Ken, This was an excellent commentary on what, in my own opinion has been the state of, just not the INFOSEC jobs, but also for general IT staffing. I'm currently at an iffy job right now because I got scared with all the nay-saying about the economy, and of course, along with everybody else here, needed to pay the bills. In this current "iffy" job I've had to "clue" our newly promoted COT (Chief of Technology... a vote for CTO would have required board approval.. go figure) on things such as SSH and general basic INFOSEC procedures. I had to give reasons WHY security was nessesary and the results of what could happen if it wasn't taken seriously (I was told stories of a foreign hacker owing or development boxes every weekend until I audited the boxes... haven't heard anything since.. funny, eh?) Even a simple definition of "RTFM" was beyond the grasp of him and everybody else (developers) in this company. We were approached by Symantec for a possible contract for some business (who also approached my last employer for entirely different services) and most of their questions I had to answer in the "negative" because I was walking into an environment (I was barely there a month) that was designed and managed by amateurs. I felt incredibly embarrassed giving these answers to Symantec because, if given a chance and the ability to have free-reign over the systems, I could, in less than a month, bring them up to snuff for them (and they are hard asses on security (in a good way)). My biggest gruff is with the HR and hiring managers since, other than the ones who have found this list, are mainly clueless not just in the INFOSEC arena, but altogether when it comes to hiring technical people. When I decide to leave this location (which is becoming more and more evident as days go by) what tips should I try to give companies regarding their attempt to hire useful and talented tech staff (yes, the actual IT department has people who do read Slashdot.. if that is any measure). I know that, as you expressed in your earlier "essay" that is impossible to truly boil down a true geek's resume in something that's less than ten pages and doesn't read like a buzzword list is virtually impossible. I've shrunk mine down to a page and feel that most of the time I'm getting overlooked because it's tight (detail to a point). However, I've been on the other side of the hiring table, and I found that overly verbose resumes for tech positions had me questioning every minute detail of their "filler", which in most cases, was just that, fluff. I think the big problem is trying to find the balance between the necessary verbosity for the detail of the talents of tech people, but keeping it concise enough that everything somebody needs to look at is on one page. I used to cheat by formatting it for legal size paper, but that just gets it printed on two pages if the HR person is not careful... go figure. Does anybody else have any stories of disappointment and despair... Maybe compiling them into a "Hiring Horror Stories" book would be a good idea. Oh, an in case anybody has a security related job for a jack-of-all-trades computer guy that doesn't require a security clearance in D.C... drop me a line. For those who took the time to read, thanks, and I look forward to your opinion. -- David A. Koran (dakat_private) - http://www.solo.net/~dak/ -----BEGIN GEEK CODE BLOCK----- Version: 3.1 GIT/CS/SS d- s+: a- C+++$ UBLHSX++++$ P+++$ L- E--- W+++ N- o-- K-? w--- O- M+++$ V-- PS++ PE- Y+>++ PGP t--@ 5 X+ R- tv b+ DI++++ D G e*>+++ h++ r y+ ------END GEEK CODE BLOCK------
This archive was generated by hypermail 2b30 : Wed Jun 20 2001 - 10:59:16 PDT