Six entry-level cybersecurity job seeker failings

Here's how many cybersecurity entry-level job seekers fail to make a great first impression.

When it comes to hiring, enterprise security teams can use all of the help that they can rally. When hiring entry-level talent, that’s not as easy as it may seem — many times because entry-level applicants don’t do everything they could to help their cause.

For years a dearth of young professionals interested in cybersecurity has existed, but that could be changing for the better. This is both good news and bad news for cybersecurity job seekers. While the competition for these positions will be heating up (bad news), the good news (for job applicants, anyway) is that number of openings remains vast. According to the Global Information Security Workforce Study, the cybersecurity talent skills shortage remains stark. By 2022, there will be a 1.8 million worker shortage – a 20 percent increase since 2015, this Frost & Sullivan for the Center for Cyber Safety and Education survey predicts.

The good news for organizations is that more potential employees entering the workforce are interested in careers in security. A report published last fall from the National Cyber Security Alliance and the U.S. defense contractor Raytheon, Securing Our Future: Closing the Cybersecurity Talent Gap found that not only are young adults  hearing about cyberattacks more often (64 percent in 2016 compared to 36 percent in 2015 within the U.S.), but awareness of what cybersecurity professionals do has increased. The number of those who have identified what cybersecurity programs are available to them and of millennials who say they are more likely to choose a career to make the internet safer have also risen. The latter is up 43 percent in 2016 from 33 percent in 2015 for men, and from 24 percent to 30 percent for women.

Whether the job market is abundant or tight, job applicants have to make the right moves to succeed and get the best position they can. To find out what security executives seek today, we reached out to those who make, or help make, hiring decisions today. He’s what they see as the most damaging things entry-level cybersecurity job-seekers do:

1. Fail to show oneself as a team player

Sounds like a no-brainer, right? It’s not. Many of the hiring executives we spoke with say that personality can – and often does – trump technical assets.

This is especially true as more and more information security roles interface with the rest of the business. It’s essential that applicants be themselves – amiable, articulate and able to prove that they can work with different areas within the organization. This is more important because as more enterprises embrace DevOps, continuous integration and delivery pipelines, security teams are working more closely with operations teams, development teams and business managers than ever before. Communication is essential.

Chris Blow, offensive security lead at Liberty Mutual, says having the so-called “soft skills” is crucial for success. “If you get hired right out of college, employers will send new hires to training on many aspects of the technology needed for their job. “You need to know how to communicate and communicate effectively. You see the situation all of the time,” says Blow. “Developers and security professionals don’t communicate well with each other and things break down,” Blow says.

2. Sell oneself as a jack-of-all-trades

“Entry-level applicants across almost all verticals of information security make the mistake of trying to be a one-size-fits-all candidate,” says Boris Sverdlik, head of security at Oscar Insurance. “Security is broken up across many verticals and even among those who are experienced. It's almost impossible to be well versed in all aspects,” he says.

To continue reading this article register now

7 hot cybersecurity trends (and 2 going cold)