You are currently viewing Note to employers: in today’s world, a high salary alone does not mean they will retain a cyber employee 

Note to employers: in today’s world, a high salary alone does not mean they will retain a cyber employee 

Today’s columnist Drew Fearson of NinjaJobs points out that the stakes are so high in cybersecurity today, as CISOs face major security events like SolarWinds, increased government regulation and pressure from shareholders to fix whatever the cyber leaders are exhausting. (“SolarWinds Letters” by sfoskett is licensed under CC BY-NC-SA 2.0)

For the most part, cybersecurity professionals are left out of the Great Quit movement that continues to force so many people out of their jobs for a myriad of reasons, including low pay, a lack of advancement and a sense of disrespect at work.

The vast majority of cybersecurity professionals report high job satisfaction ratings. Yet their organizations still struggle to prevent them from leaving for other opportunities and to fill vacancies. To reverse these trends, business leaders must realize that their employees and candidates are looking for more than higher wages and salaries. They need to create a culture where security teams are seen as important to business growth and success, not as a necessary cost center.

Of course, everyone wants more compensation. Wages were rising before the coronavirus pandemic hit in early 2020, and that trend has accelerated. A good salary was one of the main reasons the role of Information Security Analyst jumped 14 spots from a year ago to top the US News 100 Best Jobs Rankings for 2022.

While the multi-year gap between the number of job openings and qualified applicants remains large, it is slowly closing. (ISC)² reports a drop from 3.12 million to 2.72 million unfilled vacancies in 2021 compared to 2020. Yet (ISC)² CEO Clar Rosso also warns that the industry needs to be realistic: traditional hiring practices fall short, she says.

The (ISC)² report focuses on hiring, but I think Rosso’s recommendation to modernize hiring practices also applies to rethinking the traditional job description of the cybersecurity professional – a job description where higher salaries should offset the high stress levels and feelings of marginalization that many job seekers we work with express as reasons for seeking new opportunities.

They’re exhausted from long days spent constantly responding to threats and the perception that their managers don’t value their contributions to the company. They are frustrated that despite the pressure they are under, their organizations see the value of security as merely ticking a box for compliance purposes.

“Cybersecurity, once strictly an IT department function, is becoming a business concept with societal implications,” said Gartner analyst Sam Olyaei. “Investor interest, public pressure, employee demands, and government regulations are strengthening the incentives for organizations to track and report cybersecurity goals and measures as a business requirement. As a result, the role of the cybersecurity leader has become increasingly elastic due to the growing misalignment of stakeholder expectations within their organizations. This causes burnout among security managers, who are overworked in “always on” mode.

The key point to remember: there is a direct correlation between a person’s job satisfaction and their belief that their company recognizes that their day-to-day work is an added value to the business, not a cost center.

Our data also reveals that employees experience higher job satisfaction and lower turnover rates when management embraces remote working. It is impossible to overestimate the sea change this represents for cybersecurity professionals.

Before the pandemic hit in early 2020 and forced people to work from home, the vast majority of jobs posted on our platform were split 60-40 in favor of in-person work over remote work. But over the past two years, the number of jobs requiring employees to work in an office full-time has fallen to less than 5% of all openings. Our fill rate on recruited positions that are remote jobs is around 50%. This number drops to around 20% if they have to be in an office full time.

Yes, employees and job seekers appreciate the higher salaries, but they have to do their homework. Organizations should leverage data on what other companies in and around their industries and geographies are offering candidates to determine compensation rates that are attractive enough to retain or attract talent in today’s market.

Business owners almost have to realize that just offering a higher salary doesn’t mean they’ll retain an employee. Companies need to be open to remote work requests, implement strong employee health and wellness initiatives, and train team leaders to not only identify employee burnout risk factors, but also to help them cope.

Simply put, effective leaders listen to what their employees tell them. There is a direct correlation between satisfaction and feeling valued and heard by an employer. Once employees start feeling like they’re just a commodity, they’ll start looking for other opportunities.

NinjaJobs CEO Drew Fearson

Leave a Reply