Security Hiring, But Young People Aren't Interested?

the_Grinchthe_Grinch Member Posts: 4,165 ■■■■■■■■■■
Ran across this article and thought what a load of crap. I tend to believe that the issue comes down to most jobs wanting a ton of experience and the cleanest of backgrounds. I know when I finished school I applied for a number of security positions all over and hadn't even received a call for an interview. Also, I've seen people not cleared due to either massive student loans or foolish things (Facebook or downloading related things). I tend to believe there is a motive behind this article...

The Cybersecurity Industry Is Hiring, But Young People Aren't Interested | Motherboard
WIP:
PHP
Kotlin
Intro to Discrete Math
Programming Languages
Work stuff

Comments

  • Master Of PuppetsMaster Of Puppets Member Posts: 1,210
    I find the information provided in this article hard to believe. First of all, the interest in cyber security has been ridiculous in the past couple of years and even more so now. From my experience, people of all ages with different jobs want to get into security. So much so that it has gotten a little irritating having to explain some things to some people.

    Also, I think you are spot on about the jobs - employers want already developed security pros with experience and certifications. Considering the lack of sec pros at the moment on a global scale, finding the ideal infosec people is a challenge. The requirements often gravitate to unrealistic scenarios. This may be a problem for IT as a whole but I see it even more being an issue with security. If employers take the time to develop quality personnel, it will be a lot better.
    Yes, I am a criminal. My crime is that of curiosity. My crime is that of judging people by what they say and think, not what they look like. My crime is that of outsmarting you, something that you will never forgive me for.
  • 403Forbidden403Forbidden Member Posts: 88 ■■□□□□□□□□
    I have some experience in this, I applied for a basic entry level bench tech job a few months ago.
    I won't name the company but it is a small shop.
    I get to the interview and they asked me about my credit history (30k student loan that at the time was in forbearance due to not having a job to pay it...) I told them of the situation how I would be able to start paying it off when I had a job to make payments. I provided a logical argument regarding the series of events leading up to my current situation and how I was pushing forward to better my future.
    The interviewer didn't care.
    "I'm sorry, but someone that has such a huge debt (30k Non-Interest bearing student loan....) is too big of a risk. Your experience isn't even that great either, you've never had a job in IT before?"
    The position requirements said "0-2 years experience. A+ required."
    I had about 3 months volunteering in the local area for businesses and obtained my A+ a month before that.

    I left that interview feeling like I was the lowest piece of dirt scrub out there, like even after doing what I did that it meant nothing.
    A few minutes after I got home I received a call from a competing company and they asked if I could come in for an interview in 10 minutes.
    I did my best to sound excited and enthusiastic even though my mood was horrible.
    The interviewer said he saw me leaving their competitor and asked what I thought of them. I was entirely honest and said some not so nice things in a rather blunt manner.
    He looked shocked and then laughed, "I like you, you can start tomorrow. It's already closing time so did you want to go grab a drink with the rest of the guys?"

    Best. Day. Ever.

    Respect yourself and others, take pride in your appearance and your work, maintain a positive attitude and be tenacious. Don't give up, and NEVER surrender.
  • Danielm7Danielm7 Member Posts: 2,310 ■■■■■■■■□□
    That study seems silly. 45% of young people wanted to be a movie star or entertainer? And they're concerned that only 24% were interested in cyber security as a career? I mean you offered them movie star as an option instead? If would be a very strange world if 24% of all jobs being offered were in InfoSec.

    And yes, about the jobs, all the ones I've seen require min of 5 years experience, BS, certs (usually CISSP) and lots of security specific knowledge. Maybe it's just the specialization but I don't think "entry level security" jobs are even out there.
  • Danielm7Danielm7 Member Posts: 2,310 ■■■■■■■■□□
    403, nice score, sounds like you got the better half of that deal by far. As for having student loan debt, would they also not let in anyone who has mortgage, a car payment, etc? I mean I understand it was in forbearance but that doesn't mean default, that means "give me a few months so I can pay for it"... which is what someone does when they lost their job and are running lean.
  • tpatt100tpatt100 Member Posts: 2,991 ■■■■■■■■■□
    Security isn't something you can just go to school for. I know when security positions open up around here people I worked with before as well as myself all get called. Reason is not as many people have actual "security" work experience on their resumes.

    Companies need to invest and help grow security people but mostly invest in finding ways to keep them with your company and often it's not just salary that does it. I know where I am at now they spend no money on training and it shows in the security side of the house. Big part of it is employees never leave but they also never grow, so the experience they gained is all they will ever have.
  • cyberguyprcyberguypr Mod Posts: 6,928 Mod
    40% of respondents would want to be a TV or movie entertainer."

    What a joke. Where did they conduct this survey? Acting school? I really doubt that if you grab 100 students 40% will say that they want to be in the entertainment industry. I dismissed the article right then and there.
  • 403Forbidden403Forbidden Member Posts: 88 ■■□□□□□□□□
    The conductors of the survey do not give any specifics on where the pool of 1,000 adults between the ages of 18-23 were taken from. This seems a bit shady to me. Any scientific study conducted that wants to have weight behind it in a peer review gives specifics in where the pool was taken from and what the demographic of the pool was, etc. I read the whole article and it seems like they chose a general population to do this which was probably a large city like LA, SF or NYC or somewhere close to that population and demographic where an overwhelming number of young people have delusions of grandeur in becoming the next big rap/pop artist/actor. There was also no sample of the survey given to the participant pool either which is another red flag.

    This sounds like it was a survey done to be a 'sensationalized' survey instead of an actual verifiable survey of merit.

    I enjoy my work, I use the experience I gain at work along with the money I get from it to pay off my loan, play some games and pay for my pursuit of certs. While I doubt I will ever get into the cyber security field I most certainly do not think I would do well as an 'Entertainer'. I like sitting at my bench, and solving problems. I suppose I might get bored one day, but until then I'm having fun with it and gaining valuable experience interacting with software/hardware/network and customers.
  • cmitchell_00cmitchell_00 Member Posts: 250 ■■■□□□□□□□
    Nice Story 403.... People are interested in security plus it's some jobs ready to hire. I find that with the government many people just don't want someone looking into their lives i.e. family, friends etc... The pay in security is good and solid so the article is off bases I feel coming from my two seconds.
  • JoJoCal19JoJoCal19 Mod Posts: 2,835 Mod
    Agreed with everyone. The requirements that companies are wanting for InfoSec positions are borderline ridiculous. And honestly even when you do meet the requirements of having a BS, CISSP, and 3-5 years of hands on experience in EACH of IDS/IPS, firewalls, audit and compliance, wireshark, etc etc, just for a "information security analyst" position (in my opinion that job title is usually for the lower level InfoSec jobs) they want to pay you as little as possible, often I've seen in the realm $50s. Employers are being unreasonable in a lot of the jobs I've seen and/or applied to as of late.

    I got in contact with a headhunter who was looking for someone for a city government information security specialist position, which I happen to meet pretty much all requirements and even some of the "preferred" items, and the pay scale was something like $55k to $85k+, and honestly with what they were wanting and the position it should have been at least $70k, well the headhunter said they were looking to bring someone in at the bottom of the scale and let them get experience before moving up. I thought yea ok, they want to get someone with all of checkmarks and not pay them anything.

    Now I can say that the issues with that have a good deal to do with the fact I'm looking in Florida, but still, employers are looking for people with way too much for what they are offering. I'm ok with a small pay bump from where I'm at or even a lateral if I can get in with a company that is going to get me the hands on experience in the different areas or technologies in security, but no one seems to want to do train and build up their employees.
    Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, OCI Foundations Associate, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
    Currently Working On: Python, OSCP Prep
    Next Up:​ OSCP
    Studying:​ Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework
  • N2ITN2IT Inactive Imported Users Posts: 7,483 ■■■■■■■■■■
    I don't see it like this either but I don't think it's impossible to score security position in an associate level role (at least in my region). I know several guys that came up from help desk to go straight into associate - security positions. One works for a credit card company and the other 2 work for a huge seeds company. One had a security degree from ITT the other two no degrees. The two without degrees don't have certifications and the one with a security degree has Security + only. Prior to being hired only helpdesk experience. They all had at least 2 years of help desk experience with a decent amount of technical experience and they also had access control experience, building roles and users accounts in Peoplesoft, AD and SAP to name a few systems. No real point to be made here but I've seen people get into security with very little experience. (Just my observation)
  • ptilsenptilsen Member Posts: 2,835 ■■■■■■■■■■
    I'm not sure where all the surprise is coming from. You guys really think teenagers and young adults would be interested in any technical field, even a relatively (ostensibly) sexy one like cybersecurity? Are you that removed from young people?

    When I was in high school, I was one of maybe three people in my class with a deep interest in any area of computing. This is a class of 600 people, and I'm 25 so it's not like it was in the Jurassic era of computing. Everyone owned a Windows or Mac computer and the school had labs of both. It was actually a more exciting time to get into IT, IMO. There was just very little interest. This really shouldn't be surprising to anyone. Most people would rather be rich and famous and pretty or talented than do something brainy or work hard.
    cyberguypr wrote: »
    What a joke. Where did they conduct this survey? Acting school? I really doubt that if you grab 100 students 40% will say that they want to be in the entertainment industry. I dismissed the article right then and there.

    I'm skeptical that only 40% said they'd want to be in entertainment. I would have guessed 75%.
    Working B.S., Computer Science
    Complete: 55/120 credits SPAN 201, LIT 100, ETHS 200, AP Lang, MATH 120, WRIT 231, ICS 140, MATH 215, ECON 202, ECON 201, ICS 141, MATH 210, LING 111, ICS 240
    In progress: CLEP US GOV,
    Next up: MATH 211, ECON 352, ICS 340
  • redzredz Member Posts: 265 ■■■□□□□□□□
    ptilsen wrote: »
    I'm skeptical that only 40% said they'd want to be in entertainment. I would have guessed 75%.

    If you asked me, right now, what I would prefer to do tomorrow, and gave me the following choices:
    1. Cybersecurity
    2. Convenience Store Clerk
    3. Actor
    4. Neurosurgeon

    I'm choosing "Actor". What do I want to do? I want to get paid twice as much to snort coke off prostitutes between scenes...

    EDIT: The coke thing was in jest. Don't do drugs, kids.
  • the_Grinchthe_Grinch Member Posts: 4,165 ■■■■■■■■■■
    I'm 28 and was part of my high school's engineering academy. About 120 people had gone through by the time I graduated and all ended up with a job in technology/engineering/science. I can agree, to a point, that a lot of high school/college student's don't like math or science, but when it comes to IT related majors often it isn't the complicated math.
    WIP:
    PHP
    Kotlin
    Intro to Discrete Math
    Programming Languages
    Work stuff
  • pertpert Member Posts: 250
    Such BS. There is virtually no one looking for fresh college grads with no experience to work in security. It's one of those fields where its almost mandatory to start down a different track and then move sideways into.
  • LarryDaManLarryDaMan Member Posts: 797
    A lot of people wanted to be firemen or astronauts when they were young too. Who cares? Silly article and survey. Do people yearn to be podiatrists or actuaries? Where would those professions rank? The demand gets filled (relatively) and the world keeps spinning.
  • ptilsenptilsen Member Posts: 2,835 ■■■■■■■■■■
    LarryDaMan wrote: »
    A lot of people wanted to be firemen or astronauts when they were young too. Who cares? Silly article and survey. Do people yearn to be podiatrists or actuaries? Where would those professions rank? The demand gets filled (relatively) and the world keeps spinning.

    Precisely. The survey should have somehow been phrased or predicated on actual career options. If 90% (making up a number) of those who pursue entertainment end up working retail or food service instead, asking them if they'd rather do something they can't is kind of pointless. A more interesting survey would be to give them an aptitude test and make them pick between their top ten or twenty options after being given information about working conditions, compensation, unemployment rates, training and education, and predicted future market conditions. Something along those lines might both show and even induce some interest in cybersecurity.
    the_Grinch wrote: »
    I'm 28 and was part of my high school's engineering academy. About 120 people had gone through by the time I graduated and all ended up with a job in technology/engineering/science. I can agree, to a point, that a lot of high school/college student's don't like math or science, but when it comes to IT related majors often it isn't the complicated math.
    In fact, in my experience, more people are interested in science and math fields than IT or computer science. Software just isn't as sexy as chemistry and biology, even (especially?) for smarter kids.

    Sadly, most of the people from my generation I've seen decide to go into IT were just tech-savvy gamers who couldn't find a more lucrative career and finally bit the bullet.
    Working B.S., Computer Science
    Complete: 55/120 credits SPAN 201, LIT 100, ETHS 200, AP Lang, MATH 120, WRIT 231, ICS 140, MATH 215, ECON 202, ECON 201, ICS 141, MATH 210, LING 111, ICS 240
    In progress: CLEP US GOV,
    Next up: MATH 211, ECON 352, ICS 340
  • N2ITN2IT Inactive Imported Users Posts: 7,483 ■■■■■■■■■■
    PT your second point is great! My daughter loves building science projects, usually going to PowerPoint to build semi interactive presentations. She doesn't hate computers, but hardly uses them unless she has to and always complains why the iPads can't have office lol. We have the ipad configured to our printer which is cool. On a side note the kids literally use the computers (desktop and laptops) ~2 hours a month, but the iPads oh geeeeesh. 20 hours a week maybe. Anyway I agree with you. As a kid I was on the computer 60 hours a week at least. Commodore 64, 128, 386, 486 with a VGA graphics card woohoo!
  • apr911apr911 Member Posts: 380 ■■■■□□□□□□
    I primarily have 2 issues with the article.

    One being the sketchy statistics that they've dredged up. I am not really going to expound on this further since everyone else is pretty much in agreement that 40% wanting to be a movie star is kind of like saying 40% of respondents would rather make millions of dollars a year vs 200k or less.

    The other issue I have with the article is the same issue I take with the argument that people making more than 100k should be taxed significantly more because they're "rich" (I disagree strongly with the one-size-fits-all methodology of US Tax Code but that's beside the point)

    A six figure income sounds great, even a low six figure income at $116,000 and the article tries to make it sound like this is a good competitive salary... That is until you look at the area in which Cybersecurity is primarily based, which by the article's own admission is DC. The cost of living in the DC Metro area is a good 50% higher than most of the country. A quick look at CNN money's cost of living calculator ( Cost of Living Calculator: Compare the Cost of Living in Two Cities - CNNMoney ) found only 5 locations with a higher cost of living:

    1. New York, NY (+27.9% average, varies between 5.4% and 56.3% depending on which borough between Queen [5.4%], Brooklyn [21.8%] and Manhatten [56.3%])
    2. Honolulu, HI (+18.8%)
    3. San Francisco, CA (+13.5%)
    4. San Jose, CA (+6.0%)
    5. Stamford, CT (+1.1%)

    When you live in one of the 10 most expensive cities in the US, that $116,000 doesnt go as far as you would think, dont get me wrong, its still a good living (even when adjusted for cost of living it is a good 20k+ higher than the median household income in the US) but I feel the statment that "millennials are prioritizing “Interesting work” above things like “competitive pay”" is misplaced, especially when there is more lucrative money to be made in other IT roles in the area.


    That being said, the article is right in one regard; we are struggling to bring people into the field and not just security but IT in general. I think there is multiple factors contributing to this.

    Employers are a major problem in this equation. Employers complain about a skills-gap and that millenials are job hoppers, yet employers are unwilling to offer training, pay and/or other benefits to retain their talent and fill any gap in skills. Every job ad Ive seen recently wants 5 years experience or more and has a list of required competencies thats a mile long and while they might be willing to overlook the fact you are missing one or 2 of their "required" comptencies, that will hurt you significantly in the salary negotiation... Nevermind the fact that they only make 2 BGP changes a year, they really need someone who already knows it and since you dont they're going to offer you 30% less.

    The other major problem I see is the manufacturers dumbing-down technology. They're trying to make computing so fool-proof nowadays that no one seems to be tinkering with their devices or learning how to fix it when things go wrong. In fact, manufacturer's are now actively discouraging tinkering. Apple wont let you run unapproved applications on their iPad without jailbreaking which technically voids your warranty, similarly, there is no access to the underlying file or process system of the device and tinkering with the hardware is even more frowned upon. Even Windows 8/Server 2012 which are full blown Desktop/server OS's suffer from this dumbing down effect. I think tinkering is how most of us got our start in IT and by developing these devices and discouraging tinkering, we are bringing up a generation of highly connected individuals with no understanding of how the underlying infrastructure and systems work.
    Currently Working On: Openstack
    2020 Goals: AWS/Azure/GCP Certifications, F5 CSE Cloud, SCRUM, CISSP-ISSMP
  • Jayjett90Jayjett90 Member Posts: 30 ■■□□□□□□□□
    " Forty percent of respondents would want to be a "TV or movie entertainer,"
    I stopped reading after that silly statement.
Sign In or Register to comment.