Blog

Hiring Managers Lead on Entry-Level Cybersecurity Job Descriptions

Jul 07, 2022

Cybersecurity recruitment has long been a challenge, and companies often exacerbate the situation by setting unrealistic expectations, especially for entry- and junior-level roles. A common misstep is to require qualifications and years of experience that few junior jobseekers have.

In an industry with a workforce gap of 2.7 million worldwide, cybersecurity teams remain understaffed, potentially putting their organizations at risk. So, it pays to have a more realistic view of what to expect when devising a strategy to attract candidates for all cybersecurity roles.

Changing Expectations

Hiring managers are starting to grasp the wisdom of moderating their expectations when seeking junior cybersecurity practitioners, according to the findings of a new (ISC)² study on entry- and junior-level cybersecurity hiring practices.

The (ISC)² study suggests that organizations are more successful when hiring managers collaborate with HR on cybersecurity recruitment efforts. HR has nearly equal input in job descriptions when it comes to identifying non-technical skills and personality attributes key to career success but hiring managers and their teams take the lead when identifying technical skills, education and other qualities.

Hiring Managers Lead

Of course, this means having an open mind about less-experienced candidates. But as (ISC)² and other industry voices have stressed over the years, hiring cybersecurity staff isn’t exclusively about technical skills. In fact, the hiring practices study and other research have shown that non-technical skills can be just as important.

Attributes such as problem solving, creativity, analytical thinking and desire to learn rank high on the list of current cybersecurity professionals as important to have. So do non-technical skills such as ability to work both in a team and independently, verbal and written communications and project management.

Hiring Managers Lead 1

With that mind, it makes sense for cybersecurity personnel and HR to decide together what qualifications to include in job postings. The study revealed that significant numbers of organizations are doing just that.

Building Defenses

These findings are encouraging. They indicate that organizations have become more realistic about what to look for in cybersecurity job candidates. With input from both HR and cybersecurity personnel, organizations can more effectively identify and attract the right candidates.

To learn more, read the full report at https://www.isc2.org/Research/Cybersecurity-Hiring-Guide .