Last week we mentioned how great it was that there was 0% unemployment in the IT security field. Of course there may be a few of you out there looking but overall you’d think this is good thing. Well, maybe from the employee perspective … but if you’re an employer seeking to hire qualified infosec pros, 0% unemployment may also bring significant challenges. Not only do you have to be concerned with rising salaries (a plus in my book ;)) but you also need to be on the lookout for people passing themselves off as security experts just to get into the current lucrative infosec field.
Inflating their resumes, getting a few quick low level certs, and learning some of the infosec buzzwords and a non-infosec-savvy employer may have a hard time telling an impostor from the real thing. My advice is include a true infosec geek that loves their job during the interview to weed them out. Since I usually end up doing most of their work or wasting countless hours teaching them, these are people that I would rather not work with. Now I understand that unemployment in adjacent fields is high and people are desperate in some cases (yes, I’ve been there) … but that doesn’t mean I have to like it.
Virtually no unemployment for IT security pros in the United States has created a sellers market, and that’s not good news for employers.
With such high demand for security professionals, employers must be wary of the prospects they consider to hire. People are known to inflate their resumes and claim knowledge they don’t have.
Education is among the most common areas for which individuals furnish misleading information, says John Reed, executive director at Robert Half Technology, which recruits IT professionals for businesses and government. “This is especially true of people trying to get into the security marketplace,” he says.
Eugene Spafford, executive director of Purdue University’s Center for Education and Research in Information Assurance and Security, says that’s not good for the IT security profession in the long run. “There are more people taking a couple short courses and passing themselves off as an expert,” Spafford says.