We can agree that there are human errors when posting “Entry Level” Cybersecurity positions that require much more experience than a true entry-level position requires. However, this accidental posting is not far off from the mentality that is common with companies, hiring managers, recruiters, etc. 

  • They want to fill entry-level positions but require 3-5 years of experience.
  • They look at college graduates as knowledgeable but inexperienced. 
  • Self-study individuals can obtain certifications and have knowledge as well. But they too fall short on interview questions about actual investigation skills. 
  • The right Cybersecurity training program can be a huge benefit here but companies don’t always look at these individuals as having “real” experience.

This is the chicken or the egg, catch-22 situation. You have to have the experience to get the job, but you need the job to get the experience.

Let’s face it: If you have 3-5 years of experience, you are not looking for an entry-level position. You are looking for tier 2 roles. Actually, across the board, I have heard from those in charge that their tier 1 analysts are leaving to go to other companies for tier 2 roles at an increased pace. This is because SOC organizations are growing. I get it though; You want to replace those people with someone of equivalent skills. That is unrealistic because someone with that skillset just left for a tier 2 role! 

I do understand the more experience a new analyst has, less training has to be done to have the SOC Analyst be a productive and effective member of the security team. This also equals more work for existing analysts and SOC managers at the hiring. But this leads to easier workloads soon and a more secure environment when you don’t have to handle more than you should because of a shortage of manpower.

But, I challenge this mentality of disregarding new analysts as valuable! Look at the opportunity you have to bring on someone who can begin to take a load off of your more experienced analysts. This allows them to focus more on the items at the top of the pain pyramid as they should. I believe that if SOC organizations change their minds now, then it will make things better down the road. 

Go with me on this…..

There has to be a change in the hiring mentality of companies in my opinion. This needs to happen NOW!!  I'm not saying to fill positions with people with zero experience or knowledge. But, if you have someone that goes through a program like ours at CyberNow Labs that has the right mindset, drive, attitude, and skills from Sec+ knowledge and hands-on experience investigating security events in tools that are used in SOCs every day, why not give those individuals a chance to be a part of your team? 

  • Yes, you can fill entry-level positions with less experienced people. Yes, it will take some shadowing and training. But look at the long-term benefits.
  • Yes, you might have to be uncomfortable for a short time until they get up to speed. But, you get to train them how you want them to work in your environment. Also, what is the alternative? Other companies snatch them up and you are left doing the work of the missing staff. 
  • Reduction of burnout in more experienced analysts.
  • These new analysts are likely to have zero to little bad habits. 

Think about it!! If you continue to pass over individuals with 6 months to a year of experience for these entry-level positions, you are setting yourself up for a more frustrating (and unsafe) future. Given the hundreds of thousands of cyber jobs that remain unfilled, I don’t think the status quo is a viable option. Start loosening up those requirements and build your SOC teams from the ground up with candidates like ours! 

Zero-trust does not mean “Don’t trust hiring people with a smaller amount of real-SOC experience”. Be the Change!!! Change your process now so that you don't burn out later. Just another opinion in this debate. 

- Richard Chapman, CyberNow Labs Program Director, and SOC Manager