In short: you'll need to pull out all the stops if you want to keep them.
Why You Might Consider Hiring a Security Analyst
Hiring a security analyst often seems like the logical "next step" once your small-to-medium sized business has its antivirus and firewall up and running.
You want visibility. Visibility requires tooling. Tooling requires trained operators.
For instance, you might want an intrusion prevention system (IPS) to detect and prevent vulnerability exploits on your network. Or maybe you'd like more security information and event management (SIEM) to provide real-time analysis of security alerts. In either case, running these tools is a full-time job. Sticking with the DIY path, instead of going with a managed security service provider (MSSP) or a managed detection and response (MDR) solution, means you'll need someone in house.
Hiring top tech talent is always HARD, and this task is exacerbated by cybersecurity talent shortage. At ActZero, our process routinely takes about 3 months, 100 applicants, and 80 person-hours plus recruiter, background check, and other fees to successfully hire a single highly-qualified analyst. Each hire, though, has a crisp ROI; we understand the value an individual must provide to our organization and that understanding means we can specifically target candidates who will excel in the job that benefits us most.
With cyberattacks growing in frequency and intensity every year, boards and executives have realized cybersecurity is a business issue. As a result, competition for talent is fierce. Some estimates peg the global shortage of talent at 3.5 million unfilled cybersecurity jobs by 2021. That's a 350 percent increase in open cybersecurity positions since 2013, with no signs of slowing. Cyber professionals have their pick of amazing opportunities and therefore when you decide to hire one, you must be prepared to invest the time, effort, and money to sell your role to potential candidates.
Why They May Leave
Hiring an amazing candidate is only the first step. Those other offers that your analyst turned down to work with you are still available to them. Fail to successfully on-board, ramp-up, motivate, engage, and grow your new employee and they will quickly leave for another opportunity.
Ask yourself these questions: What is their on-boarding plan and does it have clear objectives? How do they fit into your organization? Do they have a growth plan? Can you provide all the equipment that they need to be successful? What's your budget to fill gaps in their toolchain and processes so that you can get the ROI you desire from their position?
Unless you are mindful, your analyst's day-to-day job that can quickly devolve into a slog once they are on-board. For instance, if you have invested in a SIEM (despite the challenges with SIEM discussed elsewhere), how soon before your analyst gets buried in alerts spawned by false positives that require investigation to rule out, or escalate? The vast number of alerts generated by a SIEM (especially one that hasn't been tuned optimally) requires a tremendous amount of work to manually triage.
Beyond this alert fatigue, though, burnout is a genuine concern. A single analyst can easily get stretched thin. Do you expect them to monitor your business 24-7-365? How quickly do they have to respond to a critical incident? Do they have any backup support in the event of a major attack? Can they take a vacation? Can they get sick? Answering these quality-of-life questions will help you retain your analyst, but may come at the cost of a second or third recruit.
Without a CISO or Security Director to set the stage at a policy level, an individual security analyst can be somewhat adrift within your company, without clear mandate or agenda within your organization. Perhaps an IT leader can fill this void, but I've learned through my career that they often lack the specific security knowledge to guide (and grow) analysts.
To retain your security analyst, you'll need to invest in training, conferences, certifications, and new technologies. In doing so, you essentially proceed down the complex, lengthy, and expensive path of building your own SOC, which you tried to avoid in the first place.
If your analyst ultimately decides to leave, you'll feel their departure in some major material ways. You'll experience the tangible costs to backfill and train the new hire. Worst, your employee may leave with undocumented knowledge of your systems or projects. Worst yet, if they were burnt out, they may leave a poor review of your company on a job board. Any negative publicity will impact your ability to hire a top talent backfill.
What Can You Do to Try to Keep Them?
Losing a critical employee can significantly hurt your business. There are things you can do, however, to create an environment that motivates, rewards, and ultimately retains your security analyst.
First, be honest. When you hire them, clearly articulate your expectations. Let them sign up for the job you need them to perform.
Second, provide support. If they are working, so are you. Make resources (like non-cyber members of your IT team) available to help them in a pinch. Everyone wants to feel like their leader has their back.
Next, foster open communications. Plug them into your helpdesk so that they have visibility into issues that end-users are reporting. Helpdesk can act as a filter, relaying only the actual security-related issues to your analyst. A word of caution: your helpdesk team may not know when an issue is actually an indicator of compromise. Consider cross-training to address this gap.
Then, working with IT leadership, have your security analyst develop an incident response plan. Keep in mind that a single analyst will be woefully insufficient to tackle a full-blown incident by themselves. Other business units should support this undertaking, and so you should involve operations (see our post on how they can help during a breach), customer support, PR, and others. Build playbooks and then test them through Game Day exercises in advance. For more on this, check out our Elite SMB Incident Response guide.
And finally, invest in your analyst. No one wants to feel stagnant in their role, and by helping your security analyst grow you develop a better performing and more loyal employee. Yes, you risk them leaving for somewhere else as they become more equipped, but remember what Richard Branson said: "Train people well enough so they can leave, treat them well enough so they don't want to."
How ActZero Can Help
Hiring an in-house security analyst can create a powerful asset for your business. However, if you've decided that this goal isn't achievable for your organization without massive spending on the right resources (check out our business case for more on what it actually costs to build an effective 24/7 SOC) then consider ActZero's managed detection and response (MDR) service to gain access to our exceptional people and innovative technology, for an all-inclusive low monthly fee. We strive to hire, develop, and retain the best so that you can focus on what you do best: grow your business.
Contact ActZero today to find out how you can secure your business at a price friendly to the small-to medium-sized enterprise.
From September 12-15, 2022, PowerToFly hosted a four-day virtual event, featuring a three day summit and single day virtual job fair.
To kick off the event, attendees had the opportunity to partake in a one-hour guided networking session followed by three full days of fireside chats and panels where they were able to listen and ask questions to experts and thought leaders across multiple industries.
Featured Summit Topics Included:
- The Art & Science of How to Clarify Your Best Fit Career Path
- Going Back to the Drawing Board: How to Navigate Major Career Shifts
- Pulling Back the Curtain: Understanding What’s Happening Behind the Scenes In the Hiring Process
- 4 Ways to Get Your Foot in the Door to a New Career
- Nailing the Basics: How to Grow with Intention and Purpose
- How to Break Into a New Industry Without Starting Over
Companies We Hosted At The Job Fair:
- Bank of America | Hiring for: Senior Financial Analysts, Business Bankers, Senior Technology Managers, and more!
- ScienceLogic | Hiring for: Technical Support Engineers, Chief Marketing Officers, Product Managers, Executive Assistants, and more!
- PowerToFly | Hiring for: Global DEIB Strategist & Trainers, Account Executives, Support Specialists, Events Specialists, and more!
Thank you for joining 4 Ways to Get Your Foot in the Door to a New Career with Flatiron School Career Coach Betsy Kent! In case we weren’t able to get to your question in the Q&A, or if you thought of additional questions after we wrapped, here are two ways you can contact the Flatiron School Admissions team directly:
- Schedule a casual 10-minute chat with a Flatiron School Admissions rep
- Email us at email@example.com
Attending information sessions, panels, and workshops is the best way to get a sneak peek into what studying at Flatiron School is like — so don't miss what else is coming up! You can find a list of our events HERE.
Starting out as a viral trend on TikTok, the phrase “quiet quitting” has since taken over headlines everywhere from NPR to the Harvard Business Review. But what, exactly, is quiet quitting — and why are so many business leaders getting this so-called “crisis” wrong??
What is quiet quitting?
Per Psychology Today, “quiet quitting” isn’t actually quitting in the two-week notice sense of the word. It’s when employees keep doing their job, but only do the work that’s in their job description or covered by their explicit responsibilities. No going above and beyond. No late hours. No taking on extra projects that don’t come with extra remuneration.
Gallup similarly defines the trend as employees who are “not engaged” at work — people who “do the minimum required and are psychologically detached from their job.” Per their research, that’s a full 50% of the American workforce.
Why quiet quitting isn’t actually a crisis
As a burgeoning attitude toward work, quiet quitting makes perfect sense. With the challenges and stresses of the last few years impacting all workers — but especially working parents, people of color, women, and other marginalized groups — employees are looking for ways to set boundaries, disengage from work, and find working rhythms that work for them and their lives.
And that’s something companies should be supporting. Employers’ responsibility, after all, isn’t to slap a Band-Aid on the problems that are driving quiet quitting in order to get productivity metrics up. It’s to create the conditions for employees to succeed, with work that can be accomplished within reasonable working hours, and to incentivize and tangibly reward any engagement that goes beyond quiet-quitting levels.
It’s time we got this clear. Quiet quitting was never the crisis. Expecting employees to go above and beyond at work in order to maybe stand a shot at a pay raise and promotion next year was.
If you want to ensure your company culture is creating opportunities for folks to feel truly engaged, we’ve rounded up the steps to take below.
8 things your company needs to do to stop facilitating quiet quitting
Quiet quitting doesn’t mean that employees don’t want to work. It means that everyone — employees and employers alike — are recognizing, more than ever, that the workplace can and should be evolving to meet the needs of everyone involved in making work happen. Here are some ways that companies can ensure they are doing that, sourced from McKinsey research on burnout and engagement:
1. Hold your leadership accountable.
Culture is set by the people on the ground, and you need to know that your managers and leaders are creating a culture that’s supportive of mental health. This looks like incorporating mental health questions into regular employee satisfaction surveys, so you have data to track, and including the management of employee well-being as part of how leaders are evaluated and compensated. It also means getting rid of toxic leaders.
2. Destigmatize mental health and boundaries.
Most employers know that stigma exists at work, despite best intentions to fight it. But when employees are afraid to ask for help with mental health needs or to request accommodations so they can do their best work, everyone suffers. Companies can work to destigmatize the issue by highlighting senior leaders’ own experiences with mental health. Vulnerability can help promote psychological safety, as can rewarding employees for setting boundaries and using mental health and wellness benefits.
3. Evolve the kind of benefits you offer.
45% of people who have recently left their jobs said that their care responsibilities were a big part of their decision. Do the benefits your company offers reflect that reality? For instance — if employees must be on-site, can you offer on-site childcare? If not, do you offer a childcare stipend? Do you know what issues they are most struggling with, and are you responding?
4. Promote sustainable working hours.
Do your employees need to be at work — whether online or at the office — from 9 a.m. to 5 p.m.? Or can they set those hours to fit their own schedules? Do you have flexible work policies that are available to everyone, no matter their level of seniority? Hybrid work can facilitate unfair treatment when policies aren’t clear and universally applicable.
5. Provide opportunities for employees to build social ties.
Another reason employees are disengaged at the office? Lack of social support. It can be hard to make connections over video calls and chat, especially for new employees or those who haven’t worked remotely before. Investing in team building can help give employees access to social connections that make their work more meaningful over time.
6. Enable right-size workloads.
As employment has ebbed and flowed over the pandemic, and especially now during the Great Resignation, many companies are finding themselves short-staffed. But piling more work on the people who have stayed isn’t a sustainable solution — it just speeds up their own burnout. Creating
7. Facilitate upskilling and reskilling at work.
Per the McKinsey study linked above, employers who offer reskilling and upskilling opportunities end up with more engaged employees. It pays off for everyone involved: giving employees the chance to laterally move into a different job in order to learn a new set of skills can predict employee retention 250% more than compensation can, for instance.
8. Strengthen your commitment to DEIB.
Employees don’t want to work somewhere they don’t feel like they belong. McKinsey calls out five key action areas when it comes to making a DEIB commitment real: ensuring representation, holding leadership accountable, increasing transparency (like with analytics on promotions and pay), tackling issues with a zero-tolerance policy, and embracing intersectionality.
Check out PowerToFly's DEIB solutions for employers.
If you ask for advice about how to get a job at Google, taking an improv class is probably not something you’d expect to hear.
Yet, Monica Silva Gutierrez, Senior Program Manager at Google, found that improv not only helped transform her into the effective leader she is today but also empowered her to ditch the mentality of what she calls, “second class citizen” syndrome.
“Taking feedback is not easy for a person of color. When I used to get constructive feedback at work, this ‘second class citizen’ syndrome would creep into my mind, telling me I’m not good enough and I’m never going to get a seat at the table,” she shares.
For Monica, the principles of improv helped her to take feedback and run with it, rather than taking it personally.
“Improvisation really helped me learn how to integrate professional feedback and innovate on it, which is very much a part of the culture at Google,” she says.
We sat down with Monica to find out more about how her varied experiences influenced her career trajectory and her journey toward embracing her heritage in her professional life, and the advice she has for other Latinas to find their footing in the tech world.
From Texas Border Town to Change Management Powerhouse
Monica grew up in a border town in Texas and felt the pressure early on to assimilate to American culture for the sake of her success. She had taken the last name of her non-Latinx stepfather, and she has a white-passing appearance, which made assimilating easier.
“I was never really in touch with my ‘latinidad' as we call it because I was always trying to fit in. I have white-presenting features, so I could pretend,” she reflects.
She went on to study political science at St. Mary’s University, a Hispanic-serving school. Being around thousands of young adults just like her opened the door to her Latina identity a little wider.
“I'm glad I went there and had that experience, to be surrounded by people who looked like me and came from similar places,” she says.
After graduation, Monica’s career took her through some pretty interesting — and diverse — experiences. She worked as a Political Assistant on the Clinton/Gore Presidential Campaign, at the White House in the Department of Energy, as Director of Events at a meditation ashram (where she learned about improv), and as an executive in the nonprofit sector for democracy and social justice reform organizations.
The common thread throughout these experiences has been Monica’s aptitude for taking a practical approach to managing change.
“Throughout my career, I’ve built teams, grown them to scale, and helped them pivot and change,” she explains.
The Value of Sponsorship
While working in the nonprofit sector, Monica struck up a friendship with a tech founder through her meditation community. This person became an invaluable sponsor who opened doors for her to work at the intersection of nonprofit and tech.
“He took an interest in me and my career, and had access to opportunity, which I didn't have,” she says.
When her sponsor was working as a VP at Google, he tapped her for a Chief of Staff position. Google was focused on building an inclusive culture where everyone belongs, and he was certain that Monica was the best person to navigate these changes. She wasn’t so sure.
She remembers thinking: “I'm not a typical hire. I don't have a CS background. Also, I'm more of a generalist, and Google tends to hire people who are specialists and experts.”
However, after studying up on Google culture and preparing for her interviews with the help of a recruiter and career coach, she got the job. She then spent years successfully guiding the company through a major pivot, utilizing and building on her existing skills to help organizations transform from the inside out.
Hard Conversations, Reclaiming Identity
Monica is proud to work at a place that isn’t afraid to have hard conversations and to act on the conclusions of those conversations.
“Google is on the right side of some really tough values conversations that corporate America is going through. It's curious, and it wants to find ways to solve problems with compassion. Compassion is in Google’s DNA,” she shares.
Having these hard conversations with compassion provided the space for Monica to explore her identity more. Finally, the door to her latinidad was fully opened and she now feels that she has reclaimed her Latina identity.
“There were two versions of me: one at work and one at home,” she remembers. “But Google is a place where I could explore myself more, and I've been given permission to be me. Because Google is willing to have those tough conversations, I was inspired to publicly ‘come out’ as Latina.”
Part of that coming out was changing her married name to a combination of her mother’s and grandmother’s maiden names to honor the Latina matriarchs of her family.
She has also prioritized building community as the co-founder of the employee resource group (ERG) Latinas@Google, as well as uplifting Latina talent whenever she can — she learned through experience the impact a sponsor can have, and it’s a lesson she’s never forgotten.
“Someone else took a chance on me, and I want to do the same for others. I see so much potential and heart in the Latinx community and I want to shine as much light on that as I can,” she says.
3 Tips for Latinas in a Shifting Tech World
Monica thinks that the tech landscape for Latinas still isn't ideal but she's optimistic. On the one hand, excellent talent can go overlooked; on the other hand, the needle is moving toward more equity and inclusion.
“I think there have been many improvements around hiring and retention, as well as Latina talent filling more visible roles. I think leaders are listening and want to know how they can help,” she says.
For Latinas who want to find their footing in the tech landscape during this time of transition, here is Monica’s advice:
- Even if you don’t tick every box, put your hat in the ring. Sometimes you’ll be right for the job, even if you don’t meet every single requirement, so apply anyway. Monica recalls that a junior engineer she sponsored didn’t think she had what it took, but when she applied, she was promoted. “Now her team has grown three times. She's in a new org, under new leadership who recognizes her, her ability, and her impact,” she emphasized.
- Find a community, and collectively articulate your needs to leadership. Monica points out that leadership is listening, and now is the time to clarify needs through ERGs or other collectives. “We have to get really crystal clear about precisely what it is that we want and need,” she explains.
- Don’t be afraid to bring your cultural values into the workplace. Monica says that one value in her culture is taking care of others and that this has given many employees comfort and peace of mind during corporate restructuring. “I'm usually the one in the room that advocates for making sure that people are well taken care of, fully informed, and supported through change. I think that has a lot to do with my culture,” says Monica.
If you’re looking to be on the right side of important corporate tech conversations, Google is hiring!
While many sports-related careers tend to start with an interest in that sport, Eunice Lim admits that she doesn’t know much about basketball.
“Can I tell you about the rules of basketball? No,” she says while laughing. “But I do find it entertaining, and I love the culture.”
So how did Eunice end up with her dream career as International & Youth Expansion Lead at the NBA? Surprisingly enough, it started with an experience studying abroad.
While majoring in communications, Eunice took the opportunity to live and study in South Korea during her junior year of college.
“That was one of the best times of my life,” she shares. “It ignited my passion to continue exploring the world. And when I first started job hunting, I wanted traveling to be a part of my job.”
We met with Eunice to learn how she landed her dream job at the NBA, what it’s like to work behind the scenes of basketball, and her tips for finding your ideal career.
After Eunice finished her degree, she started exploring the job market and was open to any opportunities that would come her way. When a friend working at the NBA encouraged her to apply for an opening on his team, she didn’t hesitate.
Starting in a temporary role as Talent Acquisition Coordinator in the HR department, Eunice consistently self-advocated for, first, a permanent position, and then, for a position in the international sphere.
“When I was in HR, I took the risk of being transparent about my future aspirations and my interest in working international events,” she shares. “When something in the international space came up, they thought of me because they knew that’s what I enjoyed.”
Not only was Eunice clear from the start about what she wanted, but she also actively sought opportunities that aligned with her desires.
“I try to put myself in places and get myself the opportunities within the NBA to take on new assignments and roles in the international context. And because I had international experience under my belt, that's what ultimately led me to the role I have now.”
Since then, she has had nothing but positive things to say about all of the opportunities working for the NBA has given her.
She highlights, “Internally, there are lots of opportunities to move around, try different roles, switch departments, and take on different assignments that I never would've imagined for myself. I’ve had the opportunity to travel and attend major events, meet people that I've only ever seen on TV, and work with all different people of all titles and departments from across the company. I've been given the trust and empowerment to explore what the NBA has to offer me and take advantage of all of our resources.”
Working Within the NBA
The NBA, an organization mostly known for putting on sporting events and showcasing great athletes, is making an impact beyond the entertainment side of basketball.
This is evident through Eunice's current role, as International & Youth Expansion lead, where she focuses on referee growth and expansion on an international level.
“A goal of the Referee Operations Department is to branch out and expand internationally,” she explains. “I’m the point person for that growth and expansion. My role is working with International Basketball Operations and our Jr. NBA programs to set up camps and clinics for international referees and aspiring referees all across the world.”
Eunice also focuses on discovering talent outside of the United States.
“We know that officiating talent isn't limited to the states,” she points out. “We know that it's out there, we just have to tap into it and find the talent by running different types of training, in hopes that new talent could be an NBA, WNBA, G league, or BAL official one day.”
Apart from doing amazing work internationally, Eunice appreciates the overall work environment within the NBA.
“I'm so grateful every single day to be at this company, and that's because the people that I've met here are inspiring and they have been my biggest supporters,” she shares. “I love that everyone on my team genuinely loves what they're doing and believes in the work that we do. They're all self-motivated because the work that we do is coming from a place of personal conviction.”
Unlike the basketball stars seen at many NBA events, Eunice and her team don’t receive any publicity but are superstars in a different way.
“We have a deep passion for developing referees, offering and spreading the word to the youth that this could be a career path,” Eunice says.
Advice for Landing Your Dream Job
Eunice is in her fourth year with the NBA and feels she could do her job for the rest of her life. Here is her advice on building a career you love.
- Genuinely connect with people. “Network to build relationships with others, not just to ask for a job,” Eunice advises. “The reason I got into this role was that I had a conversation with my now manager about his experience working in Referee Operations and how that's shaped his personal career goals.” Eunice connected with colleagues and managers through curiosity and a desire to learn. And when opportunities arose, Eunice was recommended by the people she connected to.
- Show up as your most authentic self. “When people don't know who you really are you can start being led down a path or direction that you weren't intending for yourself,” Eunice explains. I was able to navigate my way into this current position because other people recognized my skills and potential better than I did. They knew which role would be a good fit for me.”
- Be confident in who you are. “It's better to show up as your authentic self than to show up as someone you are not,” Eunice shares. She illuminated this point by mentioning that just being yourself can get you to places you never even dreamed you could be in.
Whether or not you’re an avid basketball fan, you could find your dream positions in the NBA. Check out their job openings here.