HR Tech is Child’s Play When You Talk to CyberSecurity Candidates

So, we’re pulling up to #BSidesLV (after attending, I’m still not sure what the hell that means), and I’m about to swipe my card through the taxi meter when suddenly, the screen goes black. Suddenly, some Linux instance popped up (I know because it was written on the bottom of the screen), although I have no idea what the hell it said, since I’m not that technically proficient. If you’re not familiar with BSides (I wasn’t), it’s sort of an un-conference for hackers, with open conversations and attendee participation driving an event that purports to put the “Info” back in “InfoSec.” So, Edward Snowden, Julian Assange, Kim Dotcom and LinkedIn’s data privacy team walk into a bar…and you kind of get what was going on.

That’s why when I saw what looked to be a harmless enough system error pop up upon arrival, I got a little freaked out, frankly. Lines of code suddenly popped up like the Matrix, and I had no idea what the hell was going on except to say that there seemed to be some strange things afoot at the Circle K.

I didn’t have to know code, though, to get the message loud and clear. I gingerly put my debit card back in my wallet (crisis averted), then asked my partner in crime Pete to borrow some cash. He’s much more prepared for this than I am, with a burner phone and shit. I just run a pretty solid VPN I got in the iTunes store and make sure to use my browsers in incognito only, with all location services turned off.

This I do as a matter of course – I figured that with thousands of hackers descending upon Vegas for three concurrent cybersecurity conferences, if I was going to be penetrated, then there was really nothing I could do about it. About that word. Turns out InfoSec guys like using the phrase “penetration testing” out there about as much as TA types talk about “candidate experience” or “big data.”

I would use Google to figure out what this actually means, but I’m pretty sure that ends with either Chris Hansen or the Feds at my door, and instead, I just laughed like a little schoolboy every. single. time. the word “penetration” was used. And believe you me, it was a lot. I’m like 12, seriously, but c’mon, you guys. That’s ridiculous.

I’m not just using this as an excuse to talk about penetration, which, by the way, makes this literally a hard core post. This is apropos, considering that BSides/Blackhat/Defcon were the three most hard core conferences I’ve ever been to in my life. It was like the time I went to an Insane Clown Posse show in Missouri when I was growing up. I had no idea what the hell was going on, or what all these people were getting so into – only that I had no business being there.

I normally only get to go to recruiting conferences, which means I’ve got to trot out some well worn speech about “employer brand’ or “social recruiting” or some shit, run through a deck and sit through a bunch of presentations that are more or less variations on the same theme.

These mostly make me want to stab my eyes out, not because the content or other presenters aren’t good, but because you hit a certain moment in your life where you can’t listen to people talk about sourcing strategy or Boolean search anymore. You shouldn’t have to. Yet, from a technology standpoint, the fact that we’re even talking about stuff like X-Ray search would probably have cracked up the hackers I met up with in Vegas.

In the world of talent acquisition, I’m probably closer to the head of the curve in terms of knowing my way around tech; I understand stuff like APIs, am pretty proficient on social media and spend a ton of time advising on product roadmaps, integrations and the HR Tech ecosystem, which makes me like the Alan Turing of Talent Acquisition.

But at BSides, I was like one of those sweater wearing SHRM ladies asking about what the “pound” sign at the end of the “Tweeters” meant. I actually know a bit about coding and software engineering – the development side of the house, at least from a recruiting perspective. I just know next to nothing about how the business of protecting (or penetrating) all that code that “tech talent” gets paid big bucks to crank out, and turns out that Information Security professionals are among the most in demand on the jobs market. There are estimated to be 1.5 million open cybersecurity jobs by 2020, when data privacy will be even more dead than it is today. But it struck me that the people around me might look like they were straight out of a Hot Topic catalog or ComicCon Toledo, but they had more power than probably anyone in the world, and it can be used for good (protecting our personal identifiable information or proprietary data) or evil (LinkedIn Connect) – or just neutral, like seeing if you could penetrate the taxi’s payment system remotely.

So why was I there? Turns out that people who most recruiters would spend days trying to source were lining up for resume and career advice – and for some reason, they let me be the one to give it. Unlike most job fairs, I’d see these candidates, CISSPs and MS degrees and security clearances in hand, and I’d assure them they had nothing to worry about.

Some guy with a Johns Hopkins PhD and a section of his resume that was actually REDACTED (how f-ing cool is that?) asked if recruiters would think he was stalking them or weird if he contacted them directly for jobs. I told him I was pretty sure that he would be fine. They all would be.

Seriously, every candidate I talked to was placeable, the kind search firms get paid beaucoup bucks to track down. But there they were, worried about their resumes or what recruiters might think – and how to make a good impression or get a foot in the door for that kick ass job they saw posted and applied to (why didn’t they ever hear back, one Vet with an MIS/MBA from Harvard asked me – I had nothing).

Then it struck me. There’s no talent shortage in tech.

Just in tech recruiting.

The hackers pretty much agreed. Which is good, because these are the kind of people you don’t want to piss off. Of course, they can’t seem to find their way through an ATS, either, so guess they’re not so different, after all. Except, of course, for the obsession with Mr. Robot and UtilKilts.

FOT Background Check

Matt Charney is the Executive Editor for Recruiting Daily, whose flagship property, RecruitingBlogs, is the world's largest social network and content sharing platform for recruiting and HR professionals. Matt oversees editorial strategy and content marketing for RecruitingDaily's portfolio of online properties. Prior to joining RecruitingBlogs, Matt served in marketing leadership roles at leading HR technology companies like Talemetry, CornerstoneOnDemand & Monster. Matt began his career as a corporate recruiter for such companies as Walt Disney and Warner Bros. Matt has been named as one of the top 25 influencers in recruiting by publications like the Huffington Post, Glassdoor, CareerBuilder and LinkedIn, and has been recognized as one of the 2015 HR Game Changers by HR Magazine adn SHRM, the 2015 HRO Superstar for Analyst Excellence and the 2014 Top Recruiting Blogger by Social Talent. His blog mattcharney.com was also named one of the top 15 business blogs to follow by Wordpress in 2014. Matt serves as a member of the advisory boards for the Candidate Experience Awards, Rolepoint, RecruitiFi, Take the Interview, HiringSolved, Universum and Textio. Follow him @MattCharney or connect with him on LinkedIn (www.linkedin.com/in/mattcharney).

5 Comments

  1. Ane Ohm says:

    Went to a conference at the Rio, same place/time as DefCon a couple of years back. Working in the hotel Starbucks when two guys sat down and furiously started typing. Soon they stopped, triumphant: the hotel wifi went down. It was amusing and annoying at the same time.

    But more to your point, despite their mad skills, they are people, too. Offering real assistance, building trust and growing relationships is even more important with someone who can be placed in two minutes because they don’t know if anyone has their interest in mind: great fit, great pay, interesting job. (No, just take this job because it’s where I make money off you.)

  2. Kristina says:

    I practically scream this every single day … “There’s no talent shortage in tech. Just in tech recruiting.” It is surprising to me though that these folks would be worried about their resumes when I’m falling all over myself everyday to get these people on the phone and/in Huntsville for interviews. I don’t really care if their resume looks like crap though, I need them to be great at cyber security not writing resumes.

    • Kristina and Ane, I am so glad that you liked Matt’s article. I was so honored that both Matt Charney and Pete Radloff joined me in Vegas for HackerSummerCamp to see the so called talent shortage from the other side of the coin. I have been seeing this for the last few years that talented tech and information security candidates have been misused and treated disrespectfully by so many recruiters who don’t know good recruiting that they just have given up. These folks want fulfilling careers and to be treated well, but haven’t been and I just lose it when I see all these programs saying we need more tech talent.

  3. I do not quite agree with everything written, but here is some truth in what you say. I would like to explore more detail on this topic, maybe you have similar posts about it? Thank you.

  4. Kingsley says:

    Enjoyed reading this content.

    I would expect reading more from you soonest

Comments are now closed for this article.

Contact Us | Hire FOT to Speak | About FOT