Penetration Testing mailing list archives
Re: Finding pen-testers
From: AK <platsakos () gmail com>
Date: Sat, 21 May 2011 13:54:34 +0300
Depends what kind of pen-testers you are looking for. - If you are after the certification crowd, I think certain organisations such as SANS and I assume maybe more publish their certification holder list so you might wanna have a look there. - +1 for Miguel's suggestion. Looking up people from mailing lists/twitter/blogs/professional social networking is likely to yield some good candidates, however chances are most of them will be already employed :) - I would stay away from Dice/Monster and related generic job sites. Speaking from experience, I had to wade through 150+ CVs per month from a local job site, most being completely irrelevant to the position discussed. We ended up hiring from a personal recommendation. HTH On 05/20/2011 02:09 PM, Miguel Dilaj wrote:
On 19/05/2011 19:07, amoeba () amoebazone com wrote:There are always posts to the list on recommendations/skills/requirements for people looking to get into pentesting. How about some discussion from the hiring side: How are you finding your testers? While companies can go the usual Monster/Dice/etc route, where do you go to look for specific skill sets like pentesting to have a higher chance of hitting your target audience/job seekers without having to wade through a billion resumes that don't even come close to what you're looking for?Hi all, Recommendations of existing consultants are always considered and the prime source of new starters. Other than the above, at my company we hired some consultants by asking for people with security expertise in Linux mailing lists and groups (that's a matter of personal preference, I'm pretty sure there IS people with security experience using other Operating Systems, don't blame me for liking Linux and Linux people), then grinding on the individuals who answer. So far that channel has been quite successful. Occasionally I receive a resume because either: a) someone knows me and submits it (I tend to be easy to find for people who looks for me). Got in touch with some cool people this way, although not always to work with them. b) someone came upon our company page (not mentioned here so it's not considered spam!) and uses the contact form. I must add that this is the main channel which produces resumes far from what I'm looking for. Regards, Miguel ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
-- What is the air-speed velocity of an unladen swallow? ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Finding pen-testers amoeba (May 19)
- Re: Finding pen-testers Miguel Dilaj (May 20)
- Re: Finding pen-testers AK (May 21)
- Re: Finding pen-testers Miguel Dilaj (May 20)