Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

5 tips for keeping your incident response team happy

Stacy Collett | May 28, 2015
A security manager might be turned off when a job candidate calls him "dude" several times during the course of an interview, but it was a minor infraction that Todd Borandi had to overlook. Like many security team leaders seeking highly sought-after technical skills for his incident response team, he had to let small transgressions slide.

A security manager might be turned off when a job candidate calls him "dude" several times during the course of an interview, but it was a minor infraction that Todd Borandi had to overlook. Like many security team leaders seeking highly sought-after technical skills for his incident response team, he had to let small transgressions slide.

"People with the mentality to do this type of work operate a little differently than those in an office setting," says Borandi, who managed a U.S. Department of Energy incident response team before taking his current position as a lead security information architect at a New York financial institution. "[The job candidate] was a brilliant young man," Borandi recalls. He got hired and is now a successful senior analyst.

Such is the challenge with finding and keeping a talented incident response team. These highly specialized professionals who can anticipate security threats ahead, stop a cyber attack in its tracks, or quickly quarantine and eliminate a network intruder, are hard to find and even harder to keep.

Job postings for cyber security positions grew 74% from 2007-2013, according to labor market analytics firm Burning Glass Technologies. Those job postings took 24% longer to fill than other IT job postings and 36% longer than all job postings.

"The talent you're looking for in incident response is absolutely the hardest I've seen to find in security in general," says Christine Gadsby, manager of the product security incident response team at Blackberry in Irving, Texas. Her team, a mix of Millennials and industry veterans, must have deep technical skills, "but they also have to be consultants who can solve problems," she says. "Putting those skills together to deal with an incident response issue as it's evolving is very difficult."

Christine Gadsby, manager of the product security incident response team at Blackberry

Keeping talented security pros from being lured away can also be challenging. "I get emails every day from recruiters asking me if I want a new job," says one senior-level engineer based in Chicago who asked not to be identified.

With demand for security skills outstripping supply, managers can't afford to leave incident response teams on cruise control. Security leaders offer their tips for keeping your incident response team happy and engaged.

1. Step back

For starters, incident response professionals require space. "My people will multitask within their minds. If I'm over their shoulder asking them questions, it hinders them," Borandi says. His team consisted of eight to 10 people ranging in age from 23 to mid-40s who specialized in active directory, firewall administration, web application security, intrusion detection systems and vulnerability management.

"We would set assignments, and they would be on their way," he says. "My job was to keep nervous [executives] away from my people. It's hard to give people space when you're talking about millions of dollars" worth of intellectual property on renewable energy.

 

1  2  3  Next Page 

Sign up for Computerworld eNewsletters.