Well I can say this for one is a money issue they don't want to pay the salaries that we command the time of low end money has gone past them and now they are reeling from it. Security is a highly involved career that demands many technical skills and soft skills that include business knowledge, risk knowledge, investigative skills, knowing how to spot the issue before it happens and so on. You can not be just a systems administrator or a network adminsitrator anymore you have to have the right combination of skills to do this.

For example me: Level III Federal IA Technical, SCNA(Security), Risk Management, and CISA with a BS in Business Management. This is a problem for many managers because it places me in the race for an executive position possibly bypassing them. As such I work as a consultant and have a better quality of life and work than corporate personnel. And one other thing is we are highly independent motivated people that trust but verify.

Hello Meridith:

While I cannot speak directly to IT Security-related Postings, I am currently filling 3 IT positions in our Enterprise and while we ARE narrowing the list down to “probable’s” from an Offer standpoint, I was actually surprised at the relatively few number of applicants we did have considering all the bleeding going on in the IT Job Market.

To answer your 3 questions (and maybe toss in a few other factors I’ve noticed):

• Candidates don't have the right skill set:

Actually I’ve noticed that the general quality-level of candidates has risen since my last round of hiring in July of 2008, but there is still a fairly high ratio of folks applying for positions that don’t have the skill-set for the position. And this is not just the opinion of an out-of-touch IT leader as our typical hiring process usually involves a second-round interview with the Team that they will be working with. It is usually during that stage where we find whether people actually have depth to their stated skills or simply a passing familiarity with them and it is their potential “peers” which generally flush this out. There was a time when I was surprised at the number of people who would state they had “Network Security Experience” because they had successfully configured WPA on a Home Wireless Network, but age and time have worked that out of me now.

Having said that we ARE seeing more qualified people applying for positions vs. about this time last year. And way more that are currently unemployed. But I am generally finding that best candidates are ones that are still working, which subjectively seems to indicate that less experienced I.T. people were the ones to go during many corporate “purges”. This likely means that when companies are hiring, there is more “churn” in the pool of currently employed while less in the ones that have been cut. Considering that we may have a situation here where talented individuals are looking to get out of positions/companies where the stress levels have been increased due to Enterprises going “too lean” in I.T. and creating unrealistic work demands (A comment I’ve heard a few times during recent discussions), I also wonder if this is having something of a suppression effect on those that have been out of work for some time.

• There aren't enough qualified professionals in the hiring managers' area:

Actually for our Enterprises, this is, has been, and probably will continue to be one of our bigger obstacles. The Enterprise I work for is located in small Midwestern market with an approximately 150k population/labor pool to draw on. In addition we are located about 90 minutes away from a much larger market (1 million plus). We simply do not get applicants (especially skilled ones) because of where we are located and because of what the area market pays. When we do get applicants from outside our area (and on my Team I have people who have relocated from D.C. and from the West Coast), it is almost always because they have done their research and/or have family connections with the area and are relocating for the lower cost of living and higher quality of life.

• The hiring managers can't meet candidates' salary requirements given their tightened purse strings.

We have actually NOT tightened salaries, so on the surface this would appear to be a non-issue for us. But to really understand the situation one need to look at your second point. For us we have never paid what a typical IT position would earn in a major market or with a Fortune 100 operation (this includes my compensation as well). And while people who are relatively “local” to the area get this, I am always a little bit surprised at the folks who almost immediately walk away from an opening when they learn the Salary range. What we do have is a regional labor market with a median home prices of about $175k (which has seen home values drop less than 5% during the downturn), some of the highest ranked primary education systems in the State, and a very culturally diverse community. Our Enterprise has an exceptionally low turnover rates (less than 2% over 5 years in my IT group), a historically no-RIF policy (which we are still sticking to) and a very good work environment.

And yes, this is exactly what I pitch when we recruit for positions. And yes I’ve noticed that it does “initially” carry more weight when recruiting than it has in the past. But the problem again is that while job and community stability would appear to carry higher priorities these days then in the past, for a significant number of candidates that all seems to go away when we discuss compensation and people discover that we really won’t match what is being earned in D.C., Chicago, L.A., Seattle, etc…

It makes me wonder how much people are willing to bleed before they check their egos at the door.

One thing I have noticed that may be playing a factor (and I’m curious if there are readers out there running into the same issue) is a reluctance to relocate NOT because of the salary, specific location, etc… but because so many people are upside-down on their mortgages (i.e. the resulting bath they would take on trying to sell their home is becoming a major factor in relocation). I’ve only had this come up a few times but for some I could see this being a real issue.