Cybersecurity workers say they are seeking workplaces that take their opinions seriously more than those that offer a high salary, according to (ISC)².
As demand for cybersecurity professionals continues to grow, those with the coveted skillset are looking for workplaces that offer more than just a large salary, according to a new report from (ISC)².
Of the 250 cybersecurity pros surveyed across the US and Canada, 14% said they plan to search for a new job in 2018, while 70% said they are open to new job opportunities, the report found. Just 15% said they have no plans to switch jobs this year.
The data suggests that unmet expectations between companies and their cybersecurity workforce during both the hiring process and time on the job, combined with high demand for security skills and frequent contact from recruiters, may be luring cybersecurity pros away from their current workplace.
“The cybersecurity workforce gap is growing rapidly, and turnover within cybersecurity teams makes filling those roles even more challenging,” (ISC)² COO Wesley Simpson said in a press release. “It is more critical than ever for organizations to ensure their recruitment and employment retention strategies are aligned with what cybersecurity professionals want most from an employer.”
When asked what’s most important for cybersecurity pros’ personal fulfillment at work, the top response (68%) was wanting to work where their opinions are taken seriously, the survey found. Other top drivers were wanting to work where they can protect people and their data (62%), wanting to work for an employer that adheres to a strong code of ethics (59%), and wanting a high salary (49%).
In terms of professional goals, 62% of cyber pros said they want to work for a company with clearly defined ownership of cybersecurity responsibilities, while 59% said they want an employer that views cybersecurity more broadly than just technology. Another 59% said they want to work for an organization that trains employees on cybersecurity best practices.
Due to demand, cybersecurity workers are being aggressively targeted by recruiters: 13% said they are contacted by recruiters many times a day, while 8% said once a day, 16% said a few times a week, and 34% said a couple times each month.
Employers often fail to impress cybersecurity jobseekers and staff, the report found. An organization demonstrates a lack of cybersecurity knowledge to a cyber pro when it offers vague job descriptions (52%), job descriptions that do not accurately reflect the role responsibilities (44%), and job postings that ask for insufficient qualifications (42%).
Before taking a job with a new company, 85% of cyber pros said they would investigate that employer’s security capabilities—and that what they discover would influence their decision. More than half of respondents (52%) said that they are more likely to take a job with an organization that takes security seriously.