June 29, 2018 By Kacy Zurkus 4 min read

The job market today is tighter than it’s been in two decades, and the IT talent shortage is intensifying. Organizations are having more trouble than ever hiring IT professionals with security experience — and candidates are turning down new positions left and right.

The typical scenario: A candidate submits a resume and references, sits through interview after interview — and then waits for an offer letter. Before long, he or she begins to wonder whether the job is the right fit. Then, when the job offer finally arrives, the candidate decides to pass.

The problem: The hiring process is impersonal. With so many competitors vying for scarce talent, employers must make hiring more consultative.

Size Matters When Hiring IT Professionals

“Working at a startup, the process is very personal,” said Ben Gregg, talent manager at mobile telematics firm TrueMotion. “In fact, it’s very rare for me to ever make an offer and have it turned down.”

This intimacy tends to diminish once companies start to grow, however. Larger organizations often feel the need to set up checks and balances, which typically involves a system for getting things approved.

“If it’s not done well and there are multiple stages of approvers — hiring manager, HR [human resources] approver, business unit approver, finance approver — and only one approver designated for each stage, the process can get bogged down,” Gregg said.

Consider the impact on timing that would result from just one of those people dropping the ball. Even worse, think about those larger organizations in which the CEO has to approve all hires. The process can become painfully slow for all parties involved — particularly for companies that have established specific days of the week for handling hiring approvals.

In some organizations, an approval request can only find its way onto the list if it is submitted by a specific day. For example, hiring managers who miss a Friday deadline for a Wednesday approval must then wait an additional week before the request gets on the list, pushing the offer date off by nearly two weeks.

Getting the approval needed to even present the offer can sometimes take up to six signatures — far too long a wait for candidates that are in high demand. A multistage approval process will inevitably have roadblocks.

“It’s crazy,” said Deidre Diamond, founder and CEO of CyberSN, a cybersecurity staffing agency. “It can be something like the CEO is on vacation or the company needs to do an audit, so that puts everything on hold.”

Meanwhile, the candidate has been ready to go for two weeks.

How Can Hiring Managers Personalize the Recruitment Process?

Whether it’s a new reality driven by a workforce largely populated by millennials or a function of changes in social norms, candidates don’t want to sit through a grueling interview process in which they regurgitate the same work experiences they have detailed on their resumes.

“Candidates want to know the vision of the company and the team, yet those are the two things that hiring managers leave out all the time,” Diamond said. “The company that wins is the one that delivers the candidate the greatest understanding of what they are doing every day, what everyone else is doing and how it all leads to an overall plan.”

Short of knowing where they fit into the vision of the company, most interviewees aren’t tremendously motivated to leave their current positions and risk walking into chaos. Instead, they are using the interview process to vet companies. Therefore, companies must create what Diamond called a “crystal ball” — where candidates can envision what they are doing, what the team is doing and what the company is doing.

The hiring organizations that wait until the offer letter is on the table to paint that picture will likely have a slim chance of closing the deal. In today’s market, according to Nick Cromydas, co-founder of recruiting platform Hunt Club, companies looking to hire are fighting a war over great people.

“It’s about building relationships first as opposed to treating the hiring process as a transaction,” Cromydas said. “The very first conversation should be getting to know the person who might be joining the team — asking questions about their career ambitions, not their work experience.”

Time Is Not on Your Side

It takes time to properly communicate what the company is offering, yet Diamond and Cromydas agreed that time is the greatest obstacle to getting the job offer right. Most organizations don’t look at the big picture of the process because they have neither the bandwidth nor exceptional managers who prioritize the process.

“It’s hard to break away and do it right unless it is a priority, which happens when you have the right talent acquisition leaders,” Cromydas said. “What people have been doing needs to be radically rethought and reformed for success in tomorrow’s world.”

The process is broken.

Instead of having five people asking questions that are all over the map, Diamond stressed that hiring managers need to understand what they should communicate about the company collectively.

Consider the following questions for your communication strategy:

  • What story is your company selling?
  • Is it a true story?
  • How does each person involved in the process contribute to telling this story?

This is all the upfront work that takes time, which is one resource that many organizations don’t have.

Hiring managers must start to see the interview and recruitment process as a sales opportunity. This shift means everybody — from the C-suite to the HR department — has to be on the same page.

More from CISO

Overheard at RSA Conference 2024: Top trends cybersecurity experts are talking about

4 min read - At a brunch roundtable, one of the many informal events held during the RSA Conference 2024 (RSAC), the conversation turned to the most popular trends and themes at this year’s events. There was no disagreement in what people presenting sessions or companies on the Expo show floor were talking about: RSAC 2024 is all about artificial intelligence (or as one CISO said, “It’s not RSAC; it’s RSAI”). The chatter around AI shouldn’t have been a surprise to anyone who attended…

Why security orchestration, automation and response (SOAR) is fundamental to a security platform

3 min read - Security teams today are facing increased challenges due to the remote and hybrid workforce expansion in the wake of COVID-19. Teams that were already struggling with too many tools and too much data are finding it even more difficult to collaborate and communicate as employees have moved to a virtual security operations center (SOC) model while addressing an increasing number of threats.  Disconnected teams accelerate the need for an open and connected platform approach to security . Adopting this type of…

The evolution of a CISO: How the role has changed

3 min read - In many organizations, the Chief Information Security Officer (CISO) focuses mainly — and sometimes exclusively — on cybersecurity. However, with today’s sophisticated threats and evolving threat landscape, businesses are shifting many roles’ responsibilities, and expanding the CISO’s role is at the forefront of those changes. According to Gartner, regulatory pressure and attack surface expansion will result in 45% of CISOs’ remits expanding beyond cybersecurity by 2027.With the scope of a CISO’s responsibilities changing so quickly, how will the role adapt…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today