https://abs.twimg.com/emoji/v2/... draggable="false" alt="đź‘‹" title="Waving hand" aria-label="Emoji: Waving hand"> Hi, @YouDownWithTTPs. Great to (virtually) meet you!

I have a lot to say on this subject. Hiring is the most important thing we& #39;ll do as managers. The only thing worse than an open req is filling it with the wrong person.

I& #39;ll do me best to keep it short. https://twitter.com/YouDownWithTTPs/status/1253837048139694080">https://twitter.com/YouDownWi...
For new #SOC analysts I hire for traits more than skills.

1. Traits are what make you, well you. They& #39;re much harder to change
2. Skills are what you know and are easier to acquire

If you have the right traits say: curiosity & capacity for knowledge I know you& #39;ll grow fast.
Here are the traits I seek for new #SOC analysts:

1. Candor (ability to admit when you don’t know; seriously, it’s OK)
2. Persistence (you don’t give up easily)
3. You love to solve problems
4. Curiosity
5. Passionate about learning
6. Capacity for knowledge
Best question: Tell me about yourself. Listen hard. Ask follow-ups. It should be a conversation.

Also:
1. What piqued your interest in security?
2. Tell me about a great work/project experience. What made it so great?
3. Tell me about a bad work/project experience.
On skills: These are (some) of the skills I seek for new #SOC analysts:

1. You know TCP/IP. You know how basic protocols work.
2. Windows/Linux fundamentals.
3. Attack basics: How they work at a high-level.
4. Object oriented programming a plus but not required.
On every interview I& #39;ll ask: I open up my web browser and type " http://google.com"> http://google.com ", in as much detail as possible, what happens?

This should take 10-15 minutes. Listen hard. Ask follow up questions. Also getting insight to candor. Do they admit when they don& #39;t know?
I ask additional technical questions based on what& #39;s listed on the candidates resume or from what I learn about them during the "tell me about yourself" question. Great follow-up questions are key!

List python on your resume. I& #39;m asking
Don& #39;t list RE on your resume? I& #39;m NOT
Other helpful tips:
- Intro yourself first, ask how they& #39;re doing, put them at ease (they& #39;re nervous)
- Take really good notes
- A soft "yes" is in fact, a "no"
- A "yes" should feel like "OMG we have to hire this person!"
- It should be a conversation not an interrogation
Parting words: Know what you& #39;re hiring for and the skills & traits you& #39;re seeking. Ask questions to test for them. Listen hard. Great follow-ups are key! Active listening.

Any interview should be a conversation not an interrogation

I hope that was the least bit helpful.
You can follow @jhencinski.
Tip: mention @twtextapp on a Twitter thread with the keyword “unroll” to get a link to it.

Latest Threads Unrolled: