Like this article? We recommend
Like this article? We recommend
Like this article? We recommend
"I have high exposure."
You need a full-time expert. Let’s find him.
We found one security expert at the circus by networking with some very dangerous people. I’ll explain how to network in security when we get to the second way to hire a computer security expert.
There are three basic ways to find a computer security expert:
- Place ads in newspapers and on online job boards.
- Network into finding the right person.
- Hire the right recruiter.
Place Ads in Newspapers and on Online Job Boards
You get a lot of resumes to review when you place ads for the job. You will get people who can keep out all the combined hacking experts in China. You’ll also get a lot of people who are truck drivers but really want to be computer security experts. Some even have a certification to prove it.
Your ad will draw a lot of people you need to avoid. Trash the resumes of:
- The chronically unhappy
- The incompetent
- The unqualified
The most dangerous are the chronically unhappy. They have a new job every six months to a year. They suck the air and happiness out of the office they are in. They got into security because they hate people. They want you to shove a pizza under their door at lunch and leave them alone. Don’t hire them. Your security expert should be a communicator. He has to talk to you when there are problems. He needs to know how to enlist your help and get what he needs into your budget.
The incompetent have training and certifications but no skill. The only way to tell who they are is to check references. Check five references. Everyone is prepared with three, so getting five gives you a better chance of getting the truth. Then call the boss where they last worked even if he isn’t on the reference list. Only call the boss where he currently works with his permission. You can find out the boss’s title and name during the interview. Call the company and ask for him. Ask pointedly how well your candidate did, why he left, and if he would be rehired.
The unqualified just haven’t been trained yet. If you want to train someone, then find the most excited computer fanatic you can find. Hire the one with a complex network in his basement. Training will take time. If you don’t have a few months and $10,000 to train the guy, hire someone else. And remember, as soon as he is trained, you have to give him a raise or he will be snatched away from you.
Network to Find the Right People
A humongous company sent us on a search for a security officer. We rifled through the personnel files of the Secret Service, FBI, Navy, and a circus. Our best candidate came from the circus. He was the friend of a friend of an acquaintance.
That’s the secret to networking to find the best person.
Confused? Okay. Let’s take it one step at a time. Here are the ideal qualities of security specialists:
- They know everything and everyone.
- There are a limited number of top operatives.
- Some guys carry a license to kill, and it impresses everyone.
- If they trust YOU, they’ll turn on their friends, in a good way.
Now all you have to do is to use their personality to smoke them out.
They Know Everything and Everyone
A computer security expert is involved in a world of subterfuge and deception. For some of them, security is the ultimate game of Dungeons and Dragons. There are shady characters that are out to ruin them. Along the way they will run into soldiers of fortune, halfling thieves, kings, and tower guards. They get to design the ramparts of the castle they will defend. There are trapdoors, passwords, security rings, and magic tokens.
Security experts want to be the dungeon master. They want to control all the characters. At the very least, they want to be a wise monk who wreaks havoc on corruption with bare hands.
It is the nature of the true security expert to get to know the demigods, the warriors, and the fools. If you can find one real security expert, he can open the world to you. He will send you outstanding people.
There Are a Limited Number of Top Operatives
In every call and interview, ask, "Who is the best security person around here?" Also ask, "Who is the best local computer security trainer you have met?" Quickly you will find that a few particular people are mentioned over and over. Call them up and ask for help. They love to show off, and they love to help their friends.
Some Guys Carry a License to Kill, and It Impresses Everyone
The big guns in security often worked for the Secret Service, FBI, CIA, or NSA. They are incredibly expensive to hire. They’re worth it for a huge exposure. Having carried a license to kill and battled terrorists gives them an incredible networking ability. Secret Service agents are particularly well networked. Most of them have only physical security expertise and may not be useful to you by themselves. But they will know other people you need to get acquainted with. The ones with computer security expertise can be amazing.
These big dogs are expensive. If you don’t want to hire one, find them anyway and ask for help. Keep your eyes open so you can help them, too, and keep in contact. Even if you know they are way too expensive, keep their resumes. Call them whenever you have an opening they might help with.
If They Trust YOU, They Will Turn on Their Friends—In a Good Way
Become a real person to the person you are trying to network with. Take the time to be interested in his background. Ask about his toughest protection job. Let him know of any other companies or openings you think he may be interested in. Make an email list of the helpful experts and let them know how your search is coming. Tell them when you fill this job. Then email them when the next opening comes up. Repeated polite contact turns you into a real person in their eyes. They will want to help you. They will turn their friends on to the opportunities you have.
My Favorite Way to Find a Security Expert: Hire the Right Recruiter
I’m a recruiter. I’m prejudiced. I do a great job.
Find a recruiter who specializes in computer and network people. Ask him for help. You will end up paying 20 to 35 percent of your expert’s annual salary to get him. Twenty percent is for the generic security folks who are really just expensive systems administrators. Thirty-three or 35 percent is for the demigod overseeing a large department.
One good recruiter, maybe two, will beat out a pack of 30 recruiters. If you only have one good dedicated recruiter in on the search, he knows he has a decent chance of making the placement. He’ll go broad and deep to find your security pro. Give the job opening to a pack of 30 recruiters, and they will all do a quick online search, just like you did, and stop looking. Then you’ll end up wondering if recruiters are ever worth what they charge. Fewer recruiters are better.
Try the way or ways that suit you best:
- Ads
- Networking
- A recruiter
You can find the person you are looking for.