Firestarter: China and Career Advancement

By Rich

Mike’s at the Jersey Shore, Rich is in Boulder, and Adrian is… baking in Phoenix in between tree-killing monsoons. This week we kept it simple with two topics. First up, China’s accusations that iOS and iDevices are a security risk. Which they should know, since they are all built there. Second is a discussion on security careers. How to break in, and what hiring managers should really look for.

The audio-only version is up too.

No Related Posts

Appreciate your guys insights. What I see happening in hiring is one of the following:

- we need to hire someone, actually we need 3 folks
- we don’t have budget for 3 folks, let’s throw all the requirements (develop cloud strategy and clean up ACLs) into one slot and hope for that Unicorn to walk in the door within the next 6 months and be available for the low-ball salary we set


- the hiring manager spends 7 minutes writing down requirements
- hands it over to HR, who is not technical
- HR who is not technical, talks to recruiters, who are not technical, explaining what they need
- the recruiter talks to candidates, explaining what the company is looking for, some candidates end up on interviews and it becomes clear within 2 minutes that it’s not the right fit and a lot of time is wasted all around

It is amazing to see how dysfunctional this process is even for high functional corporate environments (maybe even more so?)

I had very good experiments with specialized external recruiters, e.g. only handle Information Security folks. The biggest part of their job is to help the company understand what they really need, not what they think they need.

By Marco Tietz

If you like to leave comments, and aren’t a spammer, register for the site and email us at and we’ll turn off moderation for your account.