We need to talk about tech skills.

Just did a tech screen for a security architect role for a client.

It did not go well.
1/?

Me: how would you look at network traffic?
candidate: use a tap.
me: OK, how?
c: what do you mean?
me: how do you tap a network?
c: with the tap.
me: how do you deploy/install?
c: I use the tap.
me: but how? where does it go?
c: on the network.
me: where? how?
c: ... not sure.

me: OK no worries! you have the tap in... what do you get from it?
c: network info.
me: like what?
c: ... packets?
me: ... (realizing this is a lost cause) yes! how do you read them?
c: they have web gui controls you can connect to. the tap reads it for you.

ugh.

me: next up EDR how do you deploy them?
c: pro services, it's hard to setup EDRs
me: how do you tune them?
c: again pro services is the only way. You can't really tune these things.
me: who monitors? is it you or pro-services?
c: that never should be in house, let the pros

me: let's say you are charged with deploying PKI, what do you do?
c: hire best pro services you can
me: no... *you* deploy
c: that's left to the pros

at that point I asked a few softball questions and ended the call.

what happened though is... strange.

I got an email from candidate asking why I was doing "gatekeeping"

Like... do you understand what a tech screen is?

Tech screening is about keeping folks out of roles where they'd just punt everything to pro services!