Tips on hiring and keeping security pros

IT shops need to improve the way they hire and retain information security professionals, as demand for the job is set to reach a fever pitch in the industry, according to Adam Winnington, director of technical services at Toronto-based Source 44 Consulting Inc.

Speaking to attendees at Tuesday’s SC Congress Data Security Conference and Expo in Toronto, the security hiring guru said regulatory demands and the trend of many industry veterans leaving for more lucrative auditing and risk management jobs has led to a shortage of security professionals throughout North American and Europe. He pointed to various U.S. and U.K.-based government reports, which call for the need for thousands of security people that have specialized skills to work in cyberspace.

“You have to keep your (security) employees, because now the government is going to try luring them away too,” Winnington said.

In order to keep security professionals happy, Winnington advised IT leaders to figure out what their staff wants to accomplish in their career and feed into that.

“Some just want to work with new technology and you can put them in the backroom, slip them a pizza every once and awhile and they’ll stay on-board,” he said. In addition to guiding your security experts on a career path that interests them, investing in training programs and providing incentives for employees that take these courses can be a huge benefit to the company.

He added that working in a few extra perks, such as extra vacation time and one day a week where they can dive deeply into personal projects, can be useful to retain staff.

Winnington said internal “tool masters” can assist and mentor incoming staff and new graduates, which helps keep training costs down. “Give these tool masters a few extra thousand dollars and than let them train everybody else,” he said.

For companies looking to find new security pros to hire, Winnington said that he looks for candidates that have been “scarred” with a few years of desktop support experience. “Their first instinct is usually to help users, so it’s something I look for,” he said.

Other skills to look for include candidates with a broad base of offensive and defensive hacking skills and the ability to communicate well in a team environment.

“If your mom doesn’t understand what you’re talking about, the manager probably won’t as well,” he said.

Winnington advised IT leaders looking to hire new graduates to craft very specific job ads that focus on the primary aspects of the position. Skills that support and back up the rest of the team should be a secondary consideration, he added.

According to a survey of 376 U.S. organizations that are members the IBM user group SHARE, only eight per cent of responding hiring managers would rate IT graduates as “well-trained” and “ready-to-go.”

The study found that nearly four out of 10 respondents cite IT hires as not sufficiently prepared to perform their jobs within their companies, with 44 per cent of those surveyed concerned about “noticeable gaps” in the skills of recent graduates.

For Winnington, the best way to deal with new graduates is to pay attention to what courses they took throughout their university or college degrees and how those skills can help fill in security gaps at your organization.

“But I’m not a big fan of certifications,” Winnington said. “You should build a lab with a simple setup, put together a scenario and test them. If they can troubleshoot in an interview setting, they can handle your customers.”

– With files from Michael Cooney, Network World U.S.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Article

ADaPT connects employers with highly skilled young workers

Help wanted. That’s what many tech companies across Canada are saying, and research shows that as the demand for skilled workers...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now