Talent Acquisition Faces a Priority Shift

Which is more important in security job candidates today: security expertise or business acumen? The balance is shifting—62 percent of CSOs surveyed by SI Placement and The Clarity Factory said that business or organizational skills are more important than security subject matter expertise, signaling a shift to more holistic risk management in the security function.

“Multinational corporations increasingly manage risks that are interconnected and span functions, and are dealing with multiple risks concurrently,” according to an insight paper from SI Placement and The Clarity Factory. “Silos can result in missed opportunities, obscured risks, and blind spots.

“Corporate security professionals are increasingly called upon to work collaboratively and flexibly across the function. Almost all (93 percent) survey respondents said they are expected to work fluidly across different areas of responsibility,” the paper continued.

This cross-functional risk management expectation requires security leaders to prioritize different skill sets, including broad risk management capabilities, stakeholder management, and communication and influencing skills.

It might help to have a background in a different business function than security. Nearly 50 percent of survey respondents under the age of 44 worked in a different function, compared to 36 percent of those older than 55 and current CSOs. One CSO noted that, “It brings different ways of thinking, better capability of dealing with gray areas, and understanding of the business.”

There are gray areas in abundance today, especially given market and geopolitical uncertainty. In such a volatile space, critical thinking and problem-solving skills were ranked by CSOs as the most important skills for team members. Three-quarters of CSOs ranked those skills as their top priority when hiring.

Adaptability around technology was also vital. Digital skills were ranked as the second most important factor for corporate security talent needs, and 29 percent said “finding candidates with relevant technology, data, or cybersecurity experience” was one of their top recruitment challenges. CSOs are increasingly recruiting for those skills; almost half of those surveyed said they have team members with specialized technology expertise, such as software engineers or data scientists.

But it’s a challenge to find candidates with the full range of skills that businesses currently need, the insight paper said. To find a broader, more diverse talent base that can meet security’s changing needs, SI Placement and The Clarity Factory recommended eight changes:

Prioritize the skills that matter most. Rank the skills you need based on what’s essential versus desirable. Critical thinking, broad risk management capabilities, and stakeholder engagement will likely to top the list.

Seek a diverse range of perspectives and backgrounds. Think about what skills and perspectives you currently have. Seek to complement or contrast those with different candidates that can give you a stronger bench of knowledge, competencies, and viewpoints.

Rethink your job descriptions. Do your current job descriptions reflect past needs or future needs? Make sure descriptions are future-facing, realistic (not mashing together numerous roles and responsibilities), and focused on skills and competencies. Use gender-neutral language, avoid vagueness or generic descriptions, and skip jargon that could limit candidates to those with security or government experience.

Diversify recruitment channels. If you’re only using internal talent acquisition teams, your own professional network, or LinkedIn, you might wonder why all your candidates tend to bring the same skills to the table. Look for alternative pathways to connect with talent.

Adopt a proactive strategy to achieve diversity. Sixty-five percent of CSOs surveyed said their top recruitment challenge is finding diverse candidates. Reaching this talent pool requires a concerted strategy—not just luck.

Rethink job titles. Ensure that job titles reflect the responsibilities of the role and wouldn’t turn off diverse candidates or those who don’t meet every requirement.

Revise résumé review and interview processes. Incorporate HR best practices into your hiring processes, including removing names from résumés to ensure neutrality, train team members on how to consistently conduct professional interviews, teach interviewers about implicit bias, and use interview panels—including those outside security—to ensure candidates are tested on business skills, not just security competencies.

Be mindful of generational change. One in five CSOs said that generational change at work is one of the key factors influencing their short-term talent needs. This necessitates efforts to make security feel like an attractive career option for young professionals.