Cyberattacks are an unfortunate reality of our digital world, which makes cybersecurity an issue of paramount importance for every business operating today. It's no wonder, then, that security analysts are in high demand. According to data from labor-insights provider Burning Glass, there have been more than 25,000 postings for security analyst jobs in the past 12 months, each taking an average of 37 days to fill. And given that security analysts are responsible for defending companies from cyberattacks, data breaches — and more — 37 days is an awfully long time to be without one.
So if you're one of the many looking to recruit a security analyst for your rank and file, finding top talent at top speed is imperative.
The below checklist can help guide you to your next great hire:
Ready to learn more about each of these steps and transform your recruitment strategy? Let's get started.
Being down one security analyst is like being down one security guard in your office building — it leaves your business vulnerable. And while every effort should be made to to fill the position as quickly as possible, careless speed isn't the answer, since making a bad hire can arguably leave you just as vulnerable (and eventually you'll have to start the whole process over again).
An efficient, well-paced hiring timetable is the answer: Use the diagram below to determine where your hiring process could be improved for efficiency.
The cornerstone of an attractive job offer is a competitive salary. To make sure you're offering a pay rate that's aligned with other employers in your field, it's important to know current averages and to understand any compensation insights that may impact what you need to offer.
For example, forecasted demand for security analysts (31 percent growth by 2029) has greatly outpaced salary growth for the role over the past five years (less than two percent rise in median salaries). This is incredibly surprising, given how important a role security analysts play in proactively figuring out how hackers can enter your system and how quickly they need to engage after a security intelligence alert. It'll help to keep your compensation levels top of mind as you hire, in the event that they begin to rise in the coming year.
To get a lay of the land in terms of national average salaries, make Randstad's salary guide your first point of reference. But since factors like location will also influence what counts as a great salary for security analysts, be sure to make use of our salary calculator to find up-to-date data on pay rates specific to your region.
Nailing down a firm list of necessary skills and certifications for a security analyst can be difficult because, as the volume and complexity of cyberattacks increase, their responsibilities are continually expanding. Even so, working with the hiring manager and key business leaders (and for this role, that could include the C-suite) to forge this list is critical to ensuring you attract applicants who are best suited to your specific needs.
Sort the items on the list into "must" and "ideal" categories. Perhaps you know that the candidate must be a Certified Information Systems Auditor (CISA), be proficient in Python and have experience in vulnerability testing. On the other hand, maybe it'd be ideal if the candidate was also a GIAC Certified Incident Handler (GCIH) with vast experience in penetration testing.
To give you a jump-start, here's a list of the most sought-after skills in the past year for security analysts nationwide:
information security
information systems
Linux
network security
threat analysis
security operations
vulnerability assessment
The very high demand for security analysts means there will be a very large amount of job descriptions for prospects to read through. By following these three basic guidelines, however, you'll give your job description a serious advantage when attracting candidates.
don't write like a robot
A mechanical listing of responsibilities written with stiff, detached language is no way to engage a prospect. Package the duty details in a pleasant tone, and establish a connection with the potential candidate by anticipating and showcasing the aspects of the job they'll want to know about.
For example, is the role concerned mostly with external attacks or internal procedures and software usage, or a combination of both? Also, breaches can happen fast and outside of business hours, so applicants will want to know how many people are on the team, what kind of support they'll have and what on-call duty may look like. Including such information demonstrates to prospects that your people truly understand the role.
show how the job is meaningful
Security analysts are the guards of a company's systems and networks — your hacker attackers and first responders to any cyberattack — making this job meaningful by any measure. However, it's possible for employers and analysts alike to lose sight of what it is they're working so hard to protect. Drive home how meaningful this work is by highlighting how their work benefits real people.
Does your data include personal and financial information? You're protecting families' livelihoods and well-being. What about cutting-edge medical research or healthcare information? You're protecting people's health. Anchoring the thrill and excitement of the job to the end-of-the-day purpose tells candidates that you recognize the true meaning of the work — and the value they bring to the table.
make it easy to skim
The key to an effective job description is making it easy to skim. Descriptions with long paragraphs and no clear rhyme or reason to the presentation of information read like a puzzle, and risk the job seeker losing interest. But how to make a description skimmable? Write front-loaded sentences (think punch line first) in short paragraphs, use bullet points for lists or quick statements and stick to a clear format so the information is tightly organized.
Want some more help? We've got you covered! Check out our guide to writing highly effective job descriptions for more pointers and insights.
Staying ahead of the curve is important in any industry. But given the breathless pace of technological change and increasing threat of cyberattacks, in the world of cybersecurity, merely keeping up is falling behind. Stay ahead — and stay secure — by aligning your hiring practices with industry- and role-specific trends.
Below are a few trends currently impacting the technologies industry as a whole, and security analysts in particular:
Demand for security analysts is expected to increase 31 percent by 2029.
The continued digitalization of healthcare information as well as a general increase in cyberattacks are credited as driving forces in the exploding demand for the role.
The overall cost of a single data breach for U.S.-based companies is estimated to be $8.19 million — so it's no surprise that security analysts are among the most sought-after tech professionals on the job market today.
When you're on the hunt for a security analyst, you're not looking for someone to just fill a chair. You're looking for someone to outsmart hackers by creating innovative prevention solutions, to provide rapid response to cyber intelligence alerts and to derail breaches before they happen.
Could you find some prospects up to this task on job boards, through word of mouth or company website applications? Maybe — but diversifying your approach will always lead to a better applicant pool.
The security of your company's networks and systems is of the utmost importance. And if you're looking to mitigate risk and maximize efficiency with this hire, consider upping the ante and partnering with a staffing firm. When you work with staffing experts, you not only get access to quality, vetted and prescreened talent, but you gain the benefit of their deep knowledge of the evolving technologies landscape. (After all, you'll have more hiring in the tech space to do after finding this security analyst.)
If you're ready to start, reach out to the experts at Randstad Technologies to help you find your next security analyst. Or, you can browse through our on-demand talent pool and learn more about potential candidates in our Find Employees portal.