What organizations can do to retain security analysts — according to security analysts

Yael Gertel
Mar 10
Engineering

63%. That's the number of SOC analysts who say they are likely to switch jobs in the next year, according to our Voice of the SOC Analyst report. Considering that SOC teams are understaffed and that the cybersecurity industry as a whole is facing severe staffing shortages, team leaders need to ensure that they're doing everything they can to retain their talent.

However, SOC leaders may not know exactly what approach to take. In order to give more insight into what leaders could do to increase engagement and retention, we asked SOC analysts, "What could your current organization do to retain you?" Here's what they said.

Top Five Ways to Retain Security Analysts

If organizations want to keep them from going elsewhere, here’s what analysts say they can do to retain them.

"Provide tools that automate tedious manual tasks."

When asked about the most frustrating aspects of their work, the majority responded that spending time on manual tasks is what frustrates them the most. It’s not only mentally exhausting, but it's taking them away from more engaging and exciting tasks that allow them to exercise their analysis and decision-making skills. Additionally, 66.4% of analysts say that half of their tasks to all of their tasks could be automated. Providing automation tools that can empower analysts to remove tedious tasks and free up time for more high-impact tasks is the number one way organizations can retain them.

"Provide more modern tools with advanced capabilities."

What could also improve retention? Better tools with advanced capabilities — meaning that many analysts see their current tools as outdated or too generic. They're looking for the kind of best-in-breed resources that will not only facilitate better streamlining of SOC processes — like no-code automation platforms that can give analysts the ability to automate easily and quickly — but that will help them better defend their organization and stand up to technologically advanced threats.

"Hire more people on our team."

Analysts would also stay on if their organization hired more people to their team. This signals that they're overworked and stretched thin, and need others to even out the weight of the workload. With 69% of analysts saying their team is understaffed, providing more human resources is a necessity. Hiring more people to the SOC would not only help with workload, but it would also signal a commitment to the organization's security present and future as well.

"Provide regular training."

Related to more modern tools and better resources is the insistence that more training will increase retention. This may not only be training to keep up on industry standards, but advanced training in areas like threat detection, applying MITRE ATT&CK frameworks, ramping up knowledge and experience in forensics, and more, so that they can learn new skills to devote to advanced analysis.

"Consult security team for security software purchases and upgrades."

Finally, analysts say they would be more inclined to stay if their organization consulted security teams before purchases and upgrades. This flags that there's a misalignment in their organization around who manages security. These respondents suggest that leadership isn't consulting with the SOC, who are at the front lines of protecting their organization, about what they need to do their jobs well.

Increasing Retention and Engagement

Want to start increasing retention today? SOC leaders who are curious about ways to retain their staff now have the answers they need in order to take steps to improve workflows, increase efficiency, and create a happily engaged team that will stick around for the foreseeable future.

Want to read the full Voice of the SOC Analyst report?


What to read next