Follow Mark on LinkedIn Follow @marknca on Twitter Follow marknca on YouTube
marknca

Mornings With Mark
no. // 0 0 0 8

HR Challenges & Getting Your First Security Role

Subscribe to the podcast.

Watch the episode here

Join the discussion on LinkedIn

Tweet about this episode

Full machine generated transcript follows

Morning everybody. How you doing today? Thanks for joining the show again. And thanks for joining everyday. It's been really great to grow this up to a pretty decent size audience and continuing the growth growth. I'm getting more and more questions and I would say probably 80% of the questions 85% of the questions focused on how to get started in cyber security.

So people reaching out looking for advice want to make a career change wanting to start their careers trying to get off an appositive trying to get eaten to the field of service. I think that's absolutely Fan-Tastic. We know we have a massive massive skills Gap that we need to close and more people excited more people interested.

That's a very good thing this video to rain today on the podcast today is not about those people. It's about one of the questions that I'm seeing more and more that's troubling is that people have started to take a few steps down the road to cybersecurity. They've gone out either a certification or they started studying or they're doing something to increase their skills.

That is absolutely wonderful where people are running into a problem is finding appropriate positions finding Junior Physicians finding entry level positions that will help bring them along and I think there is a number of challenges here one live with the fact that we need to update our expectations. We need to update our requisitions and for new jobs within our companies hiring managers more towards HR.

I don't have a solution for this one, but I will call out the fact that you can't ask for a junior cyber security professional with 2 years experience in it. Back to get a ton of people applying Junior, you know, it's really difficult to move along and entry level is even harder.

You can't ask for anything other than you know, some proofpoint that they've taken some steps and understand some of the challenges there's a disconnect and that's really what I wanted to highlight in. This video is that there is a significant disconnect between us and we need to fill the skills Gap and then companies not investing in people to fill that skills.

Gap know the reason being I think again speculation top of head. That's what this is all about. Just rambling on about a particular topic. I think the biggest challenges that we are used to in it being able to say like I'm going to do a web Solutions and so I'm going to go look for folks with this skill set and there's a pool of people who is over.

Definitions we need to figure out a different way of approaching it because what we're looking for doesn't exist. There's no pool of those candidates anyone with a significant cyber security background is already working. We have negative unemployment in the space It's a Wonderful space to be in for a cyber security Pros to get more people in the field at skills Gap.

We need to take alternative approaches companies need to invest in training people without any cybersecurity. I'm interested in whether that's for themselves or push back out into the world whether that's a no for I doing essentially for a global organization pushing him out to the Region's weather that's working in partnership with other companies helping I'm filled out networks of these folks.

It's there's no easy answer. Is it going to take a long time to address? But I know we need to think outside the box If all we're doing is saying hey, we need people with a years experience even that can be prohibitive because we may see job-hopping, but we're not filling that new so we may be able to Company from work for us in a junior Rai mid-level position, but we're still have that skills Gap as a community overall.

And I know you might be thinking I'm just at some point you will because if you're poaching people from other on any approaching the battery, let me see to it. If you are offering jobs that are being filled by candidates from other organizations at some point. You're going to be in the exact same boat because maybe you've offered in Junior FIRST of the mid-level someone else is going to come and offer a senior level to your mid-level.

I'm and pull them away because that's a great opportunity cyber security Pros. Have we need to look think outside the box? I don't have every solution. But I know what we're doing right now is not working. We cannot simply fill the Gap fast enough by not hiring. We don't have enough income and people into the community to fill that Gap that's part of the problem and I think you guys all know.

I'm I have a huge challenge with how we run cyber security in general. But what I want to talk about with specifically has problems, A bunch of questions from people who have Honestly made a great effort. They started their cybersecurity education and they are having a hard time finding position that will help him take it further don't work on the time on their off hours on the weekend side of the desk increase their education level and they're unable to find a placement.

I'm not sure what solution is. I know what we're doing right now isn't working. What do you think? Hit me up online Mark NCAA in the comments down below here on the on the blog and more as always by email me at Mark and. See what have you seen work or have you seen it doesn't work.

Are you struggling with his problem? And did you find a way to help people through this problem? Let me know. I hope you are set up for a fantastic day and a great weekend as a heads up next week. I'm traveling west coast of North America and so show timing might be a little bit off depending on how well I adjust to the time zone, but I will be trying to broadcast.

I'm out there for serverlessconf and then mid-week or end of the weekend in Chicago for the end of your stomach there. So stay tuned. Have a great day. Have a fantastic weekend. Morning everybody. How you doing today? Thanks for joining the show again. And thanks for joining everyday. It's been really great to grow this up to a pretty decent size audience and continuing the growth growth.

I'm getting more and more questions and I would say probably 80% of the questions 85% of the questions focused on how to get started in cyber security. So people reaching out looking for advice want to make a career change wanting to start their careers trying to get off an appositive trying to get eaten to the field of service.

I think that's absolutely Fan-Tastic. We know we have a massive massive skills Gap that we need to close and more people excited more people interested. That's a very good thing this video to rain today on the podcast today is not about those people. It's about one of the questions that I'm seeing more and more that's troubling is that people have started to take a few steps down the road to cybersecurity.

They've gone out either a certification or they started studying or they're doing something to increase their skills. That is absolutely wonderful where people are running into a problem is finding appropriate positions finding Junior Physicians finding entry level positions that will help bring them along and I think there is a number of challenges here one live with the fact that we need to update our expectations.

We need to update our requisitions and for new jobs within our companies hiring managers more towards HR. I don't have a solution for this one, but I will call out the fact that you can't ask for a junior cyber security professional with 2 years experience in it. Back to get a ton of people applying Junior, you know, it's really difficult to move along and entry level is even harder.

You can't ask for anything other than you know, some proofpoint that they've taken some steps and understand some of the challenges there's a disconnect and that's really what I wanted to highlight in. This video is that there is a significant disconnect between us and we need to fill the skills Gap and then companies not investing in people to fill that skills.

Gap know the reason being I think again speculation top of head. That's what this is all about. Just rambling on about a particular topic. I think the biggest challenges that we are used to in it being able to say like I'm going to do a web Solutions and so I'm going to go look for folks with this skill set and there's a pool of people who is over.

Definitions we need to figure out a different way of approaching it because what we're looking for doesn't exist. There's no pool of those candidates anyone with a significant cyber security background is already working. We have negative unemployment in the space It's a Wonderful space to be in for a cyber security Pros to get more people in the field at skills Gap.

We need to take alternative approaches companies need to invest in training people without any cybersecurity. I'm interested in whether that's for themselves or push back out into the world whether that's a no for I doing essentially for a global organization pushing him out to the Region's weather that's working in partnership with other companies helping I'm filled out networks of these folks.

It's there's no easy answer. Is it going to take a long time to address? But I know we need to think outside the box If all we're doing is saying hey, we need people with a years experience even that can be prohibitive because we may see job-hopping, but we're not filling that new so we may be able to Company from work for us in a junior Rai mid-level position, but we're still have that skills Gap as a community overall.

And I know you might be thinking I'm just at some point you will because if you're poaching people from other on any approaching the battery, let me see to it. If you are offering jobs that are being filled by candidates from other organizations at some point. You're going to be in the exact same boat because maybe you've offered in Junior FIRST of the mid-level someone else is going to come and offer a senior level to your mid-level.

I'm and pull them away because that's a great opportunity cyber security Pros. Have we need to look think outside the box? I don't have every solution. But I know what we're doing right now is not working. We cannot simply fill the Gap fast enough by not hiring. We don't have enough income and people into the community to fill that Gap that's part of the problem and I think you guys all know.

I'm I have a huge challenge with how we run cyber security in general. But what I want to talk about with specifically has problems, A bunch of questions from people who have Honestly made a great effort. They started their cybersecurity education and they are having a hard time finding position that will help him take it further don't work on the time on their off hours on the weekend side of the desk increase their education level and they're unable to find a placement.

I'm not sure what solution is. I know what we're doing right now isn't working. What do you think? Hit me up online Mark NCAA in the comments down below here on the on the blog and more as always by email me at Mark and. See what have you seen work or have you seen it doesn't work.

Are you struggling with his problem? And did you find a way to help people through this problem? Let me know. I hope you are set up for a fantastic day and a great weekend as a heads up next week. I'm traveling west coast of North America and so show timing might be a little bit off depending on how well I adjust to the time zone, but I will be trying to broadcast.

I'm out there for serverlessconf and then mid-week or end of the weekend in Chicago for the end of your stomach there. So stay tuned. Have a great day. Have a fantastic weekend.