Interview: Simon Wright, CareersinCyberSecurity

Written by

The purpose of this Next Gen section is to give a spotlight to those people trying to get a start in a career in cybersecurity. One company enabling that is CareersinCyberSecurity, which providing access to a range of valuable resources for job seekers and recruiters. Their operations director Simon Wright talked further to Infosecurity.


Part of the CareersinAudit Group, Wright explained that it offers a very different service to other recruitment agencies as he said it provides the tools for companies and employers to excel at their own direct hiring rather than doing the hiring for them. 

“For candidates and professionals within the industry, we offer exclusive careers advice from some of the industry’s top advisors and commentators, and a completely free service to help them find their perfect job in cybersecurity,” he said. “Professionals register for an account, upload their CVs and they employers will get in touch when suitable positions arise.”


What are the next generation of professionals looking for?
Due to the continuously evolving nature of cyber-threats, it is essential for professionals within the field of cybersecurity, security architecture and cybercrime to evolve their skills accordingly, and the new generation of professionals typically look for positions that allow them to keep up with these threats and continuously hone their skills and expertise on the job.

With cybersecurity roles now the most in-demand positions in the UK and the US, professionals can be, and certainly are being picky about the companies they join and what they demand from their employers and roles. On the job training and constant development are not only key for the cyber-professionals to remain effective in their roles but are requirements of the industry as a whole.

Many options exist for current professionals to hone their skills, including gaining the most current certificates from technical training companies, additional degrees through university study, or stand-alone hands-on courses to develop specific skills, such as those offered by Cisco and Microsoft.

What are recruiters looking for?
Recruiters are not just looking for the technical skills, but also full rounded candidates with other softer skills, such as team collaboration, research and writing skills. Candidates must also have a passion for learning as the job is changing and evolving so quickly within the industry. The ability to communicate effectively is also just as important as the plethora of hard technical skills as cybersecurity professionals are increasingly required to clearly discuss and communicate threats and solutions with various stakeholders within their companies.

With the huge current skills deficit across the industry, recruiters and HR professionals may be forced to cast a wider net when looking for new cybersecurity recruits. One concept to reduce the deficit is the cross-training of individuals from other areas of business: many cybersecurity problems often have little technical component, meaning that professionals with some experience in areas such as communication, recovery planning and incident response could well be suited to a career in cybersecurity.

The character and skills transferability of professionals in similar fields could determine their place in the cybersecurity industry, whether it be dealing with people, understanding technology, being good at problem solving or having a knack for effective management. All these skills have a role within cybersecurity, with human and social behavior bringing key elements in understanding and preventing cyber-attacks.

Where are the applicants commonly coming from, are they second jobbers or out of university, or even out of school?
There is no one way to get into cybersecurity as a career, but we are increasingly finding candidates are studying security or signing up to extra modules in security at university with a view to continuing this path into the workplace. In just the past few years there are many more school, college and university cybersecurity courses available to students and those interested in cybersecurity as a career.

That said, we have also seen an increase in professionals from various other industries re-train in cybersecurity to land that well-paid position in the industry in high demand of candidates – accountants, lawyers, auditors and programmers who have transferable skills are making the move into the industry. The main ingredient is a passion for security and technology understanding, which is something that university courses cannot provide.

What skills do they not have that recruiters commonly ask for?
Common skills required for cybersecurity roles - which are not always listed on candidates’ CVs - are incident handling and response, audit and compliance, firewall/IDS/IPS skills, intrusion detection, analytics and intelligence, SIEM management, access/identity management, application security development, advanced malware prevention, and cloud computing/virtualization, among others.

As previously mentioned, candidates looking to stand out from their competition at interviews need to demonstrate that they also have good communication skills and other soft skills required within business. It’s not just the technical skills that recruiters are looking for in 2017 so professionals looking for that next move should show that they are full-rounded business people.


Simon Wright is a highly experienced recruitment marketing professional and job board operations director who has managed the CareersinAudit Group for over 10 years.

As a life-long marketer and online advertising specialist, Simon has created well-known global online recruitment brands and has won many awards for his work, including Best Job Board at the prestigious Recruiter Awards, for which CareersinAudit.com is the current holder. Over the past 10 years Simon has built a loyal candidate base of over 200,000 professionals across the world and is a regular commentator for the online recruitment industry.


What’s hot on Infosecurity Magazine?