Infosec Recruiting Social Media Experiment – “Unique Entry Level Opportunity for Future Infosecleaders”
August 13, 2010
Mike and I have often debated the power and practical applications of social networks. Mike regularly urges me to utilize social media in our recruitment process – and I regularly object. In addition, we have read and fielded many questions about entry level positions and “breaking into” the information security industry – and the fact that there are not many solid entry level roles (1st or 2nd jobs) for bright, talented “future” infosecleaders .
Recently, I have come across an opportunity through my recruiting business where we have the opportunity to combine the two – and I have decided to utilize Twitter and our blog to introduce this opportunity to the Infosecleaders community, and find the right candidate for our customer.
I am looking forward to seeing the outcome.
Here is the position description:
The client is a well respected, highly specialized security consulting firm that has Tier 1 clients – most of them based on the West Coast. The position that we are searching for would be based in Seattle (near their corporate HQ))- and there would be limited travel.
The client has been in business for close to a decade. They are comprised of some very well recognized information security professionals who built their careers at some of the leading edge security companies in the earlier part of this century.
The client offers a flexible work environment, predicated upon the maturity of the candidate and the ability to service their customers. The client is supportive of a constructive industry presence – whether it is related research, public speaking at local or national security events, or writing.
Our client is looking for an information security professional with both aptitude and passion, and an interest in software security and a desire to learn about security in the software development life cycle.
The candidate that we are searching for will ideally have some work experience – 1-4 years, or have recently graduated from a respected university (either bachelors or masters or Ph.D) with a degree in computer science, computer security, or other related disciplines. Ideally the recent graduate would have had some practical experience through the course of their studies.
Experience in environments that include information security consulting, software development, quality assurance, web app development or penetration testing – would be beneficial – but not a hard and fast requirement.
It would be great if the candidate came with a good foundation of technical skills – but if your skills are just good – but you have aspiration for them to be great – that could be acceptable as well. If this is the case, we will ask you to demonstrate examples of this desire during our pre screening process.
The opportunity is two-fold. The first component of the opportunity is a bit more process focused and requires that the candidate to have some good organizational skills – serving as a central point of contact for the management of the operational tasks of a technical information security engagement. The opportunity will enable the candidate to get a first hand look into enterprise software security and how secure software development is done correctly. (This would be the part where you “pay your dues.”)
The second part of the opportunity is the ability to learn and evolve. (here is where aptitude and passion come into play) The candidate will undergo guided training by the senior members of the team in areas that include software security,web application security, penetration testing, and reverse engineering. (This will be the part where you accelerate your career.)
The idea, is that after some time – the candidate will evolve into a security professional with developed expertise in these areas. They will develop customer skills, organizational skills, consulting skills, and have exposure to world class clients.
The salary for this role will range between 55-85K – depending on the amount of work experience and the quality of education. I would say that the sweet spot is probably between 65-75K.
The candidate would also be eligible for a bonus – based on their performance and company success. The company has a demonstrated history of paying bonuses to their employees.
The company pays fully for individual/family medical benefits (health care and dental) – this is fairly unique in these economic times.
The company is willing to assist in the relocation to Seattle – as a guide, if you rent an apartment and can place your stuff in a u-Haul – you will be fully covered. If you own a home – this will be quite difficult.
My first expectation for this experiment is that people will only apply to the role if they fit the parameters that I have outlined in the description above.
For example – If you do not want to live in Seattle – please do not apply. If your salary demands are over 85K – please do not apply. If you do not have an interest or aptitude toward software security -please do not apply.
If you do fit the requirements, please submit your resume (word or Adobe format) to firstname.lastname@example.org – in the subject line please write “Recruiting Social Media Experiment”. I would also like to know what about the opportunity is particularly appealing to you.
All qualified submissions will receive a call from either myself or one of my experienced information security recruitment professionals – within 3 business days – to conduct a more detailed interview and to answer particular questions about the client and opportunity.
If you do not receive a call in 3 business days, please call my office directly at 732-577-8100 – sometimes e-mail gets swept inot junkmail folders.
As always, resumes will not be submitted to our client without your consent, after learning more about the opportunity. Confidentiality is always observed.
I am going to provide some regular updates (via the blog) on this experiment to chart the progress and share some issues. If it is successful, I may begin to utilzie this method more – for some unique opportunities.
Lets see how it goes.