Cyberattacks are an unfortunate reality of our digital world, which makes cybersecurity an issue of paramount importance for every business operating today. It's no wonder, then, that security analysts are in high demand. According to data from labor-insights provider Burning Glass, there have been more than 25,000 analyst postings in the past 12 months, each taking an average of 37 days to fill. And given that security analysts are responsible for defending companies from cyberattacks, data breaches — and more — 37 days is an awfully long time to be without one.
So if you're one of the many looking to recruit a security analyst for your rank and file, finding top talent at top speed is imperative.
The below checklist can help guide you to your next great hire:
Ready to learn more about each of these steps and transform your recruitment strategy? Let's get started.
with the number of cyberattacks increasing every year, it's critical that every business today prioritizes cybersecurity.
speed up your hiring process
Being down one security analyst is like being down one security guard in your office building — it leaves your business vulnerable. And while every effort should be made to to fill the position as quickly as possible, careless speed isn't the answer, since making a bad hire can arguably leave you just as vulnerable (and eventually you'll have to start the whole process over again).
An efficient, well-paced hiring timetable is the answer: Use the diagram below to determine where your hiring process could be improved for efficiency.
develop a competitive compensation package
The cornerstone of an attractive job offer is a competitive salary. To make sure you're offering a pay rate that's aligned with other employers in your field, it's important to know current averages and to understand any compensation insights that may impact what you need to offer.
For example, in the past five years, demand for security analysts (more than 28 percent) has greatly outpaced salary growth (less than two percent rise in median salaries). This is incredibly surprising, given how important a role security analysts play in proactively figuring out how hackers can enter your system and how quickly they need to engage after a security intelligence alert. It'll help to keep your compensation levels top of mind as you hire, in the event that compensation levels begin to rise in the coming year. Factors like location will also influence what counts as a great salary, so be sure to make use of our salary calculator to find up-to-date data on pay rates specific to your region.
identify the top skills for security analysts
Nailing down a firm list of necessary skills and certifications for a security analyst can be difficult because, as the volume and complexity of cyberattacks increase, their responsibilities are continually expanding. Even so, working with the hiring manager and key business leaders (and for this role, that could include the C-suite) to forge this list is critical to ensuring you attract applicants who are best-suited to your specific needs.
Sort the items on the list into "must" and "ideal" categories. Perhaps you know that the candidate must be a Certified Information Systems Auditor (CISA), be proficient in Python and have experience in vulnerability testing. On the other hand, it maybe it'd be ideal if the candidate was also a GIAC Certified Incident Handler (GCIH) with vast experience in penetration testing.
To give you a jump-start, here's a list of the most sought-after skills in the past year for security analysts nationwide:
know what your company needs from a security analyst: should they have a CISA credential or have experience with vulnerability testing?
write an eye-catching job description
The very high demand for security analysts means there will be a very large amount of job descriptions for prospects to read through. By following these three basic guidelines, however, you'll give your job description a serious advantage when attracting candidates.
1. don't write like a robot
A mechanical listing of responsibilities written with stiff, detached language is no way to engage a prospect. Package the duty details in a pleasant tone, and establish a connection with the potential candidate by anticipating and showcasing the aspects of the job they'll want to know about.
For example, is the role concerned mostly with external attacks or internal procedures and software usage, or a combination of both? Also, breaches can happen fast and outside of business hours, so applicants will want to know how many people are on the team, what kind of support they'll have and what on-call duty may look like. Including such information demonstrates to prospects that your people truly understand the role.
2. show how the job is meaningful
Security analysts are the guards of a company's systems and networks — your hacker attackers and first responders to any cyberattack — making this job meaningful by any measure. However, it's possible for employers and analysts alike to lose sight of what it is they're working so hard to protect. Drive home how meaningful this work is by highlighting how their work benefits real people.
Does your data include personal and financial information? You're protecting families' livelihoods and well-being. What about cutting-edge medical research or healthcare information? You're protecting people's health. Anchoring the thrill and excitement of the job to the end-of-the-day purpose tell candidates that you recognize the true meaning of the work — and the value they bring to the table.
guarding complex systems and networks every day, the work of security analysts is incredibly meaningful in today's digital world.
3. make it easy to skim
The key to an effective job description is making it easy to skim. Descriptions with long paragraphs and no clear rhyme or reason to the presentation of information read like a puzzle, and risk the job seeker losing interest. But how to make a description skimmable? Write front-loaded sentences (think punch line first) in short paragraphs, use bullet points for lists or quick statements and stick to a clear format so the information is tightly organized.
Want some more help? We've got you covered! Check out our guide to writing highly effective job descriptions for more pointers and insights.
brush up on the latest industry trends
Staying ahead of the curve is important in any industry. But given the breathless pace of technological change and increasing threat of cyberattacks, in the world of cybersecurity, merely keeping up is falling behind. Stay ahead — and stay secure — by aligning your hiring practices with industry and role-specific trends.
Below are a few trends currently impacting the technologies industry as a whole, and security analysts in particular:
Demand for security analysts is expected to increase 28.5 percent by 2026.
The continued digitalization of healthcare information as well as a general increase in cyberattacks are credited as driving forces in the exploding demand for the role.
As both cyber threats and analyst demand increase, a shortage of two million cybersecurity professionals worldwide is predicted for 2019 alone.
Of course, there's always more to learn, so refer to our comprehensive guide to 2019 hiring trends in technologies for more information on industry trends that will impact your talent hunt.
demand for security analysts will continue to grow — a 28.5 percent increase is expected by 2026.
choose your channels to find candidates
When you're on the hunt for a security analyst, you're not looking for someone to just fill a chair. You're looking for someone to outsmart hackers by creating innovative prevention solutions, to provide rapid response to cyber intelligence alerts and to derail breaches before they happen.
Could you find some prospects up to this task on job boards, through word of mouth or company website applications? Maybe — but diversifying your approach will always lead to a better applicant pool.
The security of your company's networks and systems is of the utmost importance. And if you're looking to mitigate risk and maximize efficiency with this hire, consider upping the ante and partnering with a staffing firm. When you work with staffing experts, you not only get access to quality, vetted and prescreened talent, but you gain the benefit of their deep knowledge of the evolving technologies landscape. (After all, you'll have more hiring in the tech space to do after finding this security analyst.)
If you're ready to start, reach out to the experts at Randstad Technologies to help you find your next security analyst. Or, you can browse through our on-demand talent pool and learn more about potential candidates in our Find Employees portal.