Community Manager at Infosec!
Who we are | What we do
How much free labour during hiring process is too much ?
Azt7
Member Posts: 121 ■■■■□□□□□□
I share situations I encounter every now in the job search and now I am starting to agree with the overall gut feeling that a lot of people are getting taken advantage of.
So you go through all the steps in the recruitment process. Then comes the employer wanting to evaluate how you work, rightfully so. That's when it becomes blurry :
How much is too much in terms of showing your value ?
I have heard for years about people asking you questions and using your responses to fix issues without ever hiring you but never believed it. I guess now it starting to make sense.
So you go through all the steps in the recruitment process. Then comes the employer wanting to evaluate how you work, rightfully so. That's when it becomes blurry :
- A marketing specialist I worked with was asked to translate and put company branding on a 10 page document in a 24 hrs window. As a full time employee, she produced it and never heard from the employer again.
- I was asked by a well-known global bank to produced a risk assessment for a web portal involving PII. Did it and sent it then they asked me to tweak it for a presentation for executives. Tweaked it and sent it, and now the recruiter hasn't heard from them for over a week when they would usually respond in hours.
- A consulting firm asked previously for me to provide my risk dashboard templates but I refused because it seemed fishy, I offered to do a use case of their liking. Never heard from them again
- Now, I'll be meeting a company who's looking for a cyber sec advisor. They told me that they usually request you to do a 15-20 hours project to evaluate you. Even ask you to come in their office if you want to, meet the team.
How much is too much in terms of showing your value ?
I have heard for years about people asking you questions and using your responses to fix issues without ever hiring you but never believed it. I guess now it starting to make sense.
Certifications : ITIL, MCSA Office 365, MCSE Productivity, AWS CSAA, Azure Architect, CCSK, TOGAF
Studying for : TBD
Studying for : TBD
Comments
-
10Linefigure Member Posts: 368 ■■■□□□□□□□I wouldn't do any.
If they want to bring you in for an interview, maybe a whiteboard session, or they may even have a small lab set up with a sheet that says fix problems A,B,C or something similar, that's all good. But asking someone to actually create a production deliverable before being officially hired, no way.
Also, your resume should show your competencies and ability to add value to an organization. Your references should be able to verify these and probably provide even more details with a quick call.CCNP R&S, Security+
B.S. Geography - Business Minor
MicroMasters - CyberSecurity
Professional Certificate - IT Project Management -
cyberguypr Mod Posts: 6,928 ModAh, I've read too many similar horror stories in /r/recruitinghell. Simply NO. Zero special projects for me. Companies pull this crap because they know someone out there is desperate enough to oblige to their games. The most I am willing to do is take some stupid personality test. White-boarding is also OK with me.
-
Johnhe0414 Registered Users Posts: 191 ■■■■■□□□□□I would not do any "free work" as well. That's what a probation period is usually for.
Current: Network+ | Project+Working on: PMP -
Azt7 Member Posts: 121 ■■■■□□□□□□Definitely agree with all of you guys. I have been way too conciliatory in my research and actually feel ashamed that I bent backwards in previous situations. After a decade in this industry, I should definitely know better.
I am currently a full time employee so I'm not that desperate. Funny thing is I'm waiting on an offer letter in the next 2 weeks (administrative delay / background check) and I'm just looking around as a backup plan.
They can pay me an hourly wage if they want me to produce anything.Certifications : ITIL, MCSA Office 365, MCSE Productivity, AWS CSAA, Azure Architect, CCSK, TOGAF
Studying for : TBD -
Azt7 Member Posts: 121 ■■■■□□□□□□Just as an update, the company advised that the project will be paid up to $1200.
Not bad !Certifications : ITIL, MCSA Office 365, MCSE Productivity, AWS CSAA, Azure Architect, CCSK, TOGAF
Studying for : TBD -
PCTechLinc Member Posts: 646 ■■■■■■□□□□Most of these requests are completely illegal due to being required to be paid for any type of work at all. At least in California, companies can ask someone to provide "sample" work to prove their skills, but they have to get paid if it's production work. Like everything else, people will continue to do anything until someone fights back.
Master of Business Administration in Information Technology Management - Western Governors University
Master of Science in Information Security and Assurance - Western Governors University
Bachelor of Science in Network Administration - Western Governors University
Associate of Applied Science x4 - Heald College -
TechGromit Member Posts: 2,156 ■■■■■■■■■□Azt7 said:
How much is too much in terms of showing your value ?
I have heard for years about people asking you questions and using your responses to fix issues without ever hiring you but never believed it. I guess now it starting to make sense.
Still searching for the corner in a round room. -
cyberguypr Mod Posts: 6,928 ModThis is a personal decision. I would consider a "hiring" project a consulting engagement. Since they are offering to pay, I expect nothing other than a contract stipulating scope of the work, NDA, terms etc. But again, I have zero patience for this BS.
-
iBrokeIT Member Posts: 1,318 ■■■■■■■■■□Azt7 said:
How much is too much in terms of showing your value ?
2019: GPEN | GCFE | GXPN | GICSP | CySA+
2020: GCIP | GCIA
2021: GRID | GDSA | Pentest+
2022: GMON | GDAT
2023: GREM | GSE | GCFA
WGU BS IT-NA | SANS Grad Cert: PT&EH | SANS Grad Cert: ICS Security | SANS Grad Cert: Cyber Defense Ops | SANS Grad Cert: Incident Response -
scaredoftests Mod Posts: 2,780 ModNone! I would send a bill to the other few places you did something for. God what gall!!Never let your fear decide your fate....
-
Pseudonym Member Posts: 341 ■■■■□□□□□□I was asked to come in for an unpaid trial day at my current job, ended up spending probably up to 40 hours on making a project for the trial day.
To be honest, I can understand people's concerns, but it's helped me step up from desktop support to Devops engineer in one go. I'm now migrating all of their apps to kubernetes and have a massive degree of autonomy to implement projects from scratch. Not to mention a substantial pay rise.Certifications - A+, Net+, Sec+, Linux+, ITIL v3, MCITP:EDST/EDA, CCNA R&S/Cyber Ops, MCSA:2008/2012, MCSE:CP&I, RHCSA
Working on - RHCE -
Danielm7 Member Posts: 2,310 ■■■■■■■■□□A friend of mine is trying to get a new job in marketing. He's got lots of marketing experience, ran his own company for years, a degree, etc, he's qualified. He even interviews well. I thought he was joking when he was talking about all the tests he has to do just as part of the application process, he started taking screenshots of some of them and sending them to me.
He's had to take a bunch of basic math tests, a few of them had spelling tests involved. One of the application processes was an online app that took easily 30+ minutes to fill all the fields, then upload your resume after (of course) then it kicked right into a three tests, each one saying expect 45 minutes to complete. Personality testing, one was a browser based VM where you had to do basic office tasks like copy and pasting in emails, it was a silly waste of time.
I know it's a little different than the free work thing, he's been asked to do that as well, but the amount of pre filtering some companies expect to do is insane. Already require 5+ years of professional experience, a BS or higher and you have to bring a full portfolio of your work. Do all that, then be asked to take a spelling test and math that I've literally helped 2nd graders do. (The questions were like, Jerry has two shoelaces, one is 20 inches long, the second is 7 inches longer than the first, How long are both of them together?) -
Azt7 Member Posts: 121 ■■■■□□□□□□thomas_ said:Azt7 said:Just as an update, the company advised that the project will be paid up to $1200.
Not bad !
I have an offer letter coming in for sure thanks to a customer referral for another company. No value to show there since a big customer is vouching for me
Certifications : ITIL, MCSA Office 365, MCSE Productivity, AWS CSAA, Azure Architect, CCSK, TOGAF
Studying for : TBD -
Infosec_Sam Admin Posts: 527 AdminDanielm7 said:A friend of mine is trying to get a new job in marketing. He's got lots of marketing experience, ran his own company for years, a degree, etc, he's qualified. He even interviews well. I thought he was joking when he was talking about all the tests he has to do just as part of the application process, he started taking screenshots of some of them and sending them to me.
He's had to take a bunch of basic math tests, a few of them had spelling tests involved. One of the application processes was an online app that took easily 30+ minutes to fill all the fields, then upload your resume after (of course) then it kicked right into a three tests, each one saying expect 45 minutes to complete. Personality testing, one was a browser based VM where you had to do basic office tasks like copy and pasting in emails, it was a silly waste of time.
I know it's a little different than the free work thing, he's been asked to do that as well, but the amount of pre filtering some companies expect to do is insane. Already require 5+ years of professional experience, a BS or higher and you have to bring a full portfolio of your work. Do all that, then be asked to take a spelling test and math that I've literally helped 2nd graders do. (The questions were like, Jerry has two shoelaces, one is 20 inches long, the second is 7 inches longer than the first, How long are both of them together?)
As far as actual pre-offer work goes, I was just asked to draft a couple of responses to some forum posts so they could gauge my writing style/ability (Community Manager position). None of that work actually contributed to the business, so I didn't feel taken advantage of. Plus, it was only a half hour or so of work, so it was more than reasonable in my opinion. -
MrsWilliams Member Posts: 192 ■■■■□□□□□□Azt7 said:I share situations I encounter every now in the job search and now I am starting to agree with the overall gut feeling that a lot of people are getting taken advantage of.
So you go through all the steps in the recruitment process. Then comes the employer wanting to evaluate how you work, rightfully so. That's when it becomes blurry :
I applied for an incident handler position years ago. It was with a big defense contractor. Everything was going smoothly, so I thought. I was given some items to download and analyze in Wireshark and a scenario.I remember it was some questions I had to answer based on my analysis.
It wasn't a right or wrong answer but it was a right or wrong answer.
Recently, I heard from someone that said they give developers projects to see how they would handle them.
I have seen a few resumes and laughed to my self and hit the LOL button on a few resume recommendations. For instance..you say you are "proficient", "familiar", "hands on", or "working knowledge", with *insert programming language here*. Ok, cool. What does all of that mean? How can I gauge your productivity in the production environment with those vague and less than detailed resume keywords/key-words? Makes you think doesn't it? Ok, I can definitely gauge it by giving you a hands on activity.I said that to say, I see nothing wrong with understand the individual work and worth.
For one reason and one reason only... People Lie on Resumes. All HR is going to say is YES he worked here during these dates or NO he didn't. HR can't confirm or deny you pushed START on a Vulnerability scan and why you put Information Assurance and Penetration Tester on your resume. Most organizations don't do thorough background checks for several reasons. The most thorough of any kind of background check anyone will EVER receive is when going through a high level clearance investigation with all the (physical) interviews and 1,000,000 questions.
What has to be understood is, most big organizations (not recrutiers/hiring agencies) don't go looking for talent. Talent comes looking for them, most of the time. Not all. Organizations that have a great salary, benefits, vacation, etc have the right to be selective and picky.
Veterans, you know why the Coast Guard is so small? Because 1. They are selective and picky. 2. You come looking for them, they don't come looking for you. In most high schools you'll see Army, Navy, Air Force and Marine recruiters (give or take one or two). I've never seen a Coast Guard recruiter in my high school ever and I grew up in a big city.
People that NEED a job can't be picky. If my bank account were to ever be small (god forbid), I would be less selective on what I decided to do and not to do if requested by a recruiter or potential employer. -
MrsWilliams Member Posts: 192 ■■■■□□□□□□MrsWilliams said:Azt7 said:I share situations I encounter every now in the job search and now I am starting to agree with the overall gut feeling that a lot of people are getting taken advantage of.
So you go through all the steps in the recruitment process. Then comes the employer wanting to evaluate how you work, rightfully so. That's when it becomes blurry :
I applied for an incident handler position years ago. It was with a big defense contractor. Everything was going smoothly, so I thought. I was given some items to download and analyze in Wireshark and a scenario.I remember it was some questions I had to answer based on my analysis.
It wasn't a right or wrong answer but it was a right or wrong answer.
Recently, I heard from someone that said they give developers projects to see how they would handle them.
I have seen a few resumes and laughed to my self and hit the LOL button on a few resume recommendations. For instance..you say you are "proficient", "familiar", "hands on", or "working knowledge", with *insert programming language here*. Ok, cool. What does all of that mean? How can I gauge your productivity in the production environment with those vague and less than detailed resume keywords/key-words? Makes you think doesn't it? Ok, I can definitely gauge it by giving you a hands on activity.I said that to say, I see nothing wrong with understand the individual work and worth.
For one reason and one reason only... People Lie on Resumes. All HR is going to say is YES he worked here during these dates or NO he didn't. HR can't confirm or deny you pushed START on a Vulnerability scan and why you put Information Assurance and Penetration Tester on your resume. Most organizations don't do thorough background checks for several reasons. The most thorough of any kind of background check anyone will EVER receive is when going through a high level clearance investigation with all the (physical) interviews and 1,000,000 questions.
What has to be understood is, most big organizations (not recrutiers/hiring agencies) don't go looking for talent. Talent comes looking for them, most of the time. Not all. Organizations that have a great salary, benefits, vacation, etc have the right to be selective and picky.
Veterans, you know why the Coast Guard is so small? Because 1. They are selective and picky. 2. You come looking for them, they don't come looking for you. In most high schools you'll see Army, Navy, Air Force and Marine recruiters (give or take one or two). I've never seen a Coast Guard recruiter in my high school ever and I grew up in a big city.
People that NEED a job can't be picky. If my bank account were to ever be small (god forbid), I would be less selective on what I decided to do and not to do if requested by a recruiter or potential employer.
An interview can be a waste of everyones times. Before someone says, an interview can isolate the facts and the fictions on a resume.Ok, we had an interview. HR was there and 2-6 other people who should be working right now but stopped to conduct this interview. I've had interviews during lunch time, true story. So, HR was there and 2-6 other people who would rather be at Chick Fill A right now know within the first 5 minutes your resume was fluff and this is a total waste of time. But, they smile and act like it's not a big deal when it is and wish you the best.You fluffed your resume, waisted everyones times, they smiled like it wasn't a big deal, when really it was and they wish they picked the intern that just graduated college because he is trainable, will take 60% less because he has 60k in student loans and you know he doesn't know anything. ... but he is trainable.. and desperate. ..and will work long hours .. and won't complain. But, you can mold him to be the best (insert title here). Which, is really worth it in the end. More money saved for the business win-win.
I think we should go through measures to eliminate physical contact to ensure the right person is coming in for the interview and not just based off a resume.
Ok, I am done here. Have a nice one! -
DatabaseHead Member Posts: 2,760 ■■■■■■■■■■None
All work is, is... trading hours of life for pay. I'm not giving people hours of my life for free, it doesn't make any sense..... -
Danielm7 Member Posts: 2,310 ■■■■■■■■□□I think a few of the earlier comments are looking at it more from a technical exam sort of direction and I'm not sure anyone really has a problem with that. When it's "do a full assessment of my environment, write it up in a report and presentation that I can show my board, using my template, and I want it done by Friday." that it starts to get into the realm of "free work" vs a test. If you want to be a pen tester and they show you a sample web app and the exam says you have to do 10 things to pass it, sure, that's a test. Asking you to be a free consultant is another thing entirely.
-
NavyMooseCCNA Member Posts: 544 ■■■■□□□□□□I wouldn't do unpaid work. I did work for a firm that had a DB problem and didn't have a DBA. The IT director put out a job req looking for DBAs. He did it to show the problem and get a solution...for free.
'My dear you are ugly, but tomorrow I shall be sober and you will still be ugly' Winston Churchil
-
Azt7 Member Posts: 121 ■■■■□□□□□□
At this point, I wonder how many times it happened to me. Especially when during the interview, people are taking lots of notes instead of focusing on the conversation.NavyMooseCCNA said:I wouldn't do unpaid work. I did work for a firm that had a DB problem and didn't have a DBA. The IT director put out a job req looking for DBAs. He did it to show the problem and get a solution...for free.
Certifications : ITIL, MCSA Office 365, MCSE Productivity, AWS CSAA, Azure Architect, CCSK, TOGAF
Studying for : TBD -
JoJoCal19 Mod Posts: 2,835 ModDatabaseHead said:None
All work is, is... trading hours of life for pay. I'm not giving people hours of my life for free, it doesn't make any sense.....Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, OCI Foundations Associate, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
Currently Working On: Python, OSCP Prep
Next Up: OSCP
Studying: Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework -
DatabaseHead Member Posts: 2,760 ■■■■■■■■■■Seen this NavyMoose. My former boss brought in an AI/Data Scientist resource in an interview knowing he was going to cost to much money and not stay long in the role....... However he thought it would be good insights so he brought him in for an interview with the sole purpose of "picking his brain".......
This is a great topic BTW. -
NotHackingYou Member Posts: 1,460 ■■■■■■■■□□Danielm7 said:I think a few of the earlier comments are looking at it more from a technical exam sort of direction and I'm not sure anyone really has a problem with that. When it's "do a full assessment of my environment, write it up in a report and presentation that I can show my board, using my template, and I want it done by Friday." that it starts to get into the realm of "free work" vs a test. If you want to be a pen tester and they show you a sample web app and the exam says you have to do 10 things to pass it, sure, that's a test. Asking you to be a free consultant is another thing entirely.When you go the extra mile, there's no traffic.
-
Panther Member Posts: 118 ■■■□□□□□□□I've heard about this, but to hear it first hand is crazy, having candidateS spend countless hours, and in the end you may/may not get the job or even hear back.
-
Panther Member Posts: 118 ■■■□□□□□□□Pseudonym said:I was asked to come in for an unpaid trial day at my current job, ended up spending probably up to 40 hours on making a project for the trial day.
To be honest, I can understand people's concerns, but it's helped me step up from desktop support to Devops engineer in one go. I'm now migrating all of their apps to kubernetes and have a massive degree of autonomy to implement projects from scratch. Not to mention a substantial pay rise.
What did they see in you, to ask you to come in?
I'm trying to step up from desktop support also.
I'm tempted to seek/do volunteer work outside of current role/team, at my current company.
I actually don't have a problem with it, if it will give me a leg up. Of course there are no guarantees either, and they could just be using you.
You did a week's worth for free ("up to 40 hours")? -
Azt7 Member Posts: 121 ■■■■□□□□□□Panther said:I've heard about this, but to hear it first hand is crazy, having candidateS spend countless hours, and in the end you may/may not get the job or even hear back.
It becomes even more interesting when you bring in 5 competent candidates and you submit use cases to them.
Can you imagine having a few 10-15 years IT vets giving you different perspectives on the same issue ? For free ?
That has to be an amazing feeling lol.Certifications : ITIL, MCSA Office 365, MCSE Productivity, AWS CSAA, Azure Architect, CCSK, TOGAF
Studying for : TBD -
DatabaseHead Member Posts: 2,760 ■■■■■■■■■■Just experienced this yesterday thought I would share.........
Received a case study for a data architect position. Asked dozens of scenarios including how I would go about building out a warehouse including email communications etc.... It took me 4 hours. I get a reply back saying the hiring manager is on the fence loved most but there was a crucial part missed, which was the change management piece..... The annoying part was on the case study it said there was no right or wrong answer yet he was saying it was wrong and wanted clarification. In the spirit of this communication I declined to provide anymore insights unless I would be compensated for my time at a rate of 100 an hour min 2 hours...... -
Pseudonym Member Posts: 341 ■■■■□□□□□□Panther said:Pseudonym said:I was asked to come in for an unpaid trial day at my current job, ended up spending probably up to 40 hours on making a project for the trial day.
To be honest, I can understand people's concerns, but it's helped me step up from desktop support to Devops engineer in one go. I'm now migrating all of their apps to kubernetes and have a massive degree of autonomy to implement projects from scratch. Not to mention a substantial pay rise.
What did they see in you, to ask you to come in?
I'm trying to step up from desktop support also.
I'm tempted to seek/do volunteer work outside of current role/team, at my current company.
I actually don't have a problem with it, if it will give me a leg up. Of course there are no guarantees either, and they could just be using you.
You did a week's worth for free ("up to 40 hours")?Certifications - A+, Net+, Sec+, Linux+, ITIL v3, MCITP:EDST/EDA, CCNA R&S/Cyber Ops, MCSA:2008/2012, MCSE:CP&I, RHCSA
Working on - RHCE -
Azt7 Member Posts: 121 ■■■■□□□□□□DatabaseHead said:Just experienced this yesterday thought I would share.........
Received a case study for a data architect position. Asked dozens of scenarios including how I would go about building out a warehouse including email communications etc.... It took me 4 hours. I get a reply back saying the hiring manager is on the fence loved most but there was a crucial part missed, which was the change management piece..... The annoying part was on the case study it said there was no right or wrong answer yet he was saying it was wrong and wanted clarification. In the spirit of this communication I declined to provide anymore insights unless I would be compensated for my time at a rate of 100 an hour min 2 hours......
This is the most difficult task we have. How do you show your value without being taken advantage of ?
Clearly, you have the killer combo knowledge + experience but you have to refrain from giving too much otherwise the company will just implement your ideas without hiring you. It is such a head scratcher that I don't think there's a way around it.
At this point, I will start asking question early in the process to see exactly where is the process going and do I really want the position. For example, the bank position I highlighted above was very desirable to me. Even though I provided too much as per ''our standards'', it was worth it for me.
In any other case, I will keep the answers somewhat vague.Certifications : ITIL, MCSA Office 365, MCSE Productivity, AWS CSAA, Azure Architect, CCSK, TOGAF
Studying for : TBD