Security search firms are frequently contacted by job seekers who reach out to request the recruitment company assist them in finding a new job. Inquiries come from professionals and executives in various stages of their public or private sector careers.

Experience dictates we cannot entirely discount the adage that suggests the best jobs can only be found by knowing someone and never make it into the public domain. However, this is generally a dated outlook. It does not accurately reflect the current approach to recruitment taken by an increasingly large number of organizations who seek top security talent.

Organizations work diligently to diversify their talent pools in many ways. They publish openings across social media networks and through open-source media. As a result, a behind-the-scenes referral that successfully results in a passing of the baton to a friend or former colleague has become the exception rather than the rule as companies work to broaden their demographics.

Talent acquisition departments contract with security search firms when they want a partner to help expedite the identification and recruitment of the exact candidates they seek. And while our company, a security search firm, has been exceptionally busy despite the pandemic, we still estimate that recruitment firms collectively handle less than 5% of the entire pool of mid- to upper-level security executive roles available worldwide. (This statistic excludes security roles that are primarily IT focused.)

If you are a candidate who has been contacted by a recruitment company, it can be helpful to understand the role a search practice has. Who do these firms represent, what are their processes, and what are the typical contract structures recruiters work under?

Search firms represent, and are paid by, the company whose position they are recruiting for. They do not represent candidates who might be interested in the role. While our team often spends time talking to security professionals who are job searching, it would be a conflict of interest to represent both client and candidate. No ethical search firm will ever offer payment for candidates they can potentially place.
When you see a search firm post a job, it should mean they are under contract with an employer to fill one or more of the employer’s positions. There are some newer firms who advertise positions they are not legally engaged to fill. However, collection of candidates’ personal data without being under contract potentially violates data protection laws.

Candidates should be certain a recruiter has contracted authority to solicit for the position prior to sending their resume or CV. Organizations cannot legally accept unsolicited resumes from search firms. If your details have been sent to a company in this manner, it can have the effect of essentially blacklisting you from consideration, quite the opposite of your goal to be considered.

A recruitment contract can be retained, whereby the organization has engaged a firm and committed to a percentage fee to conduct the search. Payment to the search firm is usually tied to specific milestones. Contingent contracts mean the recruitment company is willing to absorb the risk and costs in undertaking the search and will only receive the agreed-upon fee if successful. Generally, but not always, the more senior the role, the more likely the contract is a retained one.

If you have been contacted by a search firm, have validated they are legally contracted to perform the search work, and you are interested in the job, be ready! Know what your bottom line is if you were to leave your current position. Understand how much you really need, what it would cost you, and if you need to make up anything in unrealized gains. No search firm wants to work diligently with a client to construct a fair offer for a position only to have the candidate realize they cannot afford to take the job or move to a different location.

A recruitment project yields a great result when all parties understand the process and the roles they play in that process. The ability to navigate and manage your experience is a key element in advancing your security career outside your current organization while protecting your personal data.

There are some dedicated professionals out there who can truly support and help organizations to both find and develop talent. Once you have vetted them, an understanding of how to work well with them will only be to your advantage.