Cybersecurity hiring: Every business is different. In some cases, very different. | Burning Glass Technologies

Every business needs cybersecurity talent these days, but hiring professionals and chief human resource officers need to understand cybersecurity hiring isn’t a one-size-fits-all situation: different companies have different needs.

In other words, while the cybersecurity skills gap is affecting many businesses, this gap varies significantly by industry and by company. Failing to keep that in mind can make hiring the right people much more expensive and time-consuming—if you find them at all.

As we look at the general demand for cybersecurity skills, we see information security, not surprisingly, tops the list. This is followed by information systems, network security and Linux. Rounding off the top five is skills in cryptography.

However, as we look at specific industries – insurance and banking, for example – we see that the most-needed skills vary widely, even when the job title is the same

Consider, for example, cybersecurity engineers. Burning Glass Technologies examined the skills requested in job postings for that position at a major insurance company and a national bank. Even though the job title is the same, what each company expects from its cybersecurity engineers has notable differences. The top skill in demand for cybersecurity engineers at both organizations – and, yes, across the board – is for information security. But from there the two companies take very different paths in describing the skills they expect.

While the general job market identifies information systems skills as the second-most in demand, the second-most sought skill at the insurer is ITIL. Known as Information Technology Infrastructure, ITIL is a process that enables companies to set up IT services to best support the needs of the business. The insurer’s third and fourth most-requested skills are information systems and project management. Coming in fifth is risk management.

By contrast, the second-most sought after skill at the bank is for technical support, followed by asset protection. Mainframe skills come in at number four, and customer service is number five.

Of the top 12 skills used in cybersecurity job postings the companies only had two in common: project management and information security skills.

Clearly these are companies in two different industries, with different strategic goals. Both make cybersecurity hiring a priority—after all, both are seeking cybersecurity engineers. But within that role, the insurer wants cybersecurity engineers with experience in a specific process, while the bank expects cybersecurity staff to be skilled in providing service to employees and customers.

Clearly then, one size doesn’t fit all in cybersecurity hiring. One size doesn’t even fit two large companies, one in health insurance and the other in financial services. That means hiring managers need to vet job requirements carefully with your technical managers before releasing them into the wilds of the job market. And as you build hiring plans, consider how to create the specific talent pipeline for your needs.

To automatically receive notifications of future blogs, research, and labor market content, sign up at