Cybersecurity Hiring Manager Handbook

Show your new hire that you care

Onboarding

The first 90 days of any new job is the “make or break” period for a new employee. But the first 90 days don’t start the day they arrive. It starts the day they accept the offer with you!

If you want your new hire to succeed, begin their onboarding process well before their start date. The day after they sign their offer letter, email them and tell them how excited you are to have them on your team. Send them information about your organization that will help them land on two feet on their first day.

In order to give your new hire the best chance at success, you must have a formal onboarding process. This includes the 4 C’s of onboarding:

First is Compliance. Be sure your onboarding process includes all formal compliance training required by your organization. This will include filling out the proper HR forms, attending privacy training, security awareness training, and the like.

Second is Clarification. Set aside some time in the first week with your new hire to review their job description, line by line. Clarify exactly what they will be doing, what their responsibilities are, and what measurements for success you will be using to grade them.

The third “C” is Culture. This is where your new hire really becomes a part of the team. Schedule 1-on-1 meetings for your new hire with different people from around the team, department, and company. Share your company’s vision, mission, values, and goals for the year with them.

The fourth and final “C” is Connection. Similar to the “Culture” step of onboarding, be sure that your new hire is networking with others and building trusted relationships around the organization. The better your new hire’s connections, the easier it will be for them to succeed at your company.

Finally, it’s a good idea to give your new hire an onboarding buddy. A good onboarding buddy will show the new hire the “ropes” and help them understand how things are done at your company. The buddy can answer questions about the team, department, and organization.

The first 90 days set the tone for the rest of your new hire’s career at your company! Doing these things will help set them up for success.

Three Habits of Highly Effective Cybersecurity Managers

As your new hire continues to grow in their role, be sure to support them in their journey with you.

How can you best do this?

I like to think that being a highly effective manager comes down to having good habits. There are three in particular that I recommend you adopt if you want to be successful.

First, set clear expectations. Make sure your direct reports clearly understand what is expected of them. I like to sit down with each direct report at the beginning of each new year to review their job description, line by line. This helps re-orient their tasks to make sure that their job description aligns with their current work.

Second, give autonomy and ownership. Treat your team members like adults. People work best when they know what is expected of them, and then trusted to execute on that. Give your direct reports ownership and responsibility for their work. Of course, you would stay accountable for the work, but your direct reports should be responsible for doing the work itself.

Third, give people reasons to stay with you. Things like fair pay, mutual respect, career growth opportunities, and work/life balance are some of the basic things that great employees expect. They want autonomy and a boss that will support them in their career. Treat all your direct reports like human beings deserving of respect. Because they are, and they do!

If you practice these three habits every day, you’ll soon notice - not only will your team be more loyal to you, they will do better work for you! It’s a win-win for everyone. Your direct reports will be happy, and so will you. And a happy cybersecurity team is always a win for your organization!

Rough outline for this section–please contribute

  1. Day one re-interview
    1. Find out what their skill, job, and career goals are
      1. Assuming they know
      2. How to enable your new hire to get to that level of awareness?
    2. Find out what job satisfaction means to them
  2. Coaching and supporting employees: manage them up or manage them out
    1. Scheduled 1:1 (One-To-Ones) every week with employee (ideally in an informal situation, such as over coffee)
      1. First 10 minutes let the person talk
      2. Next 10 minutes Manager provides message/expectations
      3. End 10 minutes talk about the future
    2. Coaching difficult people
    3. Document outcomes of 1:1, in email, tickets, and evaluation reviews. 1. HR Assistant for disciplinary actions
  3. Growing people and their talent
    1. What’s in it for them?
    2. What’s in it for you?
    3. Ongoing training (conferences, paid training, self-learning)
    4. Free training 1. Affordable training
    5. Giving back to the community
    6. Enhance your employer reputation
  4. What if someone on your team just wants to do the same tasks all the time? – depends on the value of their current work set, and your needs. There are many practical reasons for an employee who wants to stick to a particular work set. If these same tasks are a valuable contribution, there is nothing wrong if it is a satisfactory space for the company. We are creatures of habit, and that employee may have other priorities or personal situations to deal with outside of work, where they feel as though they do not have the mental capacity to take on new skills or tasks. Perhaps they have children, dependent parents, or are working through schooling. It may be temporary. If this is not satisfactory, lay out your expectations and give them a chance to respond to the gap between what company expectations are compared to their current performance.