The words “cybersecurity” and “burnout” are next to each other in countless headlines for a reason. This industry is constantly changing, and a cybersecurity job requires extreme time, dedication, and continued education—and practitioners often face repetitive failure.
These stressors impact cybersecurity professionals who have been in the industry for years, but what about applicants who are running out of steam before they even land their first job?
Since joining Huntress in January 2022, I have had the privilege of interviewing many candidates for open positions on our Threat Operations team. A trend emerging is the disconnect between what applicants are told will land them a job and what their potential employers in the industry are actually looking for. There are several potential reasons for this discrepancy, but one major repercussion? Pre-employment burnout.
When it comes to entering the cybersecurity industry, pre-employment burnout is caused by a lot more than submitting a multitude of applications. Candidates I’ve interviewed have spent hundreds and even thousands of dollars getting various certifications, completing trainings, attending industry events, and more … and that’s almost always after spending tens of thousands of dollars on college.
It’s vital to recognize that this is not the applicants’ fault. This is what the industry has instilled in them as a requirement for getting a job in cybersecurity. Completing a certification does not make someone an exceptional cybersecurity professional; it simply ticks a box that everyone else already has ticked and can cost thousands of dollars.
This is not to say that what individuals learn throughout the certification process isn’t valuable. It just shouldn’t be the standard by which the industry measures the capabilities of applicants against one another.
So what should managed service providers and others be looking for when hiring cybersecurity professionals? When Huntress seeks entry-level analysts, for example, three major traits come to mind:
1: Community Involvement – Knowledge sharing is one of the most important responsibilities when you hold a job in cybersecurity. Posts on personal blogs, Twitter, Reddit, LinkedIn, etc., about what the applicant is seeing, what they’re interested in, or what they find valuable with others go a long way toward showing genuine interest. This demonstrated knowledge stops the interview from becoming an interrogation. Instead, it’s a conversation and then negotiation.
2: Communication Skills – Breaking down complex situations into digestible pieces is an enormous requirement for Huntress. Having a technical mind that can also communicate effectively is crucial for success in cybersecurity, both at entry-level and senior positions.
3: Courage – One of the biggest telltale signs that a junior analyst is going to be successful is their level of participation in discussions with their superiors. If they jump into a Twitter thread and share their two cents, even if they’re “wrong,” it shows they’re eager to learn.
Of course, it’s equally important for the potential employers to foster environments where all three of the aforementioned traits are encouraged.