I have a lot to say on this subject. Hiring is the most important thing we& #39;ll do as managers. The only thing worse than an open req is filling it with the wrong person.
I& #39;ll do me best to keep it short. https://twitter.com/YouDownWithTTPs/status/1253837048139694080">https://twitter.com/YouDownWi...
For new #SOC analysts I hire for traits more than skills.
1. Traits are what make you, well you. They& #39;re much harder to change
2. Skills are what you know and are easier to acquire
If you have the right traits say: curiosity & capacity for knowledge I know you& #39;ll grow fast.
1. Traits are what make you, well you. They& #39;re much harder to change
2. Skills are what you know and are easier to acquire
If you have the right traits say: curiosity & capacity for knowledge I know you& #39;ll grow fast.
Here are the traits I seek for new #SOC analysts:
1. Candor (ability to admit when you don’t know; seriously, it’s OK)
2. Persistence (you don’t give up easily)
3. You love to solve problems
4. Curiosity
5. Passionate about learning
6. Capacity for knowledge
1. Candor (ability to admit when you don’t know; seriously, it’s OK)
2. Persistence (you don’t give up easily)
3. You love to solve problems
4. Curiosity
5. Passionate about learning
6. Capacity for knowledge
Best question: Tell me about yourself. Listen hard. Ask follow-ups. It should be a conversation.
Also:
1. What piqued your interest in security?
2. Tell me about a great work/project experience. What made it so great?
3. Tell me about a bad work/project experience.
Also:
1. What piqued your interest in security?
2. Tell me about a great work/project experience. What made it so great?
3. Tell me about a bad work/project experience.
On skills: These are (some) of the skills I seek for new #SOC analysts:
1. You know TCP/IP. You know how basic protocols work.
2. Windows/Linux fundamentals.
3. Attack basics: How they work at a high-level.
4. Object oriented programming a plus but not required.
1. You know TCP/IP. You know how basic protocols work.
2. Windows/Linux fundamentals.
3. Attack basics: How they work at a high-level.
4. Object oriented programming a plus but not required.
On every interview I& #39;ll ask: I open up my web browser and type " http://google.com"> http://google.com ", in as much detail as possible, what happens?
This should take 10-15 minutes. Listen hard. Ask follow up questions. Also getting insight to candor. Do they admit when they don& #39;t know?
This should take 10-15 minutes. Listen hard. Ask follow up questions. Also getting insight to candor. Do they admit when they don& #39;t know?
I ask additional technical questions based on what& #39;s listed on the candidates resume or from what I learn about them during the "tell me about yourself" question. Great follow-up questions are key!
List python on your resume. I& #39;m asking
Don& #39;t list RE on your resume? I& #39;m NOT
List python on your resume. I& #39;m asking
Don& #39;t list RE on your resume? I& #39;m NOT