Blog Archives

How Australia’s record-low jobless rate will impact cyber security hiring and retention

Australia’s unemployment rate could sink below 4 per cent this year, and fall further to 3.75 per cent by the end of 2023, the nation’s Reserve Bank forecast in February. If reached, that would be the lowest jobless rate in Australia in nearly 50 years. AISA communications manager Nick Moore asked cyber security recruiters, including Jim Morris from Synchro Partners, what this would mean for hiring and retaining staff in the already challenging infosec industry.

If Australia’s unemployment rate falls below 4%, how will that affect staff retention in cyber security?

Jim Morris: “With unemployment rates forecasted to fall below 4 per cent, this amplifies an already apparent short supply of accessible talent in the market and intensifies competition amongst employers, with the possibility of your staff being tempted to greener pastures.

New projects, new technologies and career growth opportunities arise every day so it is evitable that the ‘musical chairs’ in the cyber security marketplace will continue.

This is the nature of the beast as seen in the competitive market pre-GFC (Global Financial Crisis).”

If it falls below 4%, how will it affect recruitment?

Jim Morris: “Prospective, available candidates are already in low-supply, whether you are the local burger shop or a national cyber security firm. That is the brutal truth.

A key difference is, however, cyber security is a relatively niche, specialist area, with an already limited talent pool of available candidates. Couple that with the requirement for candidates in our sector to frequently upskill to keep up with constant changes and we’ve got a recipe for a different level of skills shortage.

Employers will face multiple challenges and obstacles when recruiting new staff – increased competition for talent, less overall supply and changes in candidate/jobseeker behaviour and expectations.

Now is a critical time for employers to review their value proposition to potential recruits out in the marketplace. What can you offer that the competitors in your segment can’t?

In my recent experience securing candidates within areas such as cloud security, penetration testing, incident response/threat intelligence or niche GRC (governance, risk and compliance) areas (IRAP, ISM, PCI) has become increasingly difficult for employers because of the market conditions.”

What advice would you give employers around staff retention? Is it possible to offer too many inducements?

Jim Morris: “First take a step back and really understand what you currently offer and how it stacks up against your competitors. Then look at adding extra value from there.

As a cyber security professional, continually developing their skills is the only way to keep up with the pace and demand of the market. What new skills are you offering your staff? What kind of programs can you offer them to be working on?

These are the key areas staff will consider against other options if they develop a ‘wandering eye’ for new opportunities as they are tangible ‘value adds’ for careers.

It can be easy to get swept up in the price/wage wars, having pinball machines, table tennis tables and fully stocked beer fridges but getting the real, measurable value propositions by way of professional development opportunities is a fundamental starting point for employers.”

What advice can you give around sourcing and hiring staff in this increasingly competitive jobs market?

Jim Morris: “Look inwards first. Have you really looked at which individuals within your organisation have the potential (and willingness) to upskill in order to fill your capability gap? Oftentimes I see clients quick to skip this step, missing real opportunities to find the capability readily available in house, and an opportunity to positively affect retention rates.

Be pragmatic about your list of requirements. Be realistic about what’s readily available out in the market. Does that candidate really exist and can you secure them within your target timeframe? If the answer is not an unequivocal yes, it’s likely time to consider where you can replace hard requirements with opportunities for prospective candidates with relevant experience to develop and upskill.

Moving fast is critical in the current market. Assess your current recruitment process, identify the bottlenecks and where the opportunities to streamline are. Much more often than not, this does not have to compromise the thoroughness of your process.

Candidates are not on the market for long and are often presented with multiple opportunities and offers at any given time.

Know your competition. What is your competition doing and offering and how does your organisation offer a compelling option as a comparison? This could be around a number of different factors – remuneration, professional development opportunities, flexible work arrangements and company culture. You need to know how you’re positioned against competing organisations to help target and secure the right candidate audience.”

Is it better to leave a position vacant than hire a substandard candidate? What strategies can employers deploy to cover for vacancies?

Jim Morris: “Look inwards first. Before going to market, which individuals in the business could redeploy into this role? Sometimes the answer lies within. Is this another opportunity to allow a team member to upskills? This can only have positive effects on your retention rates.

Consider a contingent workforce. A contractor resource has been a viable solution within our industry for years, often in a full-time capacity. Though, the working world is evolving, with the ‘Gig Economy’ seeing a noticeable boom in recent years. Many candidates in the cyber security space have started to engage with clients either on a part-time, ad-hoc or advisory capacity.”

This article was originally published as How Record-low Jobless Rate will Impact Cyber Security Hiring, Retention by the Australian Information Security Association (AISA). This abridged version is published with kind permission of the author.

Tagged with: , , , , , , , , , , , , , , ,
Posted in Synchro Partners, The world @work

Tech professional? Cybersecurity specialist? Multiple offers? Our top tips to make the right career decision in a bullish market.

With spend in Australian cybersecurity expected to surpass a whopping $5.1b in 2021, the natural flow-on effect from an increase in enterprise requirements in the sector is a need for more staff.

Since launching Synchro Partners earlier this year, there’s no doubt that it’s the most ‘job-heavy’ market we’ve seen in several years. It may seem like halcyon days for recruiters, but with virtually every business across the country on the hunt for a full range of skillsets as they build their ‘dream team’ of cybersecurity experts, it’s a lucrative opportunity for candidates.

With a hard stop on overseas talent due to covid related border closures over the past eighteen months, we have seen a major skills shortage across the technology sector. Naturally, due to the laws of supply and demand, salaries and contractor rates have increased substantially over the period. On average, we have seen an increase in remuneration expectations of over 7%, and in certain streams (IDAM/PAM, Cloud Security and Penetration Testing) a pay demand upturn of up to 25%. This in turn has created a true candidates’ market, with a plethora of career opportunities for jobseekers and those currently employed in the cybersecurity field.

Whilst this bullish job market is certainly advantageous to Tech professionals, it can be a double-edged sword – exposure to multiple opportunities at any given time increases your risk of making the wrong career move.

How do you make the right decision?

Article image: How do you make the right

Every day, Synchro Partners help candidates between role transitions. what we’ve learnt through our experience is that having a well-defined vision of your career goals will help you make the right move. We’re sharing our top tips on how to evaluate each role when presented with multiple offers from different organisations, to ensure you make the right career decision.

What is the ‘ROI’ for you, if you join this organisation?

As much as they are investing into you, you also are investing in them. What is more important than dollars is consistent development and sustainable growth in what you are worth. As a cybersecurity professional, evolving your skills is the only way to keep up with the pace of the market. What new skills will you pick up? What certifications will they support you in pursuing? What kind of programs will you be working on? These are all crucial factors for your ROI and the future for your career.

What’s the organisational culture really like?

It is easy for an employer to say they have an amazing culture. But do they really? What’s the work culture like? It’s high-performing, but is it collaborative? Is there a culture of innovation specifically in the cybersecurity space? A good mix of both work culture and social culture should be identified for you to enjoy your role and to be successful too. Dig deep and ask questions such as: Could you give me an example of a time when the team have shown real comradery? What social activities do you organise? If they struggle to give you a warm and authentic answer, you should have reservations.

What do you look for in a leader? Will you align with your direct manager?

How do you envision each leader treating you and will they help you to be happy as well as succeed within the business? The cybersecurity market is a tight-knit community in Australia. What’s their track record? What’s been their contribution(s) to the community? When it comes to the hiring manager, what does their industry profile look like? Having the ‘right’ leader is pivotal to your success; having the ‘wrong’ leader could be your Achilles heel, and even stop you from reaching your goals. Simon Sinek says, “The courage of leadership is giving others the chance to succeed, even though you bear responsibility for getting things done.”

Be Discerning

Cybersecurity professionals are discerning individuals in their day-to-day roles, so why not take a discerning approach to jobhunting (a full-time job in itself). Having ‘a good feeling about this one’ is your intuition telling you that this is the most logical option. Use your instincts as your compass, backed up by facts for your reassurance.

Finally, money is a by-product of where you are currently at; what you can become is where you will see true job satisfaction (and financial gain). Join a company that will provide a vehicle to accelerate you as a better professional, rather than simply utilise your current skills.

Tagged with: , , , , , , , , , , , , , ,
Posted in Synchro Partners, The world @work