills to secure Cisco networks. The Cisco Certified Network Professional (CCNP) also comes with a Security concentration and verifies professional-level knowledge in security practices. According to ISC, 24% of cyber professionals hold a CCNA Security certification, while 17% hold a CCNP Security certification.

There are many additional certifications that provide insight into a candidate’s knowledge of cybersecurity, but these are the most prevalent. An updated, active certification shows that a candidate is motivated, engaged in continuing education, and committed to remaining abreast of recent changes in their field.

 

2. Memberships

In addition to voluntary certifications, cybersecurity professionals are often members of cybersecurity-focused organizations. Of these, current cyber professionals are members of organizations, including  ISC (48% of cyber professionals are members), CompTIA (24%), CSA (22%), and CIW (20%).

An active membership in a cybersecurity organization indicates a candidate’s interest in their field, dedication to ongoing learning and development, and engagement with current cybersecurity practices and changes.

Related Reading: Top 5 Tips for Cybersecurity Recruiting in 2020

 

3. Alternate Education

There are cyber training facilities that are not associated with traditional, four-year universities and colleges. These include training by the government (including the National Institute for Cybersecurity Education, or NICE), associate’s degrees offered at community colleges, and cybersecurity bootcamps – short, usually 8-week intensive programs offered in-person or online.

These alternate forms of cybersecurity education indicate a candidate’s motivation and interest in the topic, as well as their commitment to a career in cybersecurity.

 

4. Transferable Skills

Not every skill required for a successful career in cybersecurity is a technical skill. In fact, there are a number of different soft skills that can be developed in completely different positions, that are applicable to cybersecurity success. If you are looking out of the box for potential cyber candidates, look for people who are:

o   Methodical

o   Detail-oriented

o   Analytical

o   Adaptable

o   Enthusiastic

These skills can be found in a number of different fields, including candidates with military experience. As an added bonus, candidates with military experience are used to working in high-pressure situations, which is a critical skill for a person who must respond to a cyberattack in progress.

There are also skills that can be developed in potential candidates, including critical thinking, communication, collaboration, and strategizing.

In an environment where a lack of available candidates has created a cybersecurity shortage, at the same time that a growing concern with cybersecurity has increased demand, recruiters must think outside of the box in order to  attract and retain top talent. While a formal education and several years of experience are ideal for some positions, others can be filled successfully by candidates who have other qualifications: certifications, memberships, alternate education, or a strong foundation of transferable skills combined with enthusiasm.

Related Reading: Tackle IT Recruiting Challenges With A Temporary Staffing Agency

 

Leveraging A Cybersecurity Recruitment Agency

If your organization is concerned with building a strong cybersecurity team, considering options outside of rigid standards for education and experience is one option. Another is to enlist a third-party staffing agency partner with experience in recruiting candidates for hard-to-fill technical positions. Agencies also tend to have contact with passive candidates – those that are not actively job-seeking, but are interested in hearing about potential jobs as they become available.

Sparks Group is a nationally-awarded staffing agency, with deep experience in the evaluation and assessment of candidates, both for existing and potential skills. With a track record of proven success, Sparks Group can help you recruit and hire top cybersecurity candidates for open positions, reducing both cost and time to hire.

Connect with the recruiting experts at Sparks Group to discuss how we can improve your cybersecurity recruiting strategy and find top talent.

Find Talent


Sources:
[1] https://www.isc2.org/-/media/ISC2/Research/2019-Cybersecurity-Workforce-Study/ISC2-Cybersecurity-Workforce-Study-2019.ashx la=en&hash=D087F6468B4991E0BEFFC017BC1ADF59CD5A2EF

Written by Sparks Group

Sparks Group

View all posts by: Sparks Group

Partner with a leading staffing agency to find top talent for your growing team.

Find Talent