CYBERSECURITY JOB HUNTING GUIDE
Working with a recruiter
Author: Stefan Waldvogel
My experience with a Cybersecurity recruiter (Joe Hudson)
-raw version, not finished, without correction-
This article describes my personal experience with working with Joe Hudson (www.linkedin.com/in/joebhudson/). He is a specialized Cybersecurity recruiter for huntsource.io/.
Why him or huntsource.io?
We have about 1,900,000 people on LinkedIn with the title "talent acquisition." The main reason why I picked Joe is: he loves Cybersecurity. Sometimes he was on Twitch with Neal Bridges and did other YouTube videos with Gerald Auger. His passion for this area is clearly outstanding. He knows his work and has the proper focus for my career field.
Let us have a look at a random huntsource job description:
This article describes my personal experience with working with Joe Hudson (www.linkedin.com/in/joebhudson/). He is a specialized Cybersecurity recruiter for huntsource.io/.
Why him or huntsource.io?
We have about 1,900,000 people on LinkedIn with the title "talent acquisition." The main reason why I picked Joe is: he loves Cybersecurity. Sometimes he was on Twitch with Neal Bridges and did other YouTube videos with Gerald Auger. His passion for this area is clearly outstanding. He knows his work and has the proper focus for my career field.
Let us have a look at a random huntsource job description:
This job description is very clear and straightforward. It is not defined as an entry-level position, and the list of wanted skills is flexible. The main focus is work experience on the red side.
What is my expectation?
Obviously, I am looking for a job, but there are many other ways to get a job. I like Joe and his work, and if I get a job, great; if not, I find a different way. My hint for you: In the US, people are very friendly. Sometimes you hear "I want to bring you in my company" and other nice words. This plan could work, but many times these are just nice words without real meaning or intention.
In other countries, this behavior is very different.
Do I need a recruiter to get a job?
No, I have about 9,000 followers on LinkedIn and huge visibility. I have a vast spectrum of skills, and I can apply for jobs with 5 to 10 applicants.
Benefits of working with a recruiter?
- I am new in the US, and trust is precious. I know Joe for a long time, and I trust him. It does not mean he will have a job for me, but it is about trust so that I can learn.
What do you need to know before you start with a recruiter?
- You, as a job hunter, are not a client. The client is the company, and a recruiter tries to find a matching person. A good recruiter does this very carefully because he or she does not want to burn a relationship with a company.
- Most recruiters earn money if they can fill a position and get a provision. The provision is usually connected to the base salary.
- Some recruiters have a lot of pressure and have to fulfill different tasks to get their paycheck. It could be: Do x phone calls in a week. --> These recruiters will talk and listen to you, but it does not mean they have a job for you.
Other recruiters harvest your CV and PII and use them for different things or sell your data.
What can you give?
I am trying to be transparent. I work with few people and some jobs are more interesting than others. I do not want to waste someone else time.
If I am interested in a different job or maybe I got an awesome offer, I will communicate that. Most job hunters know what ghosting is. You send an application, you might get an interview... and nothing. In the US, this is common, but I do not like it.
If I work with a selected recruiter like Joe, I do not ghost. It is just fair game!
This article is something what a recruiter usually not sees, because it includes my own thoughts about the process, my skills with a ranking, my possible jobs with a ranking and more, so other people can learn.
Usually, people do similar things, but it is more hidden or subconscious.
What does a recruiter need, so he or she can work effectively with me?
Joe gave me a list, and some points are:
Money:
A recruiter will try to get a high salary, but most people have a wrong view of this field. If we take standard certification and we ask payscale or CompTIA, we get something like this:
What is my expectation?
Obviously, I am looking for a job, but there are many other ways to get a job. I like Joe and his work, and if I get a job, great; if not, I find a different way. My hint for you: In the US, people are very friendly. Sometimes you hear "I want to bring you in my company" and other nice words. This plan could work, but many times these are just nice words without real meaning or intention.
In other countries, this behavior is very different.
Do I need a recruiter to get a job?
No, I have about 9,000 followers on LinkedIn and huge visibility. I have a vast spectrum of skills, and I can apply for jobs with 5 to 10 applicants.
Benefits of working with a recruiter?
- I am new in the US, and trust is precious. I know Joe for a long time, and I trust him. It does not mean he will have a job for me, but it is about trust so that I can learn.
What do you need to know before you start with a recruiter?
- You, as a job hunter, are not a client. The client is the company, and a recruiter tries to find a matching person. A good recruiter does this very carefully because he or she does not want to burn a relationship with a company.
- Most recruiters earn money if they can fill a position and get a provision. The provision is usually connected to the base salary.
- Some recruiters have a lot of pressure and have to fulfill different tasks to get their paycheck. It could be: Do x phone calls in a week. --> These recruiters will talk and listen to you, but it does not mean they have a job for you.
Other recruiters harvest your CV and PII and use them for different things or sell your data.
What can you give?
I am trying to be transparent. I work with few people and some jobs are more interesting than others. I do not want to waste someone else time.
If I am interested in a different job or maybe I got an awesome offer, I will communicate that. Most job hunters know what ghosting is. You send an application, you might get an interview... and nothing. In the US, this is common, but I do not like it.
If I work with a selected recruiter like Joe, I do not ghost. It is just fair game!
This article is something what a recruiter usually not sees, because it includes my own thoughts about the process, my skills with a ranking, my possible jobs with a ranking and more, so other people can learn.
Usually, people do similar things, but it is more hidden or subconscious.
What does a recruiter need, so he or she can work effectively with me?
Joe gave me a list, and some points are:
- Money --> think about benefits
- Scope of work
- Company culture
- other details (I have to think about that) -> How to work with a recruiter? What are the steps?
Money:
A recruiter will try to get a high salary, but most people have a wrong view of this field. If we take standard certification and we ask payscale or CompTIA, we get something like this:
These numbers are not realistic, but many people get their Cybersecurity degree and some easy CompTIA certifications and think about earning $100K. Even though a recruiter wants a high salary because of his provision, it should be realistic. Real salaries are lower, because CompTIA includes all people with this certification. In the past, Security+ was a good-for-life certification and these people with 20+ years work experience push the "real salary" in a very high area. CompTIA does not lie, but it is more a trick to sell more certifications. It is an ad.
What is my point:
In my case, I have a problem because I can do so many different jobs, and each job has a diverse salary range. I want a fair salary, but I am more interested in the package.
- Salary: standard, market value, not so much interested as long as benefits are great
- possible benefits:
Scope of work
Company culture
What do I want to do?
This question is connected to multiple factors:
Skills:
The following pictures show some skills I have. How do you get such a list?
There are at least two different approaches to this question:
My list of skills is enormous, but I worked for 20 years, mostly in multi-hat roles, and studied for two years at home. Do not be dis-encouraged, and all realistic job descriptions have between 5 and 15 points and not 100.
-> You do not need such a long list.
The following list is tool based, but good companies do not focus much on tools, you need to know how you can reach your goal.
What is my point:
In my case, I have a problem because I can do so many different jobs, and each job has a diverse salary range. I want a fair salary, but I am more interested in the package.
- Salary: standard, market value, not so much interested as long as benefits are great
- possible benefits:
- Premium insurance for me and my wife
- A lot of holidays -> I love traveling around the world.
- Retirement 401(K) up to 6%
- Stocks option (optional)
- Health savings account
- Paid certs / courses (GIAC)
- Time to learn, focus on growing -> 7h work / 1h study time (professional development)
- flex time: e.g. one week 35h next 45h
Scope of work
- No night shift -> I did this when I was young, but it was damaging. Up to 10 pm, starting at 5 am and weekends is fine.
- Remote job -> I do not have a car. Austin is an option if the packet is great.
- A multi-hat environment would be excellent.
- Roles:
- Information Security Engineer, --> wild card for many activities
- Junior Pentester,
- SOC Analyst,
- IAM with Azure,
- Incident Handler,
- Incident Responder
- Cybersecurity educator (my hidden favorite, because I love to teach and help others)
- Cloud / Azure entry-level security
Company culture
- I want to stay for a long time and will not work for a company with a high turn over rate.
- Fair and transparent salary structure -> same position, similar salary.
- Focus on growing and improving their employees.
- people can go to conferences
What do I want to do?
This question is connected to multiple factors:
- Skills -> To do a job, I need matching knowledge.
- Background -> The work history is essential, for some jobs you need experience.
- Education -> Most jobs in Cybersecurity ask for a Bachelor's degree in Science (IT, Cybersecurity, Electrical Engineering); it is just a checkbox for HR. The practical knowledge of a US Degree for a real job is low.
- Personal preference -> most significant factor if more choices available
Skills:
The following pictures show some skills I have. How do you get such a list?
There are at least two different approaches to this question:
- You look at job ads
- You look at your courses, labs, degrees, work history
My list of skills is enormous, but I worked for 20 years, mostly in multi-hat roles, and studied for two years at home. Do not be dis-encouraged, and all realistic job descriptions have between 5 and 15 points and not 100.
-> You do not need such a long list.
The following list is tool based, but good companies do not focus much on tools, you need to know how you can reach your goal.
It would be best to think about skills you do NOT have. This step is essential because, in Cybersecurity, everything is about improving and learning. If you read all the job descriptions, you might see a skill you do not have, but it would open you many doors.
I am looking for a Security engineer position, and I do not have many skills in IAM, Okta, 2FA, and similar techniques. If I want to move up into a 140K job in some years, I need such skills.
--> I do not think there are many certifications for this; this is hands-on and self-learning, but it could be the difference between a $100K job and a $140K job. Rare knowledge brings the most money.
Personal reference
This question is the big question. With my skills, I can do an extensive range of jobs. I have to find a ranking for some positions with all the relevant facts (salary, work time, used skills, future perspective).
I am looking for a Security engineer position, and I do not have many skills in IAM, Okta, 2FA, and similar techniques. If I want to move up into a 140K job in some years, I need such skills.
--> I do not think there are many certifications for this; this is hands-on and self-learning, but it could be the difference between a $100K job and a $140K job. Rare knowledge brings the most money.
Personal reference
This question is the big question. With my skills, I can do an extensive range of jobs. I have to find a ranking for some positions with all the relevant facts (salary, work time, used skills, future perspective).
There are a ton of blue jobs on the market. The job titles can give you a hint, but many titles are exchangeable or have different meaning. Each company has their own structure. The bigger idea for blue jobs is:
Depending on the real work, I can do such jobs or not. I have to look at each job description.
© 2021. This work is licensed under a CC BY-SA 4.0 license