cyberguypr wrote: » I know there’s a ton of people out there trying to make it into the Infosec arena. I’m posting this so once you secure the gig, make sure you won’t be this guy. This is a long story but there’s a lesson or two here somewhere. To provide background, my team believes in developing talent. This is a decent sized company so people get promoted left and right and we like to have a pipeline in case someone makes a move. A little bit over half the team is senior level engineers and the rest are jr. A couple of years ago we hired a guy fresh out of college. The guy was hungry to learn and quickly got up to speed. Although the full IT background wasn’t there, this guy could put two and two together and either try to figure out things by researching or escalating to the appropriate individuals. He has proven to be a valuable addition to the team. That worked out pretty well, so we tried it again earlier this year with very different results. This time the guy just didn’t live up to the expectation. Keep in mind the guy has an IS/Risk Management degree, so it’s not like he hasn’t been exposed to security things before. Example of deficiencies: • Severe lack of foundational knowledge: no idea what nslookup is, struggled to find a Windows machine’s IP, looking at logs he thought a MAC address was an Apple Mac computer, no idea what NT Authority\SYSTEM is, etc. • Zero research ability. Most of the questions he asks the senior guys can literally be answered by the first few hits in Google (e.g: had no idea what a file called “brochure_design.ai” was and was convinced it was an exfiltration attempt) • Inability to take notes. Procedures are explained, he takes notes, later on can’t make sense of what he wrote down. Meetings were delegated to this guy and we were left with useless notes. • Cannot connect the dots. Zero critical thinking • Overthinks the most basic stuff • Constantly missing SLAs for super basic stuff • Given access to expensive $BigSecurityVendor training for free, he let it expire without completing the first of 4 courses. I can go on but I think you get the picture. This person has been with us for 6 months so far and improvement, if any, is at glacial pace. He has been talked to by both peers and manager on how to improve and what the expectation is. We even removed some of the original technical duties to see if he could master the “crappy” stuff. Yet nothing! I am personally convinced he will never get it and it’s not meant for this type of work. Hey, some people do belong in McDonald's. Everyone in my team has spent considerable amounts of time trying to ramp up the guy but things come in through one ear and go out the other. We are at the point where everyone’s workload is getting affected. It is obvious we need to cut ties. Overall a sucky situation. The best part: I opposed hiring this person since day one and the boss had to tell me the other day “Yeah, you were right. This is on me.” Takeaway: be the best you can be, especially if you are surrounded by great talent who stop what they are doing to sit with you and show you the ropes. TLDR: new guy sucks, can’t learn, doesn’t understand the basics, everyone has spent too much time helping, we will need to fire him and go back to square one.
cyberguypr wrote: » That worked out pretty well, so we tried it again earlier this year with very different results. This time the guy just didn’t live up to the expectation. Keep in mind the guy has an IS/Risk Management degree, so it’s not like he hasn’t been exposed to security things before. Example of deficiencies: • Severe lack of foundational knowledge: no idea what nslookup is, struggled to find a Windows machine’s IP, looking at logs he thought a MAC address was an Apple Mac computer, no idea what NT Authority\SYSTEM is, etc. • Zero research ability. Most of the questions he asks the senior guys can literally be answered by the first few hits in Google (e.g: had no idea what a file called “brochure_design.ai” was and was convinced it was an exfiltration attempt) • Inability to take notes. Procedures are explained, he takes notes, later on can’t make sense of what he wrote down. Meetings were delegated to this guy and we were left with useless notes. • Cannot connect the dots. Zero critical thinking • Overthinks the most basic stuff • Constantly missing SLAs for super basic stuff • Given access to expensive $BigSecurityVendor training for free, he let it expire without completing the first of 4 courses.
cyberguypr wrote: » We got some candidates that showed technical aptitude but the cultural fit was not adequate.
cyberguypr wrote: » • Inability to take notes. Procedures are explained, he takes notes, later on can’t make sense of what he wrote down. Meetings were delegated to this guy and we were left with useless notes. • Cannot connect the dots. Zero critical thinking • Overthinks the most basic stuff • Constantly missing SLAs for super basic stuff • Given access to expensive $BigSecurityVendor training for free, he let it expire without completing the first of 4 courses.
cyberguypr wrote: » Now we are even questioning the degree, the university, etc.
TechGromit wrote: » You company didn't even verify his credentials? In that case I have a Doctorate degree in IT, speak 12 languages and have three GSE certifications, I only want 140k a year, where do i apply?
infosec123 wrote: » Im sorry but I absolutely hate this line. What exactly is so great about your company culture?
goatama wrote: » It's not necessarily company culture, but team culture. For example, the company I'm currently at, our security team has a different culture than the rest of the company. It's important that candidates fit *our* culture because they'll be working with us. We take them out to Happy Hour after their panel interviews and get to know them. We want to make sure we're going to be able to get along with the person we're hiring. Otherwise nobody is happy. This also doesn't necessarily mean Silicon Valley startup-culture. Ain't nobody outside the Valley got time for that crap. We just want to make sure the person can deal with the crap we take and will stand up to push back when they need to. It's very important for a security team to be able to do that. And getting a feel for how the candidate will be able to do that is part of the cultural fit. EDIT - That word got used so much it now has no meaning. I hate when that happens.
infosec123 wrote: » I get it but still disagree. When I started at one job, on my first day, I was handed a excel spreadsheet with all the admin passwords to all systems on it, normal for my team. Two months later, I had selected and implemented a privileged password management system and eradicated every trace of that spreadsheet. I went against the team culture and made the place better, and after a little grumbling from my team mates, they finally started accepting the system and realized the benefits a PPM system provides. A good team isnt made of best friends (IMO), you need conflict to drive forward and make improvements.
Blucodex wrote: » I think by "culture" it's more about simpatico. Have you ever worked with someone who was such a piece of **** that HR was the only reason they weren't fired? Not someone you want in your team even if they are a rockstar at their job.
cyberguypr wrote: » You guys make it sound like I work at Mom&Pop's IT shop. Of course there was a full background check conducted. The degree is 100% valid. What we question is if the guy really did the school work or if he either ended up buying papers off Chegg, got answers provided by an unscrupulous teacher, or something like that. The other day I went to the college's website, checked the curriculum and brought up conversation and questions about topics covered in the classes. He deflected every one of my questions. Bizarre.
