MSSP Powerhouse Novacoast On ‘Mission’ To Reach 1,000 Employees: CEO
The cybersecurity services firm aims to more than double its staff through hiring security analysts and M&A, Novacoast Founder and CEO Paul Anderson tells CRN.
Novacoast is seeking to more than double its staff in coming years, with a focus on hiring cybersecurity analysts for the company’s Security Operations Center (SOC) locations, according to CEO Paul Anderson.
In an interview with CRN, Anderson said the timing is ideal to scale up its headcount, which now surpasses 400, amid strong demand for managed security services.
“I’m on a mission to get us to 1,000 employees,” he said. “And the fastest way to do that is to sell more managed services and add analysts to the five SOCs that we have.”
Anderson said he expects that the goal of reaching 1,000 employees will take three to five years for Novacoast, and will likely include M&A along with hiring.
For Novacoast, hiring and retention has long been a strong suit, even amid the widespread cybersecurity talent shortage, according to Anderson.
“Don’t let me sit here and tell you we’re awesome at everything,” Anderson, who founded Novacoast in 1996, told CRN. “But what we’re really good at is attracting, hiring and retaining our technical talent.”
Offering A Career Path
While the massive shortfall of available security professionals is a well-known issue, Novacoast differs from most employers who are looking to hire such talent, he said.
Because Novacoast operates such a large security services operation — employing a significant number of analysts and engineers — the company can provide a career path to prospective technical talent that even banks and other large enterprises aren’t able to offer, according to Anderson.
The “vast majority” of new Novacoast employees are hired right out of college as SOC analysts, he said. The key is the company works to provide a growth path to them from the get-go, recognizing that “they’re not going to do that job for 10 years,” Anderson said.
Among other reasons, that’s because the role of an entry-level SOC analyst can be boring, he acknowledged — involving the routine work of monitoring SIEM (security information and event management) tools for anomalous behavior.
At Novacoast, “part of the reason why we’re successful is that for us, that’s just step one for a new employee,” Anderson said.
SOC analysts will typically stay in that entry-level role at Novacoast for six to 18 months before being promoted to a higher-tier analyst position, where they’re able to do more-advanced threat investigations, he said.
“Then depending on what they have an acumen for, maybe they’re going to become a SOC manager. Maybe they’re going to leave the SOC altogether and become an engineer for Novacoast and be one of our engineers that does deployments,” he said. “So we have to present these employees with a clear career path.”
By contrast, “a lot of big banks and healthcare [organizations] don’t have those same career path opportunities. It’s not as evident,” Anderson said. “So it’s easier for me to build that team.”
As just one example, Anderson pointed to Eron Howard, who originally joined Novacoast out of college and has spent more than two decades at the company so far. “We have a lot of those,” Anderson said.
Howard joined Novacoast in 2001 and worked his way up to being named chief delivery officer of the company in 2015. He was promoted to COO of Novacoast in 2022.
Novacoast is also differentiated by its long track record of offering security services, according to Anderson.
“Anybody can sell product. For many years, we never sold any product — we were only services,” he said. Novacoast only added product resale to satisfy certain large security vendor partners, Anderson said, since “that’s how they measure you.”
However, Novacoast has long recognized that services, not product resale, is “what makes you sticky in a customer,” he said. “Our DNA has always been services.”