As the project manager at a large tech company, I always went to Jim when I needed help. While others on my team had more technical expertise, Jim was easy to work with. He explained technical concepts in a way anyone could understand and patiently answered my seemingly endless questions. We spent many hours collaborating and brainstorming ideas about product features as well as new processes for the team.

But Jim was especially valuable when I needed help with other developers — especially Bill, who was brilliant but not very good at communicating with anyone else in the office. Simply put, Jim was a leader. And he bridged the gap between technical and non-technical staff better than anyone I had ever met. If I was really struggling to get information from Bill or figuring out what he needed to deliver a component, I would ask Jim for help. And usually, with just a quick conversation, he could help me translate Bill’s technical needs into project manager speak.

Working With Others is Key in Cybersecurity

As collaboration in the workplace becomes more important than ever before, companies are increasingly looking to hire people like Jim over Bill. According to a survey of tech industry workers by Reign, 76% of managers thought soft skills were more important for success in tech jobs compared to 44.9% who said tech skills mattered most. Even more interesting, tech employees felt the same way. Employees (72%) ranked soft skills as most important, with 42% believing tech skills were more valuable.

When hiring for a cybersecurity position or looking for a job, it’s easy to focus on technical expertise. But I think it’s time to start thinking of technical expertise as the baseline requirement for a position. Soft skills should then be the reason you hire a specific tech employee over another once the expertise is relatively equal.

Yes, technical skills are a must for those working in cybersecurity. That’s a given. But even the most brilliant cybersecurity expert in the universe isn’t going to be very effective if they can’t share their expertise with others. And their brilliance can only go so far if they can’t collaborate with others who bring different skills to the table to create an innovative product or service.

Overall, a team member with poor people skills holds the team back and makes it very challenging to function as a high-performing unit.

Soft Skills are More Important With Hybrid Work

With the increase in hybrid work, soft skills are even more important than they used to be. According to McKinsey’s 2022 American Opportunity Survey, 58 percent of Americans can work from home at least one day a week, with 35 percent able to work fully remotely.

When everyone was in the office, it was possible to get by with mediocre soft skills. But working with people virtually requires a higher level of communication and collaboration. And the opportunity for miscommunication and frustration is even higher when working with others solely through video and email.

Team members must communicate proactively, such as when they make a change to a feature or spot a potential risk. In the past, you might remember to tell someone about an issue because you passed them in the hallway or saw them in the breakroom. But now, cybersecurity professionals must take the step to let everyone know about issues and changes without the visual reminder of seeing them in the office. While collaboration software helps, cybersecurity professionals must still proactively reach out.

Assessing People Skills During the Hiring Process

The cybersecurity industry has evolved in its assessment of tech skills, with many companies now using certifications and badging for hiring. Even with a spectrum of expertise for tools and skills, assessing tech skills is relatively black and white. Either someone has them or they don’t.

But soft skills are harder to assess. Doing so is relatively new, and it feels a bit uncomfortable. Making it even more challenging is that these skills can be very subjective. I thought one of the developers on my team was a poor communicator, but both Jim and Bill felt differently. Here are some ways to make assessing soft skills more accurate:

  • Include a range of roles in the interview process. Many organizations have applicants talk to employees with cybersecurity expertise, which is important. However, also have candidates talk to people who they will be working with on a day-to-day basis. For example, if the role involves collaborating with marketing and sales, include these roles in the interview process.
  • Create a list of soft skills to evaluate for each position. Talk to employees in that role and the people they work with closely to determine which people skills are most important.
  • Have interviewers use a scale for ranking skill levels. It’s hard to say whether or not someone is a good communicator in a yes or no question. But by using a numbered scale, interviewers can compare candidates and feel more comfortable with the evaluation.
  • Ask questions that highlight soft skills. If you only ask technical questions during the process, you have a lower ability to evaluate their people skills. Try asking about a time when a candidate disagreed with a coworker, or what they did the last time they were working on a project that ran behind schedule.

Collaboration Builds Success

Teams that work well together are typically the most successful. By hiring employees who can skillfully collaborate, you set up your team for success. And if Jim ever applies for a job with you, be sure to hire him. He’s awesome.

More from Intelligence & Analytics

Despite Tech Layoffs, Cybersecurity Positions are Hiring

4 min read - It’s easy to read today’s headlines and think that now isn’t the best time to look for a job in the tech industry. However, that’s not necessarily true. When you read deeper into the stories and numbers, cybersecurity positions are still very much in demand. Cybersecurity professionals are landing jobs every day, and IT professionals from other roles may be able to transfer their skills into cybersecurity relatively easily. As cybersecurity continues to remain a top business priority, organizations will…

4 min read

79% of Cyber Pros Make Decisions Without Threat Intelligence

4 min read - In a recent report, 79% of security pros say they make decisions without adversary insights “at least the majority of the time.” Why aren’t companies effectively leveraging threat intelligence? And does the C-Suite know this is going on? It’s not unusual for attackers to stay concealed within an organization’s computer systems for extended periods of time. And if their methods and behavioral patterns are unfamiliar, they can cause significant harm before the security team even realizes a breach has occurred.…

4 min read

Ex-Conti and FIN7 Actors Collaborate with New Backdoor

15 min read -   April 27, 2023 Update This article is being republished with modifications from the original that was published on April 14, 2023, to change the name of the family of malware from Domino to Minodo. This is being done to avoid any possible confusion with the HCL Domino brand. The family of malware that is described in this article is unrelated to, does not impact, nor uses HCL Domino or any of its components in any way. The malware is…

15 min read

The Needs of a Modernized SOC for Hybrid Cloud

5 min read - Cybersecurity has made a lot of progress over the last ten years. Improved standards (e.g., MITRE), threat intelligence, processes and technology have significantly helped improve visibility, automate information gathering (SOAR) and many manual tasks. Additionally, new analytics (UEBA/SIEM) and endpoint (EDR) technologies can detect and often stop entire classes of threats. Now we are seeing the emergence of technologies such as attack surface management (ASM), which are starting to help organisations get more proactive and focus their efforts for maximum…

5 min read