"I'm not going to be as bold as to say there is no unemployment among security professionals, but there is negative unemployment for highly-skilled security professionals.” ~ Lee Kushner.
When I was interviewing security recruiters and managers for my recent piece on retaining great security talent, Lee Kushner, founder and CEO of LJ Kushner and Associates, a recruitment firm for information security professionals, informed me that the current state of economic and unemployment woes we’re still hearing about around the country aren’t impacting security professionals to the extent that other industries are feeling them. Sure, there are still plenty of talented, skilled folks in security looking for jobs. But, according to Kushner, the highly-skilled, enterprising and self-starting security practitioners aren’t just gainfully employed – they’re being sought out by other companies who want to steal them away.
If you’ve got plenty of money in your budget for hiring and raises, this likely won’t make you too concerned. But what if you’re a small or mid-sized firm with tight budgetary resources? Or even a large firm experiencing some changes and downsizing and don’t have the money to keep your most talent security staff in place?
Money doesn’t have to be the only reason why employees are satisfied. In fact a survey from WorldatWork found there are many other ways companies are succesfully retaining employees. They include letting key employees know they’re essential to the business and discussing with key employees their future opportunities within the organization.
According to another source in my piece, Lenny Zeltser, a senior faculty member with SANS Institute and a product management director at NCR, offering a security-team member the chance to work with new technologies, or be exposed to new challenges, can provide a different kind of career growth that can also be satisfying and fulfilling.
"You might have a person who started as an entry-level help desk technician, became really good at trouble-shooting desktop-related problems, started dealing with malware infections, and then gradually became interested in malware analysis and incident response," said Zeltser, who said employees can still round out their skill set and, consequently, gain career benefits and, hopefully, increase job satisfaction.
What are some creative ways you have found to keep your security department satisfied and challenged?