| One of the things done right at one place where I did a great many interviews for technical candidates was at a late phase to break out the technical interview and the management interview. This allowed a group of potential peers to have a friendly discussion of varying depths about not only the recent work and advertised skills of the candidate but about current events and community engagement. We became adept at evaluating candidates based on how they answered problems we presented, whether we believed they actually had the skills and experience on their CV, and how committed and engaged they were to the profession. This is especially important for security related careers because community engagement is vital, most people can't talk in detail about previous work and may not have been able to publish public material, and work is highly specialized. It is tough to evaluate someone on skills and knowledge they have and you don't, but we got good at it. And then the managers could talk to the candidate in a separate panel and ask ... well I have no idea to this day, actually :) I say more about all of this a presentation I did in February, Breaking Into Security: some InfoSec Career tips, presented at DC404, slides here:
http://www.atlbbs.com/sharkin/breakin-dc404.pdf |