This article is considered to be a follow-up to the “Hiring your first security professional”, so if you haven’t yet, I recommend you to read it before you continue with this one.
For a last few years there wasn’t a month when I haven’t read about InfoSec professionals shortage, security skills gap and what not. To give you a proper context I’ll rant a bit about why I don’t believe in those dramatic claims and then we’ll jump into action items for organisations that want to improve their recruitment processes.
If you already have a great security team, and you don’t have any problems with hiring then awesome and I’m happy for you. However, if you’re somewhat struggling with building an InfoSec Team, then it’s likely that you’re making some of the mistakes I described below. Continue reading “Employment expectations’ mismatch and recruitment pitfalls in InfoSec”