Site icon Liquidmatrix Security Digest

Don’t quit your day job…

How to prove the utility of an infosec interviewee in four questions

I like to hire infosec geeks that I can get along with. What this means in practical terms is that I need a way to see through your resume (which never seems to contain people’s alternate identity information) to who you really are as a practitioner, what sort of philosophy you have towards information security, and how easily I’ll be able to manage you.

To that end, I’ve got a list of only 4 questions that I use to determine “fit”. These questions are the only ones I really need to ask since there are HR people (who I get along with well – cough cough) who can take care of making sure that if you say you’re a CISSP, you’re actually a CISSP.

In no particular order here’s the questions I ask and the sorts of answers I expect. If I’ve interviewed you, you’ll probably now figure out who I am 🙂

1/ What is the hostname of your computer / essid of your wifi

This tells me if you love computers / get the hacker culture (know thine enemy), or if you see computers as a collection of parts which does not deserve a unique name.

Examples of good answers: hephaestus, neo, glitch, pieceofcrap, please_steal_my_signal, plausible_deniability

Examples of bad answers: consumerpc_67242, Bob’s Computer, livingroom, linksys

2/ Which infosec event/conference do you think is the *one* you need to attend each year

This tells me which school of thought in infosec you adhere to – even more than your resume can.

Examples of good answers: Blackhat, DEFCON, CanSecWest, Shmoocon

Examples of bad answers: RSA, SANS, Learning Tree

3/ You’re doing a walk around and notice an iPod plugged into a laptop – what do you do

This is peripherally related to #2, but tells me whether you will be manageable or not – can you do things “our way” or are you fanatical.

Examples of good answers: What does the Infosec Policy have to say? Does the employee seem to have any other risky behaviours (browser open to F*ckedcompany.com)?

Examples of bad answers: Take away the iPod and cable and then report the user to their manager.

(What is the point of worrying about it – *they take the laptop home every night and it’s got a 120gb HD*)

4/ You’ve been asked by HR to take a copy of an outgoing employees computer – what do you do

If you don’t start out your answer by asking about evidence requirements you’re not getting hired.

Examples of good answers: Do we have EnCase? I’d like to have you also with me to ensure that we’ve got a good chain of custody.

Examples of bad answers: I read somewhere that you can use a Linux thing to copy disks. I could get one of the windows admins to ghost the box.

What is interesting is that these 4 questions work for almost all situations – both when you’re looking for a progressive lateral thinker (like I am right now) and when you’re looking for someone who is best described as a “policy wonk” (apologies to the 3 policy wonks I know who are not also members of the AIPWWNGI (Association of Infosec People Who Will Never Get It). Try it – you might find your next good infosec person based on these questions.

And if you now recognize that I interviewed you – I’d like to apologize for being such a dick. I don’t actually have much to do with the hiring process.

[tags]interviewing, resume, getting the job, hiring techniques, information security professionals, ranting[/tags]

Exit mobile version