Countercastle Cybersecurity
 NEWS  //  SECURITY_RESEARCH  //  CONSULTING & TRAINING  //  ABOUT  //  CONTACT 

Cybersecurity Recruiters: Time For An Extreme Recruiting Model?

Extreme Programming

I started searching for new cybersecurity leadership opportunities 1.5 months ago, and wow — the market has certainly changed since I last looked for a job in 2011.

After posting my résumé to a handful of career sites, I was hardly prepared for the deluge of recruiter emails that began pouring in, and never let up.  I’m now receiving an average of 42 emails per day, with some days spiking as high as 65. (Granted, many offers aren’t matches for what I’m seeking, but that doesn’t lighten the load — I still have to spend time filtering offers for fitness). In the time it takes to customize a résumé and cover letter, a dozen or more offers will sometimes appear in my inbox. Many of my peers are experiencing this same frenzied demand, and news headlines concur: the cybersecurity job market is on fire.

Given the market’s breakneck speed, you’d think that hiring companies would be scurrying to respond to candidates, but this isn’t always the case.

Sure, some companies have been fast: an initial response came right away, with screening interviews lined up within days.

But over half of the companies where I applied took their sweet time, gingerly letting weeks pass before initial contact, or worse, between interview rounds. Spending time and money reeling in candidates — and then doing nothing — isn’t an affordable luxury in this market. (See “42 emails per day” above).

The cyber job market has gone transactional, just like everything else cyber touches.  This means recruiting may need to become transactional as well, since candidates seeking new challenges may only be available on the market for weeks, if not days — and soon, perhaps only hours.

Extreme Recruiting (XR) is one name that some companies have given to this more transactional, self-organizing, and fast-moving recruiting model. Borrowing concepts from Extreme Programming (XP), the idea is to move candidates as quickly as possible through a streamlined interview process in order to arrive at an initial offer pronto.

XR implementations vary wildly, so here’s my interpretation:

  • Treat initial contact with candidates as part of company onboarding, which means painting a clear picture early of what day-to-day life would be like after hiring.  Simply listing skills isn’t enough. Candidates want to know what they will actually be doing (the “user story,” in XP parlance).  Many recruiters I contacted couldn’t summarize daily job activities, so I had to wait to speak with hiring managers, wasting precious time.
  • Mine for candidates who are already in technical or social environments where talent is being proven. For example, if seeking hackers who are great team players under pressure, go recruit at team hacking competitions.
  • Respond to candidates within hours, rather than days. If recruiters are swamped, spread out the screening load to technical team members, who can CC: recruiters on replies to candidates.
  • Ask disqualifying questions ASAP. A job opportunity located 2,000 miles away won’t help a candidate who can’t relocate. Put key details (including job city and state) in the subject line of emails so candidates who aren’t a good fit can delete messages faster without bugging you. And, by all means, cut a candidate loose immediately during an interview if it’s obviously not a good fit; these days, it is far more impolite to string them along.
  • Have hiring managers partner with team members to develop screening strategies (“collective ownership”), and give screening activities high priority daily during hiring periods.
  • Have screeners vote on candidates by ballot across a range of critical categories for speed, rather than spending time discussing candidate qualities endlessly.
  • Hold daily standup meetings to review candidate schedules and progress; rank and re-rank candidates by their interview scores on a whiteboard (“refactor and integrate often”).
  • Screen for technical, soft, and other skills in a single meeting with key hiring managers and team members present. If this isn’t possible, and multiple screenings are needed, try to at least hold them all on the same day, or on consecutive days. But remember: while waiting for the next interview round, candidates may be receiving tens or hundreds of emails from other recruiters. Waiting carries risk.
  • Consider giving candidates actual work problems to solve (“unit tests”), rather than inventing hypothetical interview problems. This way, a candidate gets a real taste of the job, and interviewers better understand how working with the candidate will be. Examples: “How I could I improve the security of this software, system, or process?”  “Our industry faces security challenge X; how would you approach this?”  “Our Python developers lack security awareness; give them an impromptu security awareness talk right now.”  Etc.
  • Be prepared to give an initial offer within a day when a suitable candidate is found so negotiations can begin without delay.  This may also help encourage a candidate to postpone pending interview appointments at other companies.

The old model of front-loading the hiring process with leisurely interviews and weeks of waiting is dead. The new transactional landscape requires speed and simultaneity: do it fast, and do it all at once, or risk losing talent.

Additional Reading:

3 Comments

  • Mattie
    Posted April 29, 2017 @ 6:54 am | Permalink

    omg Aqua di gio is another fav, I LOVEEEEEE that scent! 🙂 I think 1 million is worldwide, it's gorgeous, you have to get hubby a bottle, you will be hooked. I kind of want one for myself lol! X@Sophie yes L&;#93occitane do some lovely scents that they aren't credited for. x

  • Larryevask
    Posted May 8, 2017 @ 2:17 pm | Permalink

    Downloads 0day Scene File Storage 0day 1990-2017 Private FTP
    http://0daymusic.org/premium.php

  • JohnnieRen
    Posted June 24, 2017 @ 1:49 pm | Permalink

    Downloads WEB Scene Music FLAC/mp3 1990-2017 Private FTP
    https://0daymusic.org

Post a Comment

Your email is kept private. Required fields are marked *