CIO
Written By: Beth Stackpole
As the IT talent gap looms large, companies need to think outside the box to recruit and retain a strong female bench for key areas such as cybersecurity and software engineering.
With an undergraduate degree in political science and time spent as a Peace Corps and AmeriCorps volunteer, Lain McGrath hardly envisioned a career in software engineering. Yet after onboarding at HR SaaS provider Gusto in a customer experience (CX) role, exposure to coding sparked McGrath’s interest in shifting professional tracks. The problem: She had no formal training and experience in computer science.
What might be a hurdle for many did not stop McGrath or her employers at Gusto. With the backing of key advocates, McGrath made a case for learning software engineering not just to enhance her individual job potential, but to advance a career at Gusto. Her pitch laid the groundwork for a pilot program in which Gusto covered the cost of a seven-month, full-time bootcamp while continuing to pay McGrath a salary and maintain her benefits and vesting.
Now a benefits engineer as part of Gusto’s Engineering Product Design and Data department, McGrath puts time in mentoring other women interested in making similar career changes. “I didn’t just want to be a software engineer — I wanted to be a software engineer at Gusto,” McGrath explains. “I had seen others leave to learn software engineering and not come back, which is why we advocated for this program.”
As companies scramble to find qualified IT talent, they are struggling to achieve greater female representation in their technology ranks, particularly in key areas such as software engineering and cybersecurity. The 2022 State of the CIO research confirmed talent acquisition and retention strategies are a key issue for CIOs, cited by 38% of respondents, with cybersecurity skills, data science/analytics, and artificial intelligence (AI) and machine learning (ML) in top demand. Yet in the cybersecurity field, women only account for about one quarter (24%) of the overall workforce, albeit, up from 11% in 2017, according to the ISC2 Women in Cybersecurity report. A 2020 World Economic Forum report found that women make up a similar percentage (26%) of data and AI positions in the workforce.
Despite the uptick in numbers, there remains cause for concern. The average woman professional exits the cybersecurity industry at age 35, notes Women in Cyber Security (WiCyS), a nonprofit devoted to advancing women in the field. This is a potentially alarming statistic given a projected worldwide staffing shortage of nearly 3 million cybersecurity professionals, a half million in the United States alone. With all the focus on recruiting more women to technology-related roles, there needs to be comparable emphasis on creative retention strategies to move the needle in any substantive way.
“We can recruit and recruit all we want, but retention is the critical piece,” says Lynn Dohm, executive director of WiCyS, citing such factors as unconscious bias, microaggressions, and being passed over for promotions as common reasons women give for their choice to leave the IT workforce. “It’s death by 1,000 paper cuts. A lot of people focus on the metrics of diversity, but when you really look at it, inclusion is that sense of belonging, that trust in wanting to work at a place. That’s the real issue.”
Fishing for nontraditional talent
At Gusto, diversity and inclusion is baked into the corporate culture, which has helped create a cybersecurity team that is reasonably reflective of gender and racial diversity, according to Frederick “Flee” Lee, the company’s chief security officer. Nevertheless, Gusto, like most companies, is finding it difficult to find critical cybersecurity talent, thus has been open to sourcing from nontraditional pipelines and upskilling workers with alternative backgrounds. The company has forged partnerships with a wide variety of organizations that promote women in tech and serves as a sponsor to groups like She Secures, a community for women cybersecurity professionals and enthusiasts.
In searching for key talent to staff security teams, Lee has drawn on professional writers, project managers, and others who don’t have the formal technical qualifications and CV experience one would expect for a cyber security role. “There’s a stereotype of what security looks like, but the technical stuff is the easiest to pick up,” Lee says. “The ability to communicate, analyze data well, and see around corners — those are the more difficult skills to master and those can come from so many different places.”
Vipin Gupta, chief innovation and digital officer at Toyota Financial Services, is having the usual challenges finding male and female technologists proficient in areas such as security and data analytics, but the bigger problem is unearthing those individuals that possess a bilingual acumen of both a particular technology and how that technology fits into the broader context of the business. With a little over a quarter of its IT workforce female, Gupta acknowledges there is a long road to go to achieve true gender equality — one he is trying to advance with a multipronged strategy that involves early-stage awareness of STEM careers, promotion of female tech leadership, and internal upskilling, particularly on developing that bilingual acumen for both traditional and nontraditional IT candidates.
TFS starts by cultivating female interest in STEM roles at an early stage, partnering with high schools and colleges and building programs such as hackathons that promote awareness and excitement around possible IT-oriented roles. On the recruitment front, TFS is leaning into data and analytics so it has clear awareness of where and how it can promote the company to attract potential candidates. TFS also makes a point to highlight its female leaders to both internal employees and external job candidates, promoting their stories in relevant forums to underscore the company’s commitment to building a more equitable workforce to drive its future.
Central to its internal upskilling efforts is the TFS Academy, an enterprise-wide learning capability that covers everything from agility workshops to data and analytics as well as strategy and change management. TFS’s progressive approach to teaching, which encourages leaders and subject matter experts to become teachers, has been key to its success. “This isn’t about certification — it’s designed to create a culture of teaching, which in turn creates a culture of learning,” Gupta says.
For its part, Capital One has introduced a number of learning and development programs aimed at cultivating female tech talent wherever they are on their trajectory — whether that’s during the formative secondary school period all the way through the university level and continuing to target potential career-switching candidates that are both internal and external to the company, according to Melanie Frank, the company’s managing vice president of cyber engineering. One example is Capital One Coders, a program launched in 2014 aimed at teaching middle school students how to build software and get excited about STEM at a critical juncture in their education.
To address pipeline challenges and to encourage young women to explore and stay in the technology field, Capital One partners with a variety of organizations, including the Society of Women Engineers, Women Who Code, and AnitaB.org, an organization aimed at promoting more women and nonbinary technologists. Capital One also established its Developers’ Academy in 2017 to address the lack of diversity in the software engineering field, operating from the assumption that many non-engineering majors have the requisite problem-solving skills and basic building blocks to do the job, bolstered with the help of formal training.
The six-month program, designed to prepare those non-computer-science majors to pursue a technology career, is first being applied to recruit new talent, but could easily serve as a model to reskill existing Capital One employees, Frank says. “Because of the variety of majors and backgrounds, we create a more representative and diverse team than the typical software engineering certification programs,” she explains.
There are also roles such as cyber analysts that don’t necessarily require a college degree, which creates the potential for building a more robust and diverse talent pipeline. “There is this notion of gateway roles into technology,” Frank says. “We’ve seen progress, but not as fast as we’d like. We are testing and learning our way into what to do differently both to attract and retain a more diverse set of talent and help them thrive and grow.”
Staying the course
Even when women are trained or retrained with in-demand IT skill sets, many opt to leave the field early in their careers, discouraged by the obstacles or disillusioned that they still aren’t seeing ample female representation in technology leadership roles. The way to change that dynamic is by elevating women IT leaders, amplifying their stories of empowerment, and tapping into their communities for sponsorship and mentorship opportunities that can open doors for female tech talent and provide support when navigating what is still a frustrating career trajectory.
Grace Brosnon, chief technology officer for the City of Tacoma, invests significant time mentoring and doing one-on-one coaching to help female colleagues build a development path that increases their opportunities. The city has had an easier time building gender diversity for entry-level positions as the number of women in STEM university programs expands, but Brosnon admits it’s harder to do the same for senior technology leadership. “As senior people retire, we’ve taken a hit,” she says. “We’ve begun trying to reclass jobs to entry-level positions so we can build a more diverse pool and feed the pipeline with more women talent.”
Brosnon advises up-and-coming female technologists to overlook the stereotypes and ignore the doubts, especially when they meet the minimum requirements for job postings in male-dominated fields such as AI or software engineering. “Women tend to hold back when it’s a brand-new field because not many have done it or they can’t see how it’s been done before and paving the way is intimidating,” she says. “Get over the fact that you haven’t done something because someone always has to do it for the first time. You don’t have to know everything before you do that job.”
At the leadership level, CIOs and tech executives must take constant intentional action to continue to drive towards a more balanced, diverse IT organization. Partnering with HR, personally reviewing job descriptions and postings, emphasizing soft skills, not just technical prowess, and revamping interviewing practices can go a long way to attracting more women into the IT pipeline, says WiCyS’s Dohm.
Being intentional at an individual level also keeps the momentum going. When a woman on a TFS team didn’t apply for a particular job that Gupta thought she was qualified for, he reached out directly to encourage her to make a move. She did, getting that position and a subsequent promotion. “It’s all about day-to-day nudging, managing, and influencing our own people in our organizations,” he says.