Hackers Hiring Hackers - How to Do Things Better

Presented at DEF CON 23 (2015), Aug. 6, 2015, 11 a.m. (60 minutes)

There are a lot of talks about how to be a better pen tester and workshops that show you how to use all of the cool new tools that are available to make our jobs easier, but there are only a few talks that address what some of us consider to be the hardest part of getting a job in security: the hiring process. The information security field is in desperate need of people with the technical skills hackers have to fill a myriad of roles within organizations across the world. However, both sides of the table are doing horribly when it comes to hiring and interviewing for work. Organizations are doing poorly trying to communicate expectations for a job, there are people going to interviews without knowing how to showcase their (limited or vast) experience, and some people posture themselves so poorly that the hiring managers don't think the candidates are really interested in the job. This talk takes the experiences of the speakers as both interviewers and interviewees as well as from others within the scene in order to help better prepare hackers to enter (or move within) "the industry" as well as let the people making hiring decisions know what they can do to get the people and experience they need for their teams.

Presenters:

• IrishMASMS - Hacker
  IrishMASMS is an old school hacker, fighting the good fight in Computer Network Defence (CND)/blue team efforts for over 16 years. Been lurking about since DEF CON 10, DJing the B&W ball at DEF CON 18 (with quite a few AP pool shindigs and private parties along the way). Panel member at HOPE 5, presenter at a couple of Notacon’s, and some other conferences that are hard to remember what really happened. Having progressed through the ranks to hiring manager and director level, he has experienced the pain from both sides of the hiring process and desires to improve the situation for the InfoSec community. Is this where we mention cyberderp? Twitter: @IrishMASMS
• Tottenkoph - Security Consultant, Rapid7
  Tottenkoph has been hacking for the past 10 years and is currently a security consultant for Rapid7. Tottie has spoken at several hacker cons and is currently pursuing her Master’s degree in Industrial and Organizational Psychology, planning to apply its practices to the hacker and infosec communities. Twitter: @Tottenkoph

Links:

• https://defcon.org/html/defcon-23/dc-23-speakers.html#Tottenkoph
• https://infocon.org/cons/DEF CON/DEF CON 23/DEF CON 23 video and slides/DEF CON 23 - Tottenkoph and IrishMASMS - Hackers Hiring Hackers - Video and Slides.srt (subtitles)
• https://infocon.org/cons/DEF CON/DEF CON 23/DEF CON 23 video and slides/DEF CON 23 - Tottenkoph and IrishMASMS - Hackers Hiring Hackers - Video and Slides.mp4 (Video and Slides)

Similar Presentations:

• Black Hat USA 1999 / The Road to Riches
• DEF CON 7 (1999) / The myths associated with hiring hackers
• BSidesSF 2016 / Hackers Hiring Hackers - How to hack the job search and hack talent