The IT security profession has a problem: Most of its hires are white and male. Here are 10 inclusive hiring keys for a more diverse team.

IT security is heading skyward—experts anticipate the global cybersecurity market will increase by $30 billion over the next two years. But while positions in the field are everywhere for tech-savvy applicants, the profession also has a diversity issue: Most of its hires will be white and male.

For this profession of securing environments, IT security’s lack of ethnic, racial, and gender diversity flies in the face of expert guidance—that a broader wealth of viewpoints and opinions contribute to an organization’s overall success. To put numbers to it, insights from McKinsey reveal that organizations with gender diversity are 24% likely to financially outperform their less diverse counterparts, and organizations with racial and ethnic diversity are 33% more likely.

Despite less representation in the field to date, technology isn’t short on excellence among diverse professionals. From the prolific innovations of Granville Woods (known for the multiplex “induction telegraph,” which was used to communicate between railways and prevent train crashes) to the game-changing image processing systems of Valerie Thomas (it’s her team you have to thank for images transmitted from space), inventors, scientists, and mathematicians of color have been revolutionizing technology from day one. These shining examples of innovation and impact, despite fewer open doors, make one wonder what’s possible with an industry-wide commitment to diversifying the profession. 

If your IT team leans white and/or male, taking steps towards inclusive hiring practices can facilitate letting excellence shine through for ALL candidates. Here are key perspectives and tips to consider.

Lay Diverse Groundwork

Your greatest opportunity to promote diversity in your organization lies among your future teammates. So how do you accomplish “diversity hiring”, and what is it anyway?

Diversity hiring refers to hiring based on merit, with special care taken to ensure procedures are free from biases related to a candidate’s age, race, gender identification, religion, sexual orientation, and other personal characteristics that are unrelated to job performance.

Because most people have biases of one form or another, this is easier said than done. Whether or not intentional or conscious, biases often run deeply, and as such, they have the potential to influence hiring processes and ultimately stand in the way of opportunities for bringing diverse professionals on board.

The important step for any hiring team is for individuals to seek to become cognizant of and challenge their respective biases—for their personal and professional growth, and to help ensure fair consideration of all candidates. Each hiring party has the opportunity to educate themselves in other cultures and lived experiences, in part through open-minded interviews of candidates and hiring of diverse peers.

Break Your Own Mold

A quick and easy hire is the worst enemy of diversity. This is where you run the risk of recycling your long-standing, likely narrow, cookie-cutter approach, yielding hires who clone, but don’t necessarily enrich nor advance, your team, organization, or mission.

If you’re committed to attracting a highly qualified AND diverse candidate pool, there’s hope and strategy to guide you from BAI Security’s own Dr. Michele Bruck: “By utilizing objective hiring criteria, thoughtful outreach to diverse candidates, and a rigorous vetting process that draws upon multiple points of data, you’ll appeal to a diverse candidate pool, set the stage for fair consideration of all candidates, and secure the most aligned hire for your organization’s culture and goals.”

Dr. Bruck notes that the more of the following methods you use, the better the hire. If you usually have to hire in a crunch, don’t be intimidated by the list below. Dr. Bruck assures that “while the initial set-up of a diversity-promoting hiring model takes some time and intentionality, once it’s built, the execution can be as fast as you need it to be, and the results are immeasurably valuable to your whole organization!”

  1. Use role-specific job competencies to focus hiring agents and prevent bias: Write position descriptions based upon the most relevant job competencies—for candidates AND your hiring team. For a well-rounded hire, these should span professional, technical, interpersonal, intrapersonal, and culture-fit criteria. While HR can suggest well-established, globally standardized competencies for consideration, those attached to the role you’re hiring for are ultimately best selected by a combination of leadership and those who work the job being filled day-to-day. These criteria will subsequently force your hiring team to stay focused on weighing what’s truly relevant with each candidate and help everyone avoid slipping into feel-good—but typically biased—dynamics that reward candidates who seem “familiar” (i.e., like me) over those who are different and actually most qualified.
  2. Present a welcoming Careers page and job ads that encourage diverse populations to apply: For women and candidates of color in the IT world, they already know they’re up against the odds, so don’t underestimate the power of holding the door open. Even if you’re still working towards a diverse team, using diverse images of professionals on your website and a clear EEOC statement on job ads can help send the message of what you aspire towards. Be sure to use the latest federal and, if applicable, state language, to ensure you address all protected populations on your website and job listings (e.g. gender identification is now protected by the EEOC and should be added to such statements).
  3. Post openings beyond the usual places: Consider expanding your candidate audience by posting job ads in places that house diverse audiences, such as HBCUs, international exchange programs, community colleges, trade schools, and websites such as The Mom Project,, PDN Recruits, Black Jobs, Hispanic/Latino Professionals Association, Power to Fly, Recruit Disability, Female Executive Search, VetJobs, or PinkJobs.
  4. Open online applications to a broadly geographic audience—because the timing is particularly good: In the past, geography may have restricted applicants to those in your region. For those not in metro areas, this may have created a barrier to diversifying your workforce even if you wished to. But the pandemic has changed the “workplace” landscape significantly and perhaps permanently. Remote work and, by extension, online hiring, has expanded, and therefore diversified, the talent pool from around the country and globe from which to draw. Even if the expectation is for new hires to relocate to your HQ, today’s workforce has proven to be more mobile than any generation before it. Plus, many new hires can remain where they are until COVID-19 subsides, taking advantage of more time to work on relocation. So consider going for out-of-towners—just be specific about when they’re expected at HQ and whether financial relocation support is included.
  1. Limit identifying information to impede bias: It’s not uncommon for candidate names, addresses, universities attended, online profiles, and organizational affiliations to create screening bias, according to SHRM. Having candidates at least initially withhold such information prevents the hiring team from consciously or unconsciously falling into such traps, and keeps everyone focused on application content as it measures against hiring criteria.
  1. Zero in with role-specific questions and skill assessments: This is another way to stay focused on objective criteria and is a huge time-saver! If you have great response to your job ads, these features will help you filter out less-than-ideal candidates before you spend too much time on them. Sure, ask for a resume, but skip the often-generic cover letter in lieu of asking focused questions about relevant experience and other key competencies for the role (which will, again, help keep bias in check). If sales persuasion, attention to detail, or analytical skills are essential, hiring sites like have targeted skills tests you can assign to candidates, yielding additional data points on each prospect. If communication is key in the role, written and/or oral recorded responses (also on Indeed) provide a more realistic, less resume-polished version of each candidate as you decide whether to pursue an interview. Just be sure to listen beyond a diverse candidate’s accent to objectively weigh their eligibility.
  2. Conduct multiple interview rounds with team input: Remember those who helped define the role competencies? It’s time for them to participate again. In addition to HR and supervisors interviewing candidates, include colleagues who work the job every day for a highly practical angle on vetting. Team interviews also give candidates a chance to meet their prospective teammates in advance to assess the fit for themselves—just be certain to include diverse teammates, so your panel telegraphs to potential all hires that they, too, could belong here. As a bonus, having employees participate directly in interviews promotes buy-in with the eventual hire and a smooth integration into the team.
  3. Collect work samples and industry-specific references: This step is most relevant mid-stream in your hiring process, before you send candidates to the decision-maker. Ask for and check with industry peer hiring agents—specifically consider requesting diverse references so you get a sense of how this person works with a range of different types of people. Also, have those who do the job being hired for create a real-world “homework” assignment for candidates to complete. These additional data points will help zero in on those who are best suited to job realities and company culture, and who therefore make sense to advance to the finals.
  4. Educate, encourage, then reject: Many of us have experienced the cold, generic rejection message, or worse, no application response at all—both of which only stoke the emotional agony of job hunting, where high hope and deep rejection rise and fall like a rollercoaster. So this tip falls under the “People remember how you make them feel” category. Take the time to send a friendly and encouraging rejection with tips for how a candidate might better qualify in the future. This shows the professional compassion we all deserve, along with clear direction for those who might just take your guidance, run with it, and show eagerly up in your future candidate pool—perhaps the next time as a great fit for your team!
  5. Get comfortable being uncomfortable: Ultimately, if your hiring endeavors are truly shattering ceilings or moving into uncharted diversity territory, it SHOULD feel different, even a bit uncomfortable. If it doesn’t, chances are you’re not really making progress.


Partner Up with the Like-Minded

It’s up to all organizations to help advance diversity in the IT profession. As we work on our own organizational transformations, we can be mindful of the partners we choose, securing those who share such commitment to inclusion, as we do here at BAI Security, 2022’s Most Trusted Cybersecurity Solution Providers.

Learn more about our diverse and highly expert audit team, who produce the kinds of results that matter to our clients in Healthcare & Pharmaceutical, Banking & Finance, and other highly regulated sectors.

For more information, contact us today.