Do Your Recruits Have the Right Soft Skills?

Good news: You’ve just onboarded new security workers into your organization. Now what? How can you help your recent hires continue to grow into productive security professionals? This article focuses on identifying key nontechnical skills needing development, also sometimes called soft skills, professional skills or employability skills. We first look at the nontech skills development for recent college graduates, then turn our focus toward more seasoned security employees.

According to Skills You Need, “while your education and experience may make you eligible to apply for a job, to be successful in the role you will need to exhibit a mix of skills.” Some of these include soft skills, but your employees’ current arsenal will vary depending on how long they’ve been in the business.

Here are some of the common issues you’ll likely encounter as you onboard employees:

Junior Recruits: Top Performer Syndrome

To start with, recent grads, especially those who were ranked as top performers in their studies, will have a certain arrogance and a sense of knowing it all. This should be addressed quickly but gently — avoid saying “you think you know it all, but it’s my job to show you otherwise” by guiding new recruits into putting all of this confidence and energy toward understanding their role in helping the business function. Dealing with this issue is especially important for any customer-facing recruits, regardless of whether customers are internal or external, since you want to avoid angering the people you’re supposed to serve.

Junior Recruits: Knowledge Transfer

A second issue needing fairly quick attention is the transfer of knowledge and skills from the classroom to the job. Students are notoriously bad at connecting the dots along their educational path. Even in successive classes on the same subjects, they often fail to apply the knowledge that they demonstrated in the introduction to the more advanced level.

Help students link their education to what they must now do at work. Even just pointing out the names of course subjects they may have taken will help them connect all the things they learned as distinct course topics (e.g., intro to psychology or finance) into their current environment.

Junior Recruits: Adapting to the Workplace

Millennials have been giving presentations since middle school; they know how to prepare a standard slide deck and speak to a class. However, the stakes were low, they had a captive audience and their goal was to demonstrate their knowledge rather than to explain how something works or how a problem can be solved.

Have recruits watch informal presentations by more seasoned staff and connect them with some of your best communicators to help prepare for the dynamic nature of informal presentations during team meetings. Assist them in learning how to explain their work in terms of its role within the larger project and the business as a whole.

Junior Recruits: Interpersonal Conflicts on Teams

While students have worked on teams for years during their schooling, they didn’t necessarily experience teamwork. Some student teams have too many leaders, too many superstars — those who are very good, but prefer to work by themselves — or too many slackers. Even if your recruit had a good teamwork experience, the duration of the project was only weeks or at most a couple of months.

Help your employees understand the nature of team dynamics. Guide them on how to address a potential problem with a co-worker: How can they try to address the issue on their own, when should they escalate the issue and to whom should they speak when they do?

Seasoned Recruits: Rapid Assessment

Managers should rapidly assess a seasoned recruit’s strengths and weaknesses and create a forward-looking plan to assist the recruit in putting down roots in the organization and continuing to develop professionally. Using the professional development plan from the previous employer can be a good starting point, but this is a unique time in the recruit’s life. Let employees reflect on their professional path, achievements and regrets before charting a refreshed path forward.

Ask open-ended questions about what the employee likes learning and doing, what they felt they were good at and what they felt they needed to work on. The goal is to help the recruit quickly feel at ease in the new workplace.

Seasoned Recruits: Knowledge Transfer and Intellectual Property

Seasoned recruits may need some guidance in terms of what may be considered intellectual property of their former employer (e.g., custom-built scripts to detect changes) as opposed to regular knowledge transfer (e.g., every system administrator should be able to write a custom-built script to detect changes).

Provide the seasoned recruit with access to someone who can help them make those determinations. Similarly, seasoned recruits may need guidance on what elements of their new job or new employer they are not at liberty to discuss, not even with their former co-workers.

Seasoned Recruits: Befriend the Administrative Staff

While rare, it is worth mentioning that seasoned recruits may have developed bad habits that include treating administrative staff with little respect. Remind your seasoned recruits of the value and service provided by administrative support staff. While they might take care of the little things, those little things can make your workplace a welcoming and efficient environment — or a nightmarish one.

Junior and Seasoned Recruits: Ethics

Every new employee should receive proper training on the ethical considerations related to the job and the workplace. This should be standard training provided by HR, but the subject may need some additional clarification or emphasis related to specific functions of a role. For example, while the system administrator may technically have the ability to read files on the system, doing so would be an ethical violation in addition to a likely violation of the organization’s privacy and terms of use policies.

Junior and Seasoned Recruits: Fit

Where do the new recruits fit in? Help the new recruits understand their role on a project, the team and their connection to the broader organization’s products and services. Employees want to know that they are making a difference, so explain how they are doing so. Help them understand and appreciate the work that goes on throughout the organization. Have a more senior employee available to answer their questions, even if such questions might seem candid (such as “why are we located in the basement?”).

Junior and Seasoned Recruits: Culture

Finally, and most importantly, teach your new employees about your organization’s culture, your work ethic and your way of doing things. Do you have a centralized or decentralized structure? Do you manage by walking around or are they expected to file periodic reports? Should informal questions be circulated by instant message, email, phone, text, walking over to someone’s desk or a combination of those depending on the subject and the urgency of the matter?

Ultimately, the professional development of your new recruit’s nontechnical soft skills should be linked to organizational goals, beneficial to the individual’s aspirations and viewed as both an investment in the employee and the organization.

More from CISO

Do You Really Need a CISO?

2 min read - Cybersecurity has never been more challenging or vital. Every organization needs strong leadership on cybersecurity policy, procurement and execution — such as a CISO, or chief information security officer. A CISO is a senior executive in charge of an organization’s information, cyber and technology security. CISOs need a complete understanding of cybersecurity as well as the business, the board, the C-suite and how to speak in the language of senior leadership. It’s a changing role in a changing world. But…

2 min read

What “Beginner” Skills do Security Leaders Need to Refresh?

4 min read - The chief information security officer (CISO) was once a highly technical role primarily focused on security. But now, the role is evolving. Modern security leaders must work across divisions to secure technology and help meet business objectives. To stay relevant, the CISO must have a broad range of skills to maintain adequate security and collaborate with teams of varying technical expertise. Learning is essential to simply keep pace in security. In a CISO Series podcast, Skillsoft CISO Okey Obudulu recently said,…

4 min read

The Needs of a Modernized SOC for Hybrid Cloud

5 min read - Cybersecurity has made a lot of progress over the last ten years. Improved standards (e.g., MITRE), threat intelligence, processes and technology have significantly helped improve visibility, automate information gathering (SOAR) and many manual tasks. Additionally, new analytics (UEBA/SIEM) and endpoint (EDR) technologies can detect and often stop entire classes of threats. Now we are seeing the emergence of technologies such as attack surface management (ASM), which are starting to help organisations get more proactive and focus their efforts for maximum…

5 min read

How the Talent Shortage Impacts Cybersecurity Leadership

4 min read - The lack of a skilled cybersecurity workforce stalls the effectiveness of any organization’s security program. Yes, automated tools and technologies like artificial intelligence (AI) and machine learning (ML) offer a layer of support, and bringing in a managed security service provider (MSSP) provides expertise that isn’t available in-house. But it isn’t enough, especially for the medium-sized businesses that would most benefit from an internal security team. However, the talent shortage doesn’t just impact present-day security concerns. The lack of a…

4 min read