How to assess candidate's learning aptitude for red team in Cybersecurity?How can I assess an organization to better my career?Accidentally mentioned the names of shortlist candidates for a jobHow should I adjust my interview questions for female candidates?How to interview candidates above your understanding?Value of using a 3rd party recruiter's candidates, for employerInterview Question: How would you assess your own performance when working as part of a team?Candidates that are late for interviews?How to assess a candidate's ability to receive criticism?Interviewing candidates for “bad” projectsHow to assess non standard resume in a conservative industry
What does the following chess proverb mean: "Chess is a sea where a gnat may drink from and an elephant may bathe in."
My current job follows "worst practices". How can I talk about my experience in an interview without giving off red flags?
Which dice game has a board with 9x9 squares that has different colors on the diagonals and midway on some edges?
What should I watch before playing Alien: Isolation?
Reissue US, UK, Canada visas in stolen passports
What kind of curve (or model) should I fit to my percentage data?
Book in which the "mountain" in the distance was a hole in the flat world
Can a creature sustain itself by eating its own severed body parts?
Why do we need an estimator to be consistent?
Can "Taking algebraic closure" be made into a functor?
Oriented vector bundle with odd-dimensional fibers
Calculating Fibonacci sequence in several different ways
What are "the high ends of castles" called?
Count the identical pairs in two lists
Does switching on an old games console without a cartridge damage it?
Killing a star safely
Can the caster of Time Stop still use their bonus action or reaction?
Is it OK to accept a job opportunity while planning on not taking it?
Finding Greatest Common Divisor using LuaLatex
On a Gameboy, what happens when attempting to read/write external RAM while RAM is disabled?
What is the standard representation of a stop which could be either ejective or aspirated?
Why is there an extra "t" in Lemmatization?
As the Ferris wheel turns
Is it better to merge "often" or only after completion do a big merge of feature branches?
How to assess candidate's learning aptitude for red team in Cybersecurity?
How can I assess an organization to better my career?Accidentally mentioned the names of shortlist candidates for a jobHow should I adjust my interview questions for female candidates?How to interview candidates above your understanding?Value of using a 3rd party recruiter's candidates, for employerInterview Question: How would you assess your own performance when working as part of a team?Candidates that are late for interviews?How to assess a candidate's ability to receive criticism?Interviewing candidates for “bad” projectsHow to assess non standard resume in a conservative industry
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty margin-bottom:0;
Our company has grown to the size that we are looking to specialize in the roles within the cybersecurity function. At a high level, we are diving into offensive security employees- colloquially also known as red team to act similar to a penetration tester attempting to exploit security, and a Blue team focused on defensive security, controls engineering, and incident detection / response.
Currently the Security Operations team is almost entirely focused on defensive security. We are starting recruiting for new employees to work in the offensive security capability. Form my experience in cybersecurity, and interacting with my network members working in cyber, successful penetration testers / red team members are "future focused",and "think like a black hat" reading and educating themselves on vulnerabilities discovered and how an adversary can exploit them. To summarize, learning how to learn.
I realize evaluating candidates how they learn and keep abreast of news within the cybersecurity profession may be somewhat subjective, because learning styles are different for all individuals. Also, the importance of events are often also subjective. For example, some sectors may be exposed more to a particular event / breach.
How can I best objectively assess a candidates learning aptitude
within specialized field in IT?
- Given a certain amount of learning may happened outside of work, is such a question fair to the candidate? Would candidates likely see it
as "intrusion" into their work - life balance and be turned off
therefore?
interviewing software-industry recruitment
edited 38 mins ago
DarkCygnus
44.2k21 gold badges96 silver badges185 bronze badges
asked 1 hour ago
AnthonyAnthony
6,33916 silver badges62 bronze badges
add a comment |
Our company has grown to the size that we are looking to specialize in the roles within the cybersecurity function. At a high level, we are diving into offensive security employees- colloquially also known as red team to act similar to a penetration tester attempting to exploit security, and a Blue team focused on defensive security, controls engineering, and incident detection / response.
Currently the Security Operations team is almost entirely focused on defensive security. We are starting recruiting for new employees to work in the offensive security capability. Form my experience in cybersecurity, and interacting with my network members working in cyber, successful penetration testers / red team members are "future focused",and "think like a black hat" reading and educating themselves on vulnerabilities discovered and how an adversary can exploit them. To summarize, learning how to learn.
I realize evaluating candidates how they learn and keep abreast of news within the cybersecurity profession may be somewhat subjective, because learning styles are different for all individuals. Also, the importance of events are often also subjective. For example, some sectors may be exposed more to a particular event / breach.
How can I best objectively assess a candidates learning aptitude
within specialized field in IT?
- Given a certain amount of learning may happened outside of work, is such a question fair to the candidate? Would candidates likely see it
as "intrusion" into their work - life balance and be turned off
therefore?
interviewing software-industry recruitment
edited 38 mins ago
DarkCygnus
44.2k21 gold badges96 silver badges185 bronze badges
asked 1 hour ago
AnthonyAnthony
6,33916 silver badges62 bronze badges
1
"Given a certain amount of learning may happened outside of work, is such a question fair to the candidate? Would candidates likely see it as "intrusion" into their work - life balance and be turned off therefore?" - Would you mind clarifying what you mean here, please? Are you expecting that your employees study work-related things outside work hours? Is that something you plan on asking during the interview?
– DarkCygnus
56 mins ago
add a comment |
Our company has grown to the size that we are looking to specialize in the roles within the cybersecurity function. At a high level, we are diving into offensive security employees- colloquially also known as red team to act similar to a penetration tester attempting to exploit security, and a Blue team focused on defensive security, controls engineering, and incident detection / response.
Currently the Security Operations team is almost entirely focused on defensive security. We are starting recruiting for new employees to work in the offensive security capability. Form my experience in cybersecurity, and interacting with my network members working in cyber, successful penetration testers / red team members are "future focused",and "think like a black hat" reading and educating themselves on vulnerabilities discovered and how an adversary can exploit them. To summarize, learning how to learn.
I realize evaluating candidates how they learn and keep abreast of news within the cybersecurity profession may be somewhat subjective, because learning styles are different for all individuals. Also, the importance of events are often also subjective. For example, some sectors may be exposed more to a particular event / breach.
How can I best objectively assess a candidates learning aptitude
within specialized field in IT?
- Given a certain amount of learning may happened outside of work, is such a question fair to the candidate? Would candidates likely see it
as "intrusion" into their work - life balance and be turned off
therefore?
interviewing software-industry recruitment
edited 38 mins ago
DarkCygnus
44.2k21 gold badges96 silver badges185 bronze badges
asked 1 hour ago
AnthonyAnthony
6,33916 silver badges62 bronze badges
Our company has grown to the size that we are looking to specialize in the roles within the cybersecurity function. At a high level, we are diving into offensive security employees- colloquially also known as red team to act similar to a penetration tester attempting to exploit security, and a Blue team focused on defensive security, controls engineering, and incident detection / response.
Currently the Security Operations team is almost entirely focused on defensive security. We are starting recruiting for new employees to work in the offensive security capability. Form my experience in cybersecurity, and interacting with my network members working in cyber, successful penetration testers / red team members are "future focused",and "think like a black hat" reading and educating themselves on vulnerabilities discovered and how an adversary can exploit them. To summarize, learning how to learn.
I realize evaluating candidates how they learn and keep abreast of news within the cybersecurity profession may be somewhat subjective, because learning styles are different for all individuals. Also, the importance of events are often also subjective. For example, some sectors may be exposed more to a particular event / breach.
How can I best objectively assess a candidates learning aptitude
within specialized field in IT?
- Given a certain amount of learning may happened outside of work, is such a question fair to the candidate? Would candidates likely see it
as "intrusion" into their work - life balance and be turned off
therefore?
interviewing software-industry recruitment
interviewing software-industry recruitment
edited 38 mins ago
DarkCygnus
44.2k21 gold badges96 silver badges185 bronze badges
asked 1 hour ago
AnthonyAnthony
6,33916 silver badges62 bronze badges
edited 38 mins ago
DarkCygnus
44.2k21 gold badges96 silver badges185 bronze badges
asked 1 hour ago
AnthonyAnthony
6,33916 silver badges62 bronze badges
edited 38 mins ago
DarkCygnus
44.2k21 gold badges96 silver badges185 bronze badges
edited 38 mins ago
DarkCygnus
44.2k21 gold badges96 silver badges185 bronze badges
edited 38 mins ago
DarkCygnus
44.2k21 gold badges96 silver badges185 bronze badges
44.2k21 gold badges96 silver badges185 bronze badges
asked 1 hour ago
AnthonyAnthony
6,33916 silver badges62 bronze badges
asked 1 hour ago
AnthonyAnthony
6,33916 silver badges62 bronze badges
asked 1 hour ago
AnthonyAnthony
6,33916 silver badges62 bronze badges
6,33916 silver badges62 bronze badges
1
"Given a certain amount of learning may happened outside of work, is such a question fair to the candidate? Would candidates likely see it as "intrusion" into their work - life balance and be turned off therefore?" - Would you mind clarifying what you mean here, please? Are you expecting that your employees study work-related things outside work hours? Is that something you plan on asking during the interview?
– DarkCygnus
56 mins ago
add a comment |
1
"Given a certain amount of learning may happened outside of work, is such a question fair to the candidate? Would candidates likely see it as "intrusion" into their work - life balance and be turned off therefore?" - Would you mind clarifying what you mean here, please? Are you expecting that your employees study work-related things outside work hours? Is that something you plan on asking during the interview?
– DarkCygnus
56 mins ago
1
1
"Given a certain amount of learning may happened outside of work, is such a question fair to the candidate? Would candidates likely see it as "intrusion" into their work - life balance and be turned off therefore?" - Would you mind clarifying what you mean here, please? Are you expecting that your employees study work-related things outside work hours? Is that something you plan on asking during the interview?
– DarkCygnus
56 mins ago
"Given a certain amount of learning may happened outside of work, is such a question fair to the candidate? Would candidates likely see it as "intrusion" into their work - life balance and be turned off therefore?" - Would you mind clarifying what you mean here, please? Are you expecting that your employees study work-related things outside work hours? Is that something you plan on asking during the interview?
– DarkCygnus
56 mins ago
add a comment |
1 Answer
1
active
oldest
votes
How can I best objectively assess a candidates learning aptitude within specialized field in IT?
First of all it is a bit tricky to be able to truly gauge and understand a candidate's aptitudes and skills solely during interviews. That is why most times there are several rounds of interviews, coding tests, etc..
Now, that being said, if you want to assess the learning aptitude a candidate has, I would suggest focusing your questions towards the ways and resources the candidate uses to solve problems.
You want to ask questions like "When facing a new penetration project/test, what are the usual steps you take?", or well "When you find a dead-end or are unsure what to do next what you usually do?"... and you want to see if the candidate's answer indicates learning aptitude (googling, searching on SO, searching on forums, reading doc, etc., or whatever aspects you are looking for).
As mentioned before, assessing candidates during interviews is not trivial, and sometimes only when the candidate is on-board and starts with real projects and tests is that you will really see if they have learning aptitude. That is why sometimes job roles may have a probation period, so both you and the candidate can see if you are a good fit. You could consider having a probation period so you have more time to better gauge their aptitudes.
answered 39 mins ago
DarkCygnusDarkCygnus
44.2k21 gold badges96 silver badges185 bronze badges
add a comment |
Your Answer
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "423"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
noCode: true, onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fworkplace.stackexchange.com%2fquestions%2f140896%2fhow-to-assess-candidates-learning-aptitude-for-red-team-in-cybersecurity%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
How can I best objectively assess a candidates learning aptitude within specialized field in IT?
First of all it is a bit tricky to be able to truly gauge and understand a candidate's aptitudes and skills solely during interviews. That is why most times there are several rounds of interviews, coding tests, etc..
Now, that being said, if you want to assess the learning aptitude a candidate has, I would suggest focusing your questions towards the ways and resources the candidate uses to solve problems.
You want to ask questions like "When facing a new penetration project/test, what are the usual steps you take?", or well "When you find a dead-end or are unsure what to do next what you usually do?"... and you want to see if the candidate's answer indicates learning aptitude (googling, searching on SO, searching on forums, reading doc, etc., or whatever aspects you are looking for).
As mentioned before, assessing candidates during interviews is not trivial, and sometimes only when the candidate is on-board and starts with real projects and tests is that you will really see if they have learning aptitude. That is why sometimes job roles may have a probation period, so both you and the candidate can see if you are a good fit. You could consider having a probation period so you have more time to better gauge their aptitudes.
answered 39 mins ago
DarkCygnusDarkCygnus
44.2k21 gold badges96 silver badges185 bronze badges
add a comment |
How can I best objectively assess a candidates learning aptitude within specialized field in IT?
First of all it is a bit tricky to be able to truly gauge and understand a candidate's aptitudes and skills solely during interviews. That is why most times there are several rounds of interviews, coding tests, etc..
Now, that being said, if you want to assess the learning aptitude a candidate has, I would suggest focusing your questions towards the ways and resources the candidate uses to solve problems.
You want to ask questions like "When facing a new penetration project/test, what are the usual steps you take?", or well "When you find a dead-end or are unsure what to do next what you usually do?"... and you want to see if the candidate's answer indicates learning aptitude (googling, searching on SO, searching on forums, reading doc, etc., or whatever aspects you are looking for).
As mentioned before, assessing candidates during interviews is not trivial, and sometimes only when the candidate is on-board and starts with real projects and tests is that you will really see if they have learning aptitude. That is why sometimes job roles may have a probation period, so both you and the candidate can see if you are a good fit. You could consider having a probation period so you have more time to better gauge their aptitudes.
answered 39 mins ago
DarkCygnusDarkCygnus
44.2k21 gold badges96 silver badges185 bronze badges
add a comment |
How can I best objectively assess a candidates learning aptitude within specialized field in IT?
First of all it is a bit tricky to be able to truly gauge and understand a candidate's aptitudes and skills solely during interviews. That is why most times there are several rounds of interviews, coding tests, etc..
Now, that being said, if you want to assess the learning aptitude a candidate has, I would suggest focusing your questions towards the ways and resources the candidate uses to solve problems.
You want to ask questions like "When facing a new penetration project/test, what are the usual steps you take?", or well "When you find a dead-end or are unsure what to do next what you usually do?"... and you want to see if the candidate's answer indicates learning aptitude (googling, searching on SO, searching on forums, reading doc, etc., or whatever aspects you are looking for).
As mentioned before, assessing candidates during interviews is not trivial, and sometimes only when the candidate is on-board and starts with real projects and tests is that you will really see if they have learning aptitude. That is why sometimes job roles may have a probation period, so both you and the candidate can see if you are a good fit. You could consider having a probation period so you have more time to better gauge their aptitudes.
answered 39 mins ago
DarkCygnusDarkCygnus
44.2k21 gold badges96 silver badges185 bronze badges
How can I best objectively assess a candidates learning aptitude within specialized field in IT?
First of all it is a bit tricky to be able to truly gauge and understand a candidate's aptitudes and skills solely during interviews. That is why most times there are several rounds of interviews, coding tests, etc..
Now, that being said, if you want to assess the learning aptitude a candidate has, I would suggest focusing your questions towards the ways and resources the candidate uses to solve problems.
You want to ask questions like "When facing a new penetration project/test, what are the usual steps you take?", or well "When you find a dead-end or are unsure what to do next what you usually do?"... and you want to see if the candidate's answer indicates learning aptitude (googling, searching on SO, searching on forums, reading doc, etc., or whatever aspects you are looking for).
As mentioned before, assessing candidates during interviews is not trivial, and sometimes only when the candidate is on-board and starts with real projects and tests is that you will really see if they have learning aptitude. That is why sometimes job roles may have a probation period, so both you and the candidate can see if you are a good fit. You could consider having a probation period so you have more time to better gauge their aptitudes.
answered 39 mins ago
DarkCygnusDarkCygnus
44.2k21 gold badges96 silver badges185 bronze badges
answered 39 mins ago
DarkCygnusDarkCygnus
44.2k21 gold badges96 silver badges185 bronze badges
answered 39 mins ago
DarkCygnusDarkCygnus
44.2k21 gold badges96 silver badges185 bronze badges
answered 39 mins ago
DarkCygnusDarkCygnus
44.2k21 gold badges96 silver badges185 bronze badges
44.2k21 gold badges96 silver badges185 bronze badges
add a comment |
add a comment |
Thanks for contributing an answer to The Workplace Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fworkplace.stackexchange.com%2fquestions%2f140896%2fhow-to-assess-candidates-learning-aptitude-for-red-team-in-cybersecurity%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
1
"Given a certain amount of learning may happened outside of work, is such a question fair to the candidate? Would candidates likely see it as "intrusion" into their work - life balance and be turned off therefore?" - Would you mind clarifying what you mean here, please? Are you expecting that your employees study work-related things outside work hours? Is that something you plan on asking during the interview?
– DarkCygnus
56 mins ago