How to Hire a Cyber Pro When Your Salary Offer is Low
Deidre Diamond
Founder and CEO, CyberSN | Founder, Secure Diversity | Co-Founder, Day of Shecurity Conference | Cyversity Board Member
Author - Mark Aiello, President, CyberSN, Originally published 12/02/20 on CyberSN.com
Hiring cybersecurity professionals is as challenging now as ever.
With a shortage of people actively looking, cyber pros can be picky about where they work and the compensation they earn. Not every company can afford to pay the same level of salary as Google, but that doesn’t mean they don’t offer a rewarding opportunity for cyber professionals.
Fortunately, there are things hiring managers and HR professionals can do to find talented people for those hard to fill cybersecurity jobs, even when the salary you’re offering might be lagging.
Move Quickly
Once someone makes a decision to seek a new opportunity, they’ve mentally left their current employer. When this happens it’s like turning on their radar and they become receptive to the outreach that comes their way, both cold and warm. We know that the average cyber pro receives two job inquiries a day. Every day spent debating a potential hire risks that they’ll speak with a firm willing to pay a lot more money than you. The faster you move someone through your hiring process, the less likely other companies will beat you to making an offer.
Take Stock of Your Stock (and Benefits)
When your salary is low, take inventory of everything else that you offer. Do you have stock options? How about an amazing health care plan? Retirement plans? How about flexible work environments and unlimited PTO? Open door policies or an accelerated career path? We see cybersecurity professionals taking less money when evaluating multiple offers because the compensation package as a whole makes the offer very competitive. Prepare a one-pager that explains all that you offer and make sure that everyone in the process is capable of discussing it with the candidate.
Be Friendly and Sell to the Candidate
You already know your salary offer will most likely be low. Make sure your attitude is high. Seems like common sense, right? Nope. Anecdotally, I estimate that 25% of all first interviews are rejected by the candidate because they didn’t leave with a good feeling. Make sure your words and actions convey that you’re an open and welcoming person and company. Remember that cybersecurity professionals are no different than any other human. They want to work for people who are nice and who value them. Let them know they’ll be valued if they come to work for you.
Send Thank You Notes After the Interview
What? Why should I send a thank you note? They should be sending one to me! Well, hopefully they do send one to you and you should always send one to them. It is a small gesture that makes an enormous statement about who you and your company are. I suggest you go on Amazon where you can buy a pack of 50 cards for $9.99. A thank you card is much more effective than a follow-up email. And there is nothing wrong with doing both. It will have a huge impact on the cybersecurity professional and most likely the first time it has ever happened to them.
Try a Resume Service
Resume services are nothing new, but can be surprisingly effective for relatively little money. We created our Resume Service, which we call Talent Scout, to serve clients who can’t afford a full search placement and that have the internal talent acquisition team who can interview and extend an offer.
Talent Scout takes one of the most difficult stages in the hiring process off your plate by identifying five candidates who are qualified and interested in your opportunity. We make sure each cybersecurity professional’s resume that we send is someone who is qualified and interested in what your company offers. We take the laborious process of identifying interesting candidates away from you and present cyber professionals for you to interview and close.
If your company keeps losing cybersecurity talent to bigger, better funded companies, you still have options. There are many cybersecurity professionals who seek smaller companies, close-knit work environments, and feeling like an important member of the team, not just a number. To secure qualified cyber pros, focus on the unique benefits your company offers, both financial and culturally. And don’t be afraid to ask for help when important cyber roles are going unfilled. The cost of securing some help today could save you the major cost of a data breach down the road.
If you’re looking for more tips on how to find skilled cyber pros, make sure to subscribe to our blog, or reach out to us. We’re happy to answer your cybersecurity hiring questions.
Product & Data Security
3 年Nicely captured. I've observed that jobs that pay less are, for some reason, more enjoyable. It's not a rule, but when you're decently paid to do something, it's not going to be a walk in the park, and expect to sacrifice something in return (experience, work life balance, professional development..). If you're in a highly paid cyber security position and you enjoy it, keep it - it's a unicorn ?? !
Security Leader, OCISO - Google | #GDS | #Veteran | #Settler
3 年If your salary is below market rate, increase it. Or lower your expectations of the role. Look for just one certification rather than 10. Look for 2 - 4 years experience not 6+. Add incentives such as training and certifications, working from home, annual trips to BlackHat or AWS Re:Invent etc.
Director of Digital Marketing and Workforce Development @lrksaurs on the web ~ Shares about #WiCySPwDaC #RaicesCyber #ISACAIllini #invisibledisabilities #workforcedevelopment #inclusion
3 年This is a great article!
Great article Deidre and thank you for sharing.