Apr 9, 2026

The people gap

AI vs AI
| Part
5

Reading time:

5 minutes

6-month contract. Four careers in one posting. The people who can do this work aren't looking for it. The staffing agencies can't reach them. There's a different way.

Read the full AI Security Series

1. The gap nobody's watching
93% confident. 29% prepared. One person jailbroke a chatbot and emptied ten government agencies. The distance between the story the boardroom hears and the one the incident report tells.

2. They're faster than you
27-second breakout times. AI-generated phishing that knows your team by name. The dark hoodie hacker lost their job to AI too. What replaced them doesn't sleep.

3. Your AI is their way in
76% of organizations have shadow AI. The threat isn't at the gate. It has a badge you issued. Vendor-embedded models, compromised plugins, and the tools your team invited in.

4. Sovereignty is an architecture decision
Everyone's saying sovereign. This article is about what happens when your customer asks and your answer needs caveats. Interchangeability, vendor independence, and what the CLOUD Act means for Canadian data.

5. The people problem
The AI security job posting asks for four careers in one person. That person doesn't exist. The work does. Hour banks, returnable context, and a PMO that holds it all together.

6. What to ask your vendor
Seven questions. Print them out. Bring them to the meeting. Look for straight answers, not carefully worded topic changes. Use them on everyone. Including us.

7. What it looks like when AI security works
Tuesday morning. The phone didn't ring. The customer didn't leave. The Reddit thread didn't get written. That's what good looks like.

Author

Dimitri Phalen is the marketing lead at ISM who prefers plain language over big claims. For years, he’s worked behind the scenes, translating messy, complex IT problems into something teams can actually use. If something sounds like it was written by someone with not enough coffee, who’s been sitting too close to the delivery team for too long, that’s probably his fault.

AI SECURITY LEAD
6-month contract | Remote (Canada) | Clearance required
Possibility of extension

We’re looking for a senior professional to own our AI security program.
You’ll report to the CISO and work across security, data, and AI teams.

Requirements:
- Security architecture, 5+ years
- Data governance and classification experience
- ML operations and model deployment
- Regulatory compliance (PIPEDA, sector-specific)
- Cross-functional leadership across technical and executive stakeholders

Nice to have:
- Experience with policy-as-code frameworks
- Familiarity with Canadian sovereignty requirements
- Bilingual (federal contracts)
- Ability to explain AI risk to a board in plain language

You will be the program. No team. No deputies. You own the strategy,
the architecture, the governance, the vendor relationships, the compliance
filings, the board presentations, and the 2 a.m. incident calls.
You are the department.

Competitive rate. Posted 8 months ago.
3,000 AI-generated applications.
Dozens of fruitless interviews.
Two candidates we could afford.
Neither had half the requirements.
Contract still open. Scope hasn’t moved.

Gary wrote that posting

Gary’s been refreshing the applicant list since July. It was shared in a Teams channel in Ottawa, and a LinkedIn group in Toronto, and a government security forum that gets maybe forty active readers on a good week. Exhausting. Zero qualified applicants from any of them. The project needs to move, now.

Another recruiter sends candidates who are strong on security architecture but have never touched a training dataset. Or candidates who know ML ops cold but think PIPEDA is a yoga position. The best of them aren't accepting a six month role. The AI-generated resumes are getting better too, which is its own kind of irony: the threat Gary’s trying to staff against is the same technology flooding his inbox with fake applicants who look, on paper, like exactly the person he needs.

One real candidate checked every box. They wanted $280,000 annualized, job security, and a team of four underneath them, which rather defeats the purpose of a six-month contract that said “you are the department.” In a Canadian market where the cleared talent pool for this crossover role is measured in dozens, not hundreds, Gary’s posting isn’t competing just with other companies. It’s competing with the laws of mathematics.

Five careers in a trench coat

  1. Security architecture, 5+ years. That’s someone who spent the last decade inside SOC environments, designing threat models, building detection frameworks. They think in perimeters and attack surfaces. They’ve never spent a day training an ML model.
  2. Data governance and classification. A different person entirely. Someone who spent years cataloguing, building taxonomy frameworks, fighting with business units over what counts as “sensitive.” They think in schemas and retention policies. They’ve never written a YARA rule.
  3. ML operations and model deployment. A third career. Platform engineering. Pipelines, model versioning, drift monitoring. They think in epochs and inference latency. They’ve never sat through a compliance audit.
  4. Regulatory compliance. Career number four. Legal-adjacent, fluent in PIPEDA and the provincial patchwork and the AI ethics frameworks that change every quarter. They think in obligations and evidence. They’ve never triaged an alert at 2 a.m.
  5. The posting asks for someone whose resume requires four parallel careers running simultaneously for five years. That person doesn’t exist. Not because the skills are rare individually. Because no career path on earth produces that combination in one human being. You’re hiring for a character in a heist film, not a role in your org chart.

The people who can do this aren’t looking for contract work

Here’s the part that makes this actually painful instead of just difficult. The cloud architect with Canadian clearance who’s scoped AI infrastructure in regulated environments? She’s employed. Has been for six years. She’s on someone’s team right now, deep in a deployment, not browsing job boards between meetings. She's only looking to move up, not a parallel temp gig. The governance lead who’s done federal classification sprints? He’s mid-project in Ottawa and his dance card is full through September. The ML ops engineer who’s deployed models with policy guardrails in production? She turned down three recruiters last month because the gigs were contracts with agencies who couldn’t describe the environment she’d be walking into.

These people aren’t unemployed. They’re not between gigs. They’re not sitting in a Starbucks in Mississauga updating their LinkedIn headline to “open to opportunities.” They’re working.

The staffing agencies Gary calls next are fishing in the same empty pond. They’re recruiting from the open market, finding whoever’s available from a tier below, screening for keywords instead of delivery history, and sending Gary someone who needs three weeks of onboarding to understand what they’re walking into. That person works under Gary’s roof, sure. But they’re starting cold in an environment they’ve never seen, learning the compliance landscape on Gary’s dime, and leaving in six months with everything they learned. The next one starts from zero. Gary’s paying premium rates for a permanent ramp cycle where he's training the hired gun.

Meanwhile, eight months have passed. In those eight months, AI-enabled attacks increased 89% year over year. Breakout times dropped to twenty-nine minutes. Someone jailbroke a chatbot and emptied ten government agencies. Three departments in Gary’s building adopted shadow AI tools nobody vetted. The phishing campaign that hit every Gary in the building last quarter? Nobody was monitoring for it, because the person who’d set up that monitoring is still a blank line in an org chart. The sovereignty architecture the CISO presented in January? Still in a slide deck, waiting for someone to build it.

Kyndryl’s readiness report says 67% of organizations cite talent shortage as their top security challenge. That’s not a shortage of people. That’s a shortage of available people in a market where the good ones are already spoken for, and the channel everyone’s using to find them was designed for a world where qualified candidates are looking for work. Ie, the best ones are taken, hun.

What ISM does differently

ISM’s people are already on staff. Already cleared. Already working in environments that look like yours, under the same regulatory framework, with the same vendor stack. When a client needs a cloud architect to scope their AI infrastructure, ISM doesn’t post a job. They move someone who finished a similar engagement last month. That person shows up Monday and they’re working by Tuesday, because the ramp already happened on another client’s project last quarter.

They work inside your environment. Under your leadership. Reporting to your CISO, sitting in your standups, operating within your governance. They’re not outsiders parachuting in with a methodology deck. They’re specialists doing the work your team defined, with the context to do it without three weeks of “so, where’s the documentation?”

The hour bank is what makes the shape of this work financially sane. AI security isn’t a steady forty hours a week for six months. It’s a cloud architect for six weeks, then a governance sprint, then a compliance review, then deployment. The hours spike and dip. Draw forty this month, ten next month, sixty the month after. The project shapes the spend, not the other way around. You’re not paying for a contractor to sit in a chair between phases, and you’re not paying an agency’s markup on a warm body they found last Thursday.

And when the next phase starts, the person who scoped your architecture in January can come back in June without starting from scratch. Same clearance. Same institutional knowledge. Same understanding of why Gary’s workaround from 2021 is still load-bearing and which three things break if you touch it on a Friday. That continuity is ISM’s actual competitive advantage. Not that they have people. Everyone has people. It’s that their people carry context between engagements, and that context is what turns a six-month stall into a six-week delivery. The full model, hour banks, returnable context, and how direct sourcing from an employed bench works, is in the Staffing Series.

Gary closed the posting

Eight months. Three thousand AI-generated applications. Dozens of interviews. A contract that hasn’t moved an inch. The staffing agency just sent another resume. Different person, same cold start, same three-week ramp, same departure in six months with all the context walking out the door.

The work is real. The unicorn posting isn’t going to fill itself. The talent Gary needs exists, but it isn’t looking for Gary, and the agencies Gary’s calling can’t get to it. Close the posting. Staff the work with people who’ve already done it. The doors don’t guard themselves.

Read next

You’ve got the architecture, the awareness, the sovereignty plan, and the team. Article 6 is about what happens when you sit across from a vendor and start asking the hard questions. Seven of them. The demo was polished. Then someone asked where inference runs. The room changed temperature. What to ask your vendor.

Cites

Kyndryl Security and Networks Readiness Report 2025-2026: 67% cite talent shortage as top security challenge

CrowdStrike 2026 Global Threat Report: 89% increase in AI-enabled adversary operations, 29-minute average breakout

Want to understand how we work?

Every conversation starts with your environment. Not our product list.

Get in touch
ArrowArrow

It's not about the technology, or the processes. It's about your clients, your users, and the hard won trust you've built. Every team here keeps that at heart.

Mobile CTA