
Alexander Heinle
Alex is a marketer at Zavvy. On this blog, he mainly shares insights gained from discussions with selected experts and from helping our customers set up and improve their onboarding or learning programs.
Hiring information security and cybersecurity analysts is a victory in itself, considering they're some of the hardest roles to fill.
According to the 2021 (ISC)² Cybersecurity Workforce Study, 60 percent of respondents said cybersecurity staffing shortage is a major challenge their companies face. There simply aren't enough cybersecurity professionals to go around, not to mention they have to acquire some pretty technical skills.
So congratulations on nabbing your new information security or cybersecurity analyst! If you're looking for ideas to make the onboarding process as painless as possible for your security analysts, we got you covered.
We'll walk you through the essential steps. Plus, we included a free information security analyst & cybersecurity analyst onboarding plan to get you started.
Together with our curators, we have created a library of actionable digital marketing resources. Personalized to your team's needs.
New employee onboarding is the crucial stage where companies can make a lasting impression. And it better be a good one!
For security analysts, there is so much to learn about a firm's infrastructures and processes, and it's easy to get overwhelmed in the first few weeks.
To avoid this, let's first clearly define the similarities and differences between an information security and a cybersecurity analyst to ensure role clarity.
Information security covers data protection in general, while cybersecurity focuses on online or digital information. An information security analyst would have to ensure that they have measures also to protect onsite data, such as those stored in safes or possessed by employees.
Meanwhile, a cybersecurity analyst monitors information stored on hard drives, computers, and the cloud. Plus, they must know how to identify digital threats or any weak areas that cybercriminals can attack.
However, information security and cybersecurity analysts need to understand the company's information technology (IT) systems, including application firewalls, antivirus, and proxies, to safeguard networks effectively.
Given these analysts' very technical and complex tasks, it's vital that they are well informed about the company's security challenges and standards, technologies, and personnel.
Without a comprehensive and organized onboarding plan to guide them, they might miss very crucial information that would prevent them from doing their jobs well.
Austin Harman, a Cybersecurity professional and CEO of consulting firm The Penn Group, emphasizes the importance of building up talent:
"One of the most valuable lessons I've learned over the years is that you cannot buy great people. They have to be developed. If you want people who are bought into your culture, your systems, and your mission, they have to be sold on your culture, systems, and mission."
Tip: The employee experience is king. Everything about your onboarding plan must be working toward making your new analysts feel welcomed and supported.
A 30-60-90 day plan ensures your security analyst's first three months go smoothly.
Tip #1: Using a standardized plan helps People Ops and Managers create a consistent experience for future hires.
Tip #2: However, customizing your employee onboarding template based on specific roles, teams, or departments is essential.
Below is an information security analyst and cybersecurity analyst onboarding 30-60-90 day checklist to help you get started.
Preboarding is crucial as it sets the environment and vibe for the new hires. So don't skip this one!
The first month on the job is all about getting to know the company's business goals, clients, and technology stack or systems.
Tip: You can also use this period to encourage networking.
💡 Create positive initial experiences with 17 exciting ideas to make orientation fun. Engaging your new hires from the very start will have a long-term impact.
A key goal is to develop a deeper understanding of the technical areas of security, such as incident response, forensic analysis, network monitoring, and breach detection.
After the first month, your information security or cybersecurity analyst should be able to work more independently and start to explore other tasks.
In the second month, it's time for your analysts to have more hands-on exposure to the company's digital assets and automated processes. Training becomes crucial at this stage, particularly in information security, where new cyber defense practices and software are constantly being developed.
Tip #1: You can implement interactive exercises like malware and log analyses during training to discover potential skill gaps.
Tip #2: Don't assume that because these are highly trained professionals, they know all existing systems, even the popular ones. Some of them might have specialized in a specific domain, which can also be an advantage.
➡️ Check out our in-depth information on the best practices for training new employees.
Activities for the 60-day milestone:
In the last onboarding phase, your new joiners take on even more autonomy. They should take full responsibility for their work while also being proactive in improving the team, process, or company.
You can decide whether day 90 will end your formal onboarding. From there, you transition your new information security and cybersecurity analysts into ongoing training and development to get them ready for continued success in their role.
Main objectives for this period:
Day 90 milestone activities:
➡️ If you need other templates, we have you covered. Check out our free and essential onboarding templates. From other role-based checklists to communication samples and an onboarding presentation template, you will find something for your needs.
A well-integrated security analyst should know your company's entire IT ecosystem, the cyber threats that need addressing, and long-term career development plans. This ensures your new hire's longevity within the firm.
Founder and CEO of online training firm CyberVista, Simone Petrella, says that when an experienced security analyst leaves a company, it typically takes eight months to replace them and almost four months to train a new analyst. This is equivalent to nearly a full year of productivity lost.
A successful onboarding covers four major phases: preboarding, orientation, role-specific training, and ongoing development.
Preboarding is the time to consider how to ease them into the roles.
Tip #1: As you are preparing the first draft of their onboarding plan, consider the following questions:
What kinds of projects should they handle first? How do their roles and expertise fit into the overall business goals?
Tip #2: Enlist your main stakeholders to find the answers to these questions.
Tip #3: Make sure you document all details. You can include all elements in the onboarding checklist or use an onboarding portal.
Tip #4: The critical thing to remember is to keep the new analysts engaged at every step of their onboarding journey. This includes knowing their work preferences and how the company can best support them.
In particular, remote work is becoming the go-to option for most information security professionals.
According to the 2021 (ISC)² Cybersecurity Workforce Study, only 15% of cybersecurity analysts would like to return to the office fully.
Tip #5: Ensure you cover your firm's remote work policies with your new joiners. We created a Work from Home Policy template you might find helpful.
➡️ Discover 11 ways to engage new employees starting from day one.
The greatest benefit of an automated onboarding process is that it saves time and costs.
➡️ Storyblok, for example, saves 15+ hours every week while taking their remote onboarding experience to the next level.
Because the process follows customized journeys or workflows, new joiners have a clear map to follow.
"What surprised me most was that you can automate so much without sacrificing experience. We are sending people trackable tasks, engaging content, fun reminders via Slack, and connecting them to their onboarding buddies. All with a single click." Markus Schwarz, People Experience Manager at Storyblok.
💡 Remember that you can also quickly start onboarding before Day 1 with an automated preboarding workflow.
➡️ Access our preboarding template to help you get started.
Positive onboarding experiences result in increased productivity and motivation.
➡️ You don't have to take our word for it. Check out how Zavvy helped Alasco cut time-to-productivity in half with a structured and fun onboarding process.
Tip: Automation avoids unpleasant surprises or uncommunicated expectations.
Instead of feeling nervous and confused about navigating their new roles, your security analysts will feel empowered when they know exactly how to progress and meet expectations.
Structured journeys create better experiences for new security analysts.
When your onboarding touches on the 5 Cs of onboarding, compliance, clarification, confidence, connection, and culture, your employees will feel genuinely welcomed into your organization.
Tip: Positive experiences are great for your employer branding. But that's not the sole benefit.
Offer proper guidance to your new analysts by automating your onboarding workflows.
You can create a detailed employee onboarding plan to inform and engage through employee onboarding software.
Plus, through our preboarding software, you can set up a welcoming environment that can soothe first-day jitters.
With Zavvy's templates, you get a jump start on structured, enlightening, and fun onboarding plans.
And, to cap it all off, you'll be able to track new hire progress, automatically schedule events and send onboarding journeys, and include interactive features.
Once onboarding ends, Zavvy helps you smoothly transition into long-term training and development plans and feedback cycles for your information security team.
Book a demo to discover how our automated workflows can take your employee experience to the next level.
Upskill your team every week with the best contents and personalized recommendations.
Hiring information security and cybersecurity analysts is a victory in itself, considering they're some of the hardest roles to fill.
According to the 2021 (ISC)² Cybersecurity Workforce Study, 60 percent of respondents said cybersecurity staffing shortage is a major challenge their companies face. There simply aren't enough cybersecurity professionals to go around, not to mention they have to acquire some pretty technical skills.
So congratulations on nabbing your new information security or cybersecurity analyst! If you're looking for ideas to make the onboarding process as painless as possible for your security analysts, we got you covered.
We'll walk you through the essential steps. Plus, we included a free information security analyst & cybersecurity analyst onboarding plan to get you started.