The IT industry runs at the speed of light. With fast-paced advancements seemingly emerging by the minute, there’s a tall order to fill for anyone with the responsibility of technology hiring. Projections in 2019 predicted a deficit of nearly 4 million qualified candidates globally in cybersecurity alone. We’ve met that prediction and the numbers are continuing to swell. This shortage is potentially a major threat in the ability to counter increases in cybercrime worldwide. The challenges hiring managers are facing to attract qualified coders and cybersecurity specialists are daunting. An industry survey reported that 64% of HR respondents said they were planning to hire between 50 to 100 developers in 2021. Yet, in previous years, many companies were finding that those positions would remain empty for months, if they were filled at all. Challenges in Tech Hiring One of the problems plaguing the technology arena is attracting and retaining qualified candidates in a fiercely competitive IT hiring market. HR has had many occurrences where they interview candidates and finalize their selections only to be ghosted after sending an offer. With so many recruiters vying for the top picks in the market, it takes creativity, branding, and an impressive package of perks to hold a candidates’ interest. Indeed, technology hiring has become a balancing act of research, agility, and finesse. Finding options to filter out top candidates without solely relying on their resumes is another concern for recruiters. Verifying whether or not a candidate has the depth of knowledge required for the job can be time-consuming and expensive. Some individuals will list skillsets that they don’t have. Then assume that they can take a quick course in it if they need it. Tactics like these are glaringly problematic when a manager expects the candidate to hit the ground running. Options for circumventing these types of scenarios can include pre-employment testing software that assess levels of competency, personality, and culture. The ability to self-administer and score saves time and provides a larger pool of qualified candidates. Some managers will have an extensive list of skillsets they value in a candidate. However, it’s not always the case that it’s practical to find that list of skills in one candidate. Mid to Senior level prospects will most often fit within this broader criterion. However, companies with smaller budgets won’t be willing to pay for any more than one or two professionals at this level. New and intermediate employees may need experience and training to acquire all the skillsets the hiring manager requires. In this situation, IT recruiters face the challenge of convincing HR managers to have some flexibility and prioritize their wants and needs. Reaching a balance between an industry competitive salary and retention in a highly competitive market can be tricky. Cyber Specialists know that they are in great demand. They also know what’s at stake and what the workload and work/life balance will entail. Workers will want to be fully compensated for the crushing schedules and constant shifts in protocols. Those companies that manage to find and secure top talent have another challenge to weather, high turnover rates. When IT departments have to make do with a smaller crew than required for the job, burnout and frustration is a very real occurrence. This can lead to a revolving door of quality workers and a workload that continues to balloon due to a lack of consistency. For HR Managers, it’s an exhausting cycle. The majority of opinions floating about the industry on why we’re experiencing these crises tend to focus mostly on the lack of candidates. Yes, it's obvious that there are far more openings than there are candidates to fill them. However, there are more factors to consider. How did we get to this level of complexity and urgency when we clearly saw it coming? This trend was forecasted with enough time to implement strategies to avoid it. What happened? In hindsight, the biggest contribution to this situation was the lack of vision regarding the scale of cybercrimes and their complexity. The opportunity to invest in personnel and technology that could manage the enormity of current cyber-criminal activity was lost. Although the threat was acknowledged within IT circles, it remains not fully embraced by management. What Steps do we Take From Here? A great place to start turning things around is to incorporate cybersecurity specialists and coders into K-12 STEM education and community colleges. Campaigns and competitions are prime opportunities to engage the next generation and ignite interest in the field. Hiring less experienced personnel and contracting with training partners is another option. Implementing this strategy can lead to a sense of loyalty with staff and incentive for promotion opportunities. There is also a consideration for loosening educational requirements. A survey was taken that reported 35% of respondent developers referred to themselves as self-taught. This fact would imply some benefit into recruiting from the pool of candidates considered to be non-traditionally educated. It is feasible to conclude that this corner of the market includes highly skilled and passionate prospects that could prove to be highly valuable assets to any IT department. Cross-training current personnel within the IT department is another potential source of talent. Inquiring within other departments inside the company could also produce personnel willing to train and make the switch to IT. IT recruiters and hiring managers face a plethora of challenges that are critical and complex. From tight deadlines, detailed skillsets, and holding their own amongst a sea of competition, the work can be grueling. Technology hiring has evolved into more than identifying and delivering talent. The ability to stand out among the crowd, offer tech recruits the benefits they need while offering competitive compensation is a lot to deliver. However, through partnerships, lessons learned, and awareness, progress can be made. About the Author
Glenn Mabry is a senior Instructor / Security Researcher for Advanced Security. With over twenty years in intel and cybersecurity with both the public and private sectors, Glenn has a passion for cybersecurity. Glenn teaches cybersecurity topics such as Cloud Security, Exploitation and Penetration Testing. Advanced Security is a cybersecurity training network that gives the industry's top Subject Matter Experts the ability to showcase their skills and learners the advantage of staying ahead of the extremely fast-paced industry.
References: Codingame Developer Survey 2021 https://www.codingame.com/work/codingame-developer-survey-2021/ Top 5 IT Recruitment Challenges https://www.codingame.com/work/blog/find-developers/top-5-it-recruitment-challenges/ Top 7 Challenges in Recruiting IT Talent https://www.recruiter.com/i/top-7-challenges-in-recruiting-it-talent/ The Talent Shortage Crisis in Cyber Security and How to Overcome it. https://cybersecurity-magazine.com/the-talent-shortage-crisis-in-cyber-security-and-how-to-overcome-it/