Recruiting Healthcare Cybersecurity Staff Takes Creativity

By Justin Armstrong
Chair, EHRA Privacy & Security Workgroup

Cybersecurity help wanted(2)It’s not news that, from the front line security analyst to the CISO level, there’s a shortage of skilled healthcare cybersecurity staff.  

Thankfully, interest in cybersecurity has never been greater! There is a career in cybersecurity to fit every personality, temperament, and level of technical acumen. Some positions require intense focus and deep technical knowledge, while others require interpersonal skills.

How can you find talent in such a tight market? There are several good avenues.

Hiring from within your organization

Have you looked at your current staff? 

A week doesn’t go by without someone asking me, “are there openings in your group? I would love to do cybersecurity.” Each person has a niche they can fill. Some have great project management skills, which are very necessary to achieve a certification such as HITRUST or ISO 27001. Others are developers who understand best practices for coding secure applications, even digging deeply into cryptography and other difficult technical areas. Some staff are more oriented towards customer service and PC help desk type work. Each can fill a vital role in an organization’s cybersecurity strategy.

A week doesn’t go by without someone asking me, “are there openings in your group? I would love to do cybersecurity.”

Hiring from local cybersecurity education programs

Finding the right fit from someone off the street can be difficult unless you have the resources for targeted advertising and careful vetting. 

However, there are an increasing number of cybersecurity programs and certificates being offered at colleges and universities. Learn about programs being offered in your area, then reach out to the academic world to find out how you can get involved. Perhaps you can offer a co-op job or internship?

You can certainly attend local cybersecurity events and make contact with students who will soon be in the job market. Find out what their interests are and what they look for in a job. Then, tailor your job openings to be attractive to those just starting out in their cybersecurity career. Offer perks such as reimbursement for classes, certificates, conferences, and other learning opportunities. Offer to help them attain a key certification, such as CISSP, CEH, HCISPP, or one of the myriad of hands-on GIAC certifications.

Tailor your job openings to be attractive to those just starting out in their cybersecurity career.

Another good avenue to meet potential candidates is local cybersecurity events; in my experience ISSA (Information Systems Security Association), (ISC)2, and InfraGard have excellent local events. At every ISSA chapter meeting I’ve attended they ask, “is anyone looking to fill a position?” and, “is anyone looking for work?” More than one match has come out of this! 

Now more than ever, what is needed is not a silver bullet technology, but skilled cybersecurity staff. It will require effort, but enjoy the journey! Cybersecurity is a fun and interesting world, and your efforts to find great staff will be rewarded.

Leave a comment

Share your thoughts on this topic!

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

  • Categories

  • Follow EHRA on Twitter

  • Enter your email address to follow this blog and receive notifications of new posts by email.

    Join 161 other followers

  • Contact Us

    Elinore Boeke
    Communications and Media
    elinore @ kecommunications.net
%d bloggers like this: