Intelligent Connections. Recruiting Integrity.
Call Us: 415-510-2973

Archive for the Blog Category

Niche Job Boards: The Power of Precision

Why should you consider using niche job boards for your sourcing strategy? The truth is that there are a lot of tools out there to bring employers and candidates together. Many promise the newest and greatest, but the formula is really very simple. At the end of the day, you must communicate who you are and what you want to a receptive audience. You can scream from the rooftops about the greatest snow boots in town, but if you choose a rooftop in Miami you wont be taken seriously. Read more

2018: A Great Year for Cyber Security Jobs

A recent Cisco report indicates that there will be one million cybersecurity job openings worldwide in 2016.  In addition, the global cyber workforce is expected to rise to 6 million by 2019.  With more than 200K unfilled cybersecurity jobs in the U.S., we are facing a projected candidate shortage of  1.5 million in the next two years, according to Forbes article.

This is great news for anyone already in the field.  Read more

Stop Overanalyzing Resumes!

Do you work with a hiring manager who is guilty of overanalyzing resumes? If you’ve been in recruiting for more than a minute, you know the manager I’m talking about. This is the person who has never misspelled anything, never left a word out of a sentence and is remarkably able to pick out the slightest change in font or font size. What is imperceptible to the rest of the world is glaringly obvious to this person.

I get it, there is great value in knowing that the person you’re hiring to do code review is also proofing their own resume. It is important to pay close attention to detail, especially when you’re putting your resume out there for public scrutiny. I completely understand. Unfortunately, the world is not perfect and neither are our candidates. Top notch candidates are generally working at least 40 hours a week and, hopefully, have a few other things going on in their lives that demand their attention.

So, when a recruiter calls them up and says, “Hey, I noticed your profile and I’ve got this great opportunity for you with this amazing company”, don’t be surprised if they only give their resume a quick scan before sending it over. Once that resume is in the hands of the recruiter, he or she is so thrilled that they found this amazing person from this great company with 80% of the desired skills in a VERY tight market. I promise, that recruiter is only going to do a quick scan on the resume too.

It is not until the resume for this amazing candidate lands in Mr. or Ms. Perfect’s hands that the whole process comes to a screeching halt. As that manager picks through font size and the spelling error the joy dissipates from the room and they alienate the recruiter who has just worked hours to provide them with that one, albeit imperfect, resume.

The resume does not make the candidate. Experience and their ability to contribute to your organization makes the candidate. Take that imperfect resume, pick up the phone and talk to the person on the other end. Learn about their experience, the challenges they’re looking for, the problems they’re itching to solve and their ability to make a difference in your organization.

If the conversation goes well, I understand if you don’t hire this person as your in-house resume writer. Hire them as your information security systems analyst or your CISO and tell them that they need to be accountable for proofreading and pulling in a second pair of eyes on their next RFP or Executive Board presentation. Just please, please, please stop overanalyzing resumes. Gather what you can from a two page document covering a strong career and get to know the talent behind the paper. You just might be surprised if you do!

Getting your Head in the Game: Sourcing Information Security Candidates

Recruiting and Sourcing information security candidates is not for the faint of heart.  Recently, the Leviathan Security Group said, ” With more than one million cyber security positions unfilled worldwide, currently identified security needs couldn’t be met if every employee at GM, Costco, Home Depot, Delta and Procter & Gamble became security experts tomorrow.”  Wow.  Just wow.

What does this mean?  Read more

Best Cities for Cybersecurity Professionals

It’s a good time to be working in cybersecurity. As hackers continue their onslaught, stealing information in sectors ranging from health care to retail sales, businesses will need experts in digital security to fight back.Hacks in 2016

In the first half of 2016, more than 554 million records were breached – a 31% increase over the previous six months.

Analysts expect significant growth in the industry: More jobs will come, and companies will spend more money to shore up security.

SpendingCybersecurity Ventures projects companies and consumers will spend $1 trillion globally over the next five years on cybersecurity. That’s a projected growth of 12-15% from 2017 to 2021.

The U.S. Bureau of Labor Statistics predicted 18% job growth from 2014 to 2024.

A recent report showed that several states have a high need for cybersecurity professionals.

Given the bullish nature of the industry, GoodCall® analysts crunched the numbers to determine the Best Cities for Cyber Security Professionals.

They looked at data from 221 cities, including average salary for cybersecurity JobGrowthprofessionals compared with the average overall salary, the number of jobs available per capita, affordability, and amenities per capita. These factors highlight cities that are both great places to find a job in the industry and great places to live.

The top 10 best cities for cybersecurity professionals are (Click on the city name to find your next cyber role):

  1. Columbia, MD

Columbia stood out for its high number of available jobs per capita. It’s also a fairly affordable area that pays cybersecurity professionals well.

  1. Sioux Falls, SD

The average salary for cybersecurity professionals in Sioux Falls is more than double the city’s overall average. And rent there accounts for just 26% of annual household income.

  1. Jersey City, NJ

Talented workers have a good chance at landing a job in Jersey City, which has the fourth-highest number of jobs available per capita. Salary is competitive, too: the average of $115,000 is 1.9 times the city’s overall average.

  1. Newport Beach, CA

Newport Beach has it all. It’s fairly affordable, pays well for cybersecurity pros, and the abundance of amenities make it a fun place to live.

  1. Cary, NC

Cary is the fourth most affordable place on the GoodCall list, and it ranks in the top 50 cities for jobs available per capita.

  1. Orlando, FL

Cybersecurity jobs pay well in Orlando – nearly 2.2 times the overall average salary. And companies are hiring; Orlando ranks 20th in jobs available per capita. And, of course, the area’s amenities are abundant.

  1. Irving, TX

Companies are shoring up security in Irving, which has 14th-highest available cybersecurity jobs per capita. The area is also an affordable place to live: Rent accounts for just 25.3% of annual household income.

  1. Chattanooga, TN

Security jobs pay well in Chattanooga, where average salary for the industry is 2.2 times higher than the overall average. The abundance of amenities makes it a great place to live, too.

  1. Troy, MI

Aside from its fairly high available jobs per capita, Troy stands out for its incredibly affordable rent, which accounts for 24.7% of household income.

  1. Plano, TX

When analysts last checked, there were at least 21 cybersecurity jobs posted in Plano, among the top 10% of cities in available jobs per capita. The fact that it’s affordable is just a bonus.


Here’s a look at the top 50:

View the full rankings here.

Some cities didn’t make the highest ranks on the GoodCall list but were still notable in specific statistical areas:


GoodCall analysts included data from 221 cities in the U.S. to generate rankings based on a score. That score was determined by:

Available Jobs: The number of full-time jobs in each city posted on under the title “cybersecurity” or “information security.” This was analyzed per 1,000 residents and accounted for 30% of the score.

Salary Potential: The average salary for Information Security Analysts from the U.S. Bureau of Labor Statistics, compared to the average overall salary from the area, also from the BLS in 2015. This made up 30% of the score.

Affordability: The median gross rent as a percentage of household income, taken from the American Community Survey 2015 1-year estimates. This accounted for 30% of the GoodCall score.

Amenities: The number of accommodation and food services as well as arts, entertainment and recreation venues, as reported in the 2012 Geographic Area Series from the Census Bureau, and adjusted per 1,000 residents. County data was used when city data wasn’t available. This accounted for 10% of the GoodCall score.


This blog originally appeared on GoodCall here and was republished with permission.

5 Steps to a Great Information Security Job Posting

When you’re looking to hire A+ security talent you want them to see you as the same A+ caliber.  After all, why would top talent be drawn to a C+ organization?  While this seems logical, many top notch organizations are still marketing themselves poorly to one of their most important demographics:  their future employees. Read more

Information Security Candidate Sourcing: The Long Game

Whether you’re sourcing for one organization or many, it is important to recognize talent even when you don’t have a position to fill right this minute.  It’s tempting to set those people aside and think that you’ll come back to them when you need them.  However, taking a little time with someone you see something special in may pay dividends in the future. Read more

5 Tips for Interviewing Your Future Boss

Interviewing is a two way street and everyone knows that the information security market is a “candidate market.”  With more jobs than talent and plenty of positions for most infosec professionals to choose from, it is extremely important to interview your next boss with the same scrutiny as the company is interviewing you.  Making sure you’re not working for an unstable, unpredictable or volatile boss is extremely important.  However, this type of interview must be handled class and savvy.  Here are five tips for interviewing your future boss. Read more

Interview tips: How to ACE Your Interview in 5 Steps

You’ve followed our tips for creating a standout information security resume, and you got a callback for an interview.  Well done. Now make the most of your investment in time so you are prepared to ace the interview and make yourself impossible to pass over.

Do your research

Walk into your interview knowing more about the company than the average job seeker.  Take 15 minutes and look up recent news, stock prices, industry evaluations and anything else you can get your hands on.  Knowing the company’s products or services is extremely valuable and understanding where they fit in the marketplace will make you stand out.  Any research you can do on the team and the organizational structure will also show that you’ve gone above and beyond the standard interviewee.

Analyze the job description

Don’t just speed read the job description.  Take 30 minutes and pull it apart.  For each bullet listed or each “critical” element of the position description, come up with an example from your experience where you have either done exactly that or something similar.  Don’t be afraid to take those notes to the interview to help you if you get stuck.  A little preparation can make you look like you’re fast on your feet when it counts.

Be Confident

Find out from the receptionist or HR what the dress code is and step it up at least one notch for the interview.  That old adage that you should dress for the job you want is true.  HOWEVER, don’t wear something that you’re horribly uncomfortable in.  Wear that outfit that makes you feel like a million bucks.  If you don’t own something like that, invest in it today.  When you feel like a million your confidence will show.

Demonstrate what you say you know on your resume

There is really nothing more irritating than finding the perfect resume with all of the amazing skills you’re looking for, only to find that the candidate was just in the same room as that cool project.  Make sure you can take that knowledge to the bank and prove it.  If you’re rusty, brush up before the interview.

Ask Questions

Make sure to have a few ready prior to the interview.  Ask questions about the future of the company and department as well as get information about what the expectations are for this role in the near and long term.  See here for further tips on Interviewing Your Future Boss.

If you follow these interview tips, you’ll have that job offer in the bag.

The Cybersecurity Talent Shortage: Zero Unemployment and No Unicorns?

By Guest Blogger Douglas Bonderud

Zero percent. As noted by a recent Cybersecurity Ventures report, that’s the new number for cybersecurity unemployment. In fact, there are two available jobs for every qualified candidate, and with 1 million positions still open, companies are getting desperate.

Gary Hayslip, CISO for the city of San Diego, told CSO Online that they’re “trying to hire a unicorn” by writing job descriptions with huge skill lists that most security professionals simply don’t have. But what’s the real-world impact of this cybersecurity talent shortage? More importantly, how can companies reverse the trend?

Volume, Velocity and Variety

Cybersecurity is impacted by the three V’s: volume, variety and velocity. The volume of cyberattacks is rapidly increasing as more zero-day vulnerabilities are discovered, exploit kits become online commodities and cybercriminals broaden their targets.

Threats are also ramping up in terms of speed and type. Cloud resources and the wealth of data shared online make it easier than ever for malicious actors to discover security weak spots and create new attack vectors.

As noted by Marc van Zadelhoff, general manager of IBM Security, this translates to a “skills crisis in security,” even if the industry is able to fill every open job in the next few years. This isn’t good news, but it’s not entirely hopeless, either.

Addressing the Cybersecurity Talent Shortage

So how do companies address the cybersecurity talent shortage when traditional candidate pools are effectively dried up? One option is better training.

Schools such as the University of Warwick now offer a business-focused postgraduate module in enterprise cybersecurity that students — most likely security pros already working in the industry — can take part time to help close the skills gap. However, this is a downstream solution that only starts paying off after a few years and doesn’t address the issue of sheer numbers.

Another way to help bridge the gap, according to Computerworld, is by ramping up the number of women in IT security. This means abandoning notions of the ideal unicorn — often a seasoned male IT professional with a host of credentials — and instead choosing to innovate by encouraging both men and women to pursue cybersecurity careers even if their primary tech specialty lies somewhere else.

SC Magazine pointed out that it’s possible to make better use of existing IT professionals to help solve the skills gap. For example, many teams spend much of their time reporting or manually entering data rather than dealing with security issues.

What’s more, when basic cybersecurity hygiene isn’t up to par, even security specialists are put to work solving basic problems. Meanwhile, security teams are often forced to fight fires rather than move forward due to the overwhelming number of security alerts they deal with on a daily basis.

No Quick Fix

Changing the paradigm means opting for automation where possible, leveraging data analytics to help clean up the IT environment, and finding a balance between reactive and proactive security to let security pros improve overall cybersecurity health.

The cybersecurity talent shortage has arrived, and it poses real problems for IT. While there’s no quick fix, efforts like improved education, innovative hiring and investment in existing IT teams can help limit the impact of zero unemployment and absent unicorns.


This article originally appeared on the Security Intelligence blog here, and is reprinted with permission by the author.   Connect with Doug Bonderud on LinkedIn.