Recruiters struggling to fill vacancies in information security
Despite the downturn, a report indicates hirers are struggling to fill their vacancies. The final results of a survey conducted by (ISC)2 (‘ISC-squared’), suggests that information security professionals can look forward to a future with new jobs coming onto the market and fewer expected budget cuts.
The survey also indicated, however, that hiring managers are struggling to fill positions as candidate salary expectations and skill levels do not meet current demand. Of the more than 2,800 (615 EMEA) professionals participating in the survey, 775 had hiring responsibilities, with 44 percent of those looking to hire additional information security staff this year and over 11 percent planning to add more than three people. The areas of expertise most sought after by those seeking candidates were (in order of highest demand) operations security, information risk management, access control systems and methodology, applications and systems development security, and security management practices.
Despite economic conditions, over 80 percent of hiring managers identified that they are challenged in their efforts to find the right candidate. The range of concerns included a lack of desired skills or lack of available professionals within a local area; poor cultural fit; and salary demands that were too high for available budgets, particularly from people who had previously worked within the troubled financial services sector.
“Demands on professionals are changing. Companies want more for their investment, and professionals need to keep their skills and expectations in line with what businesses are looking for,” said John Colley, CISSP, managing director for EMEA, (ISC)2 . “Training and professional development will be essential for individuals as they manage their careers in this tough economy.”
(ISC)2 conducted the survey in April and May 2009 to gain insight on the impact the economic downturn is having on its certified membership and their employers. Members were queried about the effect on various budgets and their organisation and asked about their expectations for the future. They confirmed that outsourcing is having an impact but that activity on this front may be slowing 30 percent had reported increased levels of outsourcing of security functions, while only 18.7 percent expected the situation to worsen in the next six months. Confirming preliminary findings released in April, budget cuts may also be slowing.
Over two-thirds (nearly 72 percent) of respondents said their information security budgets had been reduced in the six-month period from October 2008 – March 2009, and roughly half (53.6 percent) revealed that their information security departments had experienced at least one lay-off in the past few months. Looking forward, 62 percent said they did not expect any additional information security budget cuts for the remainder of the year, while nearly 9 percent expected an increase. Just over 59 percent said no additional personnel cuts would be forthcoming the remainder of the year.
“In this environment, companies may be tempted to make rash security decisions made in the panic to cut costs. Organisations are advised to proactively analyse how cuts affect their risk profile and avoid costly repercussions resulting from breaches and mandated reparations,” said W. Hord Tipton, CISSP-ISSEP, CAP, CISA, CNSS, executive director for (ISC)2.
Recruitment news brought to you by theHRDIRECTOR magazine