To Find InfoSec Talent: Ask Questions—Shut Up—Listen


This episode of The Academy is made possible by the generosity of our sponsor, Pepperdine University Graziadio School of Business Cyber Risk Certification Program.

By Sean Martin

The cybersecurity industry continues to whine and cry about not having enough talent from which to source their InfoSec employees. Indeed, there are challenges in this space that need to be addressed; there’s no questioning that. But are organizations approaching this challenge the wrong way? Are they doing things, using things and missing things that are putting them in this position? Are they hurting themselves rather than rising to the challenge in a way that puts the candidates and employees at the front of the story?

Marco and I had the opportunity to chat with Kirsten Renner from Novetta and of Car Hacking Village fame. As a long-time recruiter, Kirsten suggests that we may be leveraging processes and technologies to our disadvantage, forgetting about the human element of the whole process. To sum it up: Kirsten says recruiting companies, hiring managers and their extended recruiting team needs to “Ask the right questions and then shut up and listen.”

Here are some of the things we discuss in this episode:

How and where should you be looking — and participating — to find InfoSec talent?

The most valuable candidate is the one that is passive and doesn’t know they are a candidate.
— Kirsten

Who is involved in the hiring process? Is everybody on the same page and participating in the process with the human element at the forefront of the program?

Are you asking the right questions? Do you know what the right questions even are? Are you paying attention and truly listening to the answers?

Are you using technology and processes to your disadvantage? Are you filtering out too many potential candidates?

What can the candidates do to have a better shot at being seen and working through some of these technological and process filters?

I don’t want artificial intelligence to manage the recruiting process.
— Marco

Where does recruiting sit within your organization? Is it part of your HR team? Is that the right decision?

How and where can the community work together to help each other?

No matter what role anybody plays, spending time being part of the community makes you feel good.
— Kirsten

It’s time to take Kirsten’s advice by doing what she says — I am going to ask her a few questions and then shut up and listen.

Kirsten is giving a FireTalk at Shmoocon on Friday, January 18th, 2019
Check it out

About Kirsten Renner


Kirsten is the Director of Recruiting at a very cool company (Novetta), a community volunteer, and a 'doer of all the things' at the Car Hacking Village.

Find Kirsten in LinkedIn
Find Kirsten on Twitter