• United States



Cybersecurity pros should beware of exploding job offers

Mar 11, 20163 mins
CareersCyberattacksInternet Security

Tips and insights for cybersecurity job-seekers

If you’re an experienced cybersecurity job-seeker, then you ​might receive an ‘exploding job offer’ — a phrase used by headhunters and corporate recruiters which refers to a job offer that is retracted if it’s not accepted within a short specified amount of time.

There are 1 million cybersecurity job openings in 2016. “The cybersecurity job market is on fire,” says Veronica Mollica, founder and executive information security recruiter at Indigo Partners. “Our candidates are facing competing offers from multiple companies with salary increases averaging over 30%. Current employers are scrambling to retain talent with counter offers including 10% and higher salary increases for information security team members to remain on board.”

Demand is expected to rise to 6 million globally by 2019, with a projected shortfall of 1.5 million, according to Michael Brown, CEO at Symantec, the world’s largest security software vendor. As a result, some employers and search firms may be overly aggressive and use risky hiring practices in their efforts to lure and hook candidates.

[ ALSO ON CSO: 8 tips for recruiting cybersecurity talent ]

If you’ve never received an exploding job offer — it sounds like this — “We would like to offer you the cyber incident response analyst position but we need an answer within 48 hours.” The recruiter or hiring manager may go on to explain there are other candidates ready to take the position, the start date is in a couple of weeks, and they must have an immediate answer from you.

Hurry-up-and-make-a-decision offers should generally be avoided. First off, you may be dealing with a situation where someone isn’t being entirely honest with you. Second, if what they are saying is true – then there are plenty of other jobs out there and you may not be giving yourself enough time to explore them and maximize your worth. Candidates are in hot demand now and that gives you the luxury of time to carefully examine your next career move – and negotiate a compensation package that is fully commensurate with your background.

In case you missed them last month, CSO’s Top 5 cybersecurity job hunting tips are:

  1. Be patient
  2. Skip the job boards
  3. Use a LinkedIn profile, not a resume
  4. Don’t rely too heavily on your personal contacts
  5. Go to industry conferences

Now you can add no. 6 to the list — pass on exploding job offers.

The cyber incident response analyst passed on the corporate job and took her experience to an emerging forensics firm who offered better pay and a more rewarding career path. It pays to wait.


Steve Morgan is the founder and CEO at Cybersecurity Ventures and editor in chief of the Cybersecurity Market Report. The Cybersecurity Market Report is published quarterly and covers the business of cybersecurity, including global market sizing and industry forecasts from consolidated research by IT analyst firms, emerging trends, employment, the federal sector, hot companies to watch, notable M&A, investment and IPO activity, and more.