Paula and Bernard Layton from Stanton Chase International, the top executive search firm, are talking about hiring cybersecurity specialists: what factors will get you a job, how much you can earn, and what do you need to do / to know to become a well-respected expert. As Bernard said… the sky is the limit!
Paula:
The interview is very special because you are not working in IT.
Bernard
Correct.
Paula:
But you are working in recruitment.
Bernard:
Yes.
Paula:
We’re going to be talking about all the important factors that people need to follow in order to get the job in a cybersecurity field.
Bernard
Exactly.
Paula:
Okay, perfect. So, a couple of words: Bernard works at Stanton Chase International, it’s a professional hiring company and Bernard himself hires cybersecurity professionals. Also senior and mid-management positions.
Bernard:
Exactly.
Paula:
You did over 2,200 searches, yeah?
Bernard:
Yeah, our organization is 74 offices in 45 countries and we do about 2200 searches a year across a number of segments, but IT and security are an important part of what we do.
The most demanded jobs in the cybersecurity
Paula:
Perfect. Well, you’re the perfect source of knowledge then. What are, in general, the most demanded jobs in the security field right now?
Bernard:
Well, I think the analyst role and project management role are the two top positions that are growing dramatically. The whole field is obviously growing dramatically. We are recruiting actively now for several project management roles in identity and access management, penetration testing, a number of technical disciplines, governance and compliance, risk management – all of these areas within the security privacy space. It’s focused on the analyst level and project management level.
Paula:
How would you, in general, valuate attractiveness of those jobs in comparison to other IT jobs? Let’s start maybe from salary because everybody wants to know that.
How much can you earn in the cybersecurity?
Bernard:
Right, first of all, I would say the demand is high for security. It’s very much in the minds of the board of directors to ensure that information security is managed effectively. It is also key to make sure that the compensation and the levels of the position in these companies are being managed carefully.
Paula:
Okay, could we, for example, name some amounts? More or less?
Bernard:
In the US on a project management level, you’re looking at anywhere from $80,000 to $120,000 level positions. And at the analyst level, little bit more junior, you’re looking more at the $60,000 to $100,000 level.
Before you start earning – get the certification
Paula:
Totally. In such a situation I believe that certification is important and anything that you can bring in to make your experience to be better, yeah?
Bernard:
Right, yes. CIS exam and many other ISSA designations are pretty critical in this space.
Paula:
That’s good to know.
Bernard:
So that will help in terms of their professional development, absolutely.
Who companies are looking for?
Paula:
That’s good. What are, in general, the companies seeking in that kind of candidates? What kind of candidate would you recommend to other companies?
Bernard:
Great, so I think the key here is ultimately leadership, interpersonal skills, the ability to multitask, many things that go beyond just the technical nature of the jobs. But understanding how to manage a project, meet timelines, meet performance expectations. The well-roundedness that is true of any job, even beyond IT, but it’s particularly important to progress with an IT background.
Paula:
It must be a very hard job because IT is actually famous for no interpersonal skills, you know?
Bernard:
Right, and so I think that’s the challenge, is people need to work on those project management skills particularly that help grow their careers.
IT professionals lack interpersonal skills, so they need to…
Paula:
What can people do? What would you recommend, for example, for IT guys to be like for those positions, and have this kind of skills? Like, should they present more, speak at the meetings?
Bernard:
Yeah, we use a phrase in our business, kind of stepping to the center of the stage and being the lead actor on the stage. In this case, it’s in this IT security space. To do that it takes an interpersonal skill set that they need to develop and work on, present more, put themselves in situations like RSA and more.
How many women work in cybersecurity?
Paula:
What about females in the cybersecurity field? Do you see them often, or how does it look like?
Bernard:
Yeah, it’s a very important area. Stanton Chase is known to be very focused on diversity initiatives and has received a number of awards in that direction. We see security as a forefront. And the demand is high for females in this field. The clients are begging for it. They need quality people. We have to attract more folks to that. So to do that is both a campaign to make that happen. So it’s an ongoing challenge.
Paula:
Okay, and do you see a lot of female cybersecurity specialists that are applying for a job? Or statistically, I guess it’s less because it’s kind of a men’s world. But is it growing?
Bernard:
I think it’s about the type of people that thrive in that space. It’s very technical in nature, it tends to be not as interpersonally focused. So I think the challenge is, how do you make it more compelling for the female population? I don’t see as many. I think it’s a small group.
Paula:
It is, yeah.
Bernard:
But we’ve got to work on that, absolutely.
Paula:
Of course, statistically, it’s less. But I see it’s growing because there is like more and more women engaged, so it’s good to good hear that.
Bernard:
And the companies need to be engaged in solving this as well, that hire the people.
When you’re a junior looking for a job in cybersecurity… A tip from Bernard Layton
Paula:
Yeah. What would be your advice, for example, for junior guys that are seeking jobs in cybersecurity? What would be your advice? How can they start?
Bernard:
Well, I think, you know, again, the educational background is key, and the accreditation backgrounds are key. They need to work to separate themselves from just the staff level capabilities. So ultimately, good old-fashioned hard work, putting the hours in, and learning through experience and developing that experience.
When you want to go higher level…
Paula:
Absolutely. What would be your recommendation for someone who is already in a security field and wants to be on the higher level?
Bernard:
Well, I think this gets back to this idea of project management skills, those interpersonal skills, leading by moving to the center of the stage.
Big need of the market for the cybersecurity jobs, but there are not enough people that are qualified
Paula:
Interesting. But in Financial Times they said that by 2019 we will be like 1 million soldiers. So short from the cybersecurity perspective. There’s a big need of the market for the cybersecurity jobs, but there are not enough people that are qualified for those. Or maybe they just don’t know it and they want to get there, yeah?
Bernard:
Yeah, we’ve gone through this several times in other fields as well. The industry as a whole needs to work together to make the roles more attractive, both economically, salary, but also in terms of the education and development of the people. So it’s going to take time, we don’t have time, right? There are too many roles to fill. But I think at the end of the day it’s a balance between the people working hard as well as the companies in the industry fostering that growth and development.
Paula:
Working hard never disturbs anyone.
Bernard:
Never disturbs anyone, that’s right.
Paula:
Well, thank you so much. Just a few works of a summary: the market is in the need of such specialists, both from techie part and also from the management part. I see from our perspective as a consulting company, when we get into different types of customers, there needs to be a little bit more education on board in the cybersecurity field because it’s a relatively new subject. It’s new to everybody, and we don’t know what to expect because it’s hackers and it’s in their minds what’s going to be the next threat, so we have to be ready for unknown. So the knowledge really covers that kind of approach. But from the market perspective, could you, in general, summarize how it looks in the different types of sectors? Is it more popular job in a banking career or medical or governmental?
Bernard:
Yeah, so I think all three of those areas are growth areas. Particularly in the United States, we have all sorts of rules around data breach, data reveal as it relates to medical records, so that’s a key growth area. The financial services of course, where money is stored, is a key area. We’re also seeing growth in markets like the consumer market and retail and many other markets where their credit card influence is involved and CPI and management of those sorts of access management. So we think the market’s dynamic, we think it’s growing, and the quality of the people is what it’s all about.
Paula:
This is all we need, yeah?
Bernard:
Yeah.
Paula:
Very, very useful tips. Make sure that you’re going to keep growing your skills in the cybersecurity, and if you want to get more details, click on the link, this will guide you through information also about the Stanton Chase International and also about things that we have to tell you what is important in education within the cybersecurity. Looking forward to seeing you there.