How to retain the best talent in a competitive cybersecurity market
We are currently experiencing The Great Resignation, where millions of people are leaving their jobs in search of increased satisfaction. The global pandemic gave many the time to think about what work means to them, their contributions to the industry and the organization they are a part of, how they spend their time, and most importantly, how a career may fulfill their lives.
As a result, hiring and retaining the best talent has quickly become a top priority for most organizations today. In the cybersecurity industry, which faces an immense skills shortage, this is especially true. In fact, according to CompTIA and Cyber Seek, a job-tracking database from the U.S. Commerce Department, there are nearly 500,000 open positions in cybersecurity nationwide as of Q2 2021, which makes hiring the right candidate for a technical role in IT security like finding a needle in a haystack. As a result, it’s never been more important to attract and develop employees in cybersecurity – and here are a few best practices for doing so.
Retention is not a one-size-fits-all initiative
Every employee and organization are different. Even in an industry with a talent deficit, employee/employer culture needs to be symbiotic. What an employee and an employer are looking for must be aligned and when it is, the opportunities are endless.
Employee retention will never be a “one-size-fits-all” initiative, which means hiring managers and HR leaders must make the time and investment to understand their employees and the company at large. This starts with understanding what your employees are doing daily. To gain such an understanding, it’s important to have regular communication with employees, seek ways to address their pain points and particular needs, while also recognizing and rewarding a job well done. Additionally, transparency is often valued by most employees, so having open, honest discussions with employees about company trajectory, job performance and other important factors will help keep them for the long run.
Job satisfaction means making an impact in the industry
In cybersecurity, employees are often exposed to several aspects of technology and innovation. What I’ve learned from several conversations with employees is that ultimately, people want to work for organizations that are developing cutting-edge technology and making a real impact in the industry. They want to contribute to the solutions that are solving today’s most important problems – and in IT security, where cyber threats are looming and threatening organizations regularly, there’s an immense opportunity to play such a rewarding, impactful role.
It’s up to the employers to share a vision with employees. Employees must realize how their contributions impact the company, customers, and the landscape. Often, employees may not realize that they’re contributing to solving a major, real-world issue, so it’s up to leadership – including HR leaders – to regularly communicate why the company exists, the difference it’s making, and how each employee plays a role in the responsibility.
What attracts security professionals to a company is the power and impact of the technology and the experience they can receive. Once that has been established, it’s time to ensure you’re providing them with a positive, rewarding and fulfilling work environment.
Evaluating your organization’s work environment
It is up to company leaders, in HR and beyond, to regularly evaluate the work environment. For example, look at progression within the organization – are employees growing in their careers and do they have variety in their day-to-day routine? Variety can mean working with different technologies or solving different problems in the industry.
In terms of progression, are employees moving up in the organization? Do they feel like they are a part of the narrative? More importantly, do they have the proper support and resources to do so, such as training, guidance, and mentorship? These are hard questions to ask but the answers to them can make all the difference in increasing retention.
Additionally, for most employees, the work environment must consist of people they enjoy working with. Employees want to like their boss and their co-workers, while believing in their company’s mission overall. Have regular team meetings and grant teams the opportunity to meet for other reasons than just work – encourage team happy hours (virtually or safely in-person, if possible) and give them a budget for team-building exercises.
For example, in my current position as SVP of People, we host Friday community days in the office, as well as quarterly “Connection Events” that bring together coworkers and leaders across all functions outside of work to engage socially or in a volunteer capacity. Getting to know each other is key to working better together.
Lastly, when evaluating the overall work environment, one can’t overlook compensation and the ultimate package when staying with a company through the years. Ensure compensation is competitive in the industry, and when evaluating the overall package, consider other benefits and access to growth opportunities.
The Great Resignation, combined with the ongoing cybersecurity skills gap, has increased the pressure on HR leaders to find, recruit and retain top IT security talent. For most, retaining the right talent of top performers creates the next generation of cyber experts over time.
With the best practices outlined above, HR managers have the right guidance to evaluate their current model, make appropriate changes, and overall, ensure their employees stay satisfied while on the job, making all the difference.