Articles tagged with "Careers"
Credit: Photo by Eric Prouzet
100,000 People Have Been Laid Off, What’s Next
A hiring manager and a recruiter’s guide to getting hired. This post is a collaboration between me, Joe Basirico, and one of the best tech recruiters in the industry, Ellen McGarrity. You can learn more about Joe on this website. Throughout you can read Ellen’s take, in her own words in blue text
Ellen has spent her 18-year career focused on recruiting in the software tech industry at both large (Microsoft, Amazon, Salesforce) and small (Tableau, Highspot) companies.
Read more >>
Credit: Daniel Cheung @ Unsplash
Part 1 - My First 100 Days in ProdSec at a Series E Startup
After working in the application security consulting industry for nearly two decades and helping to solve my clients’ most difficult challenges, it was time to put what I used to tell others into practice. These are my lessons from the first 100 days. I’ve created security teams, bug bounty programs, set up tooling strategies, hiring plans, and more. I thought I’d hit the ground running and start making an impact on day 1, or at least day 99, while I made some impact early I had a lot to learn.
Read more >>
Credit: Kroll Historical Maps
A Traveler's Method of Learning Technology
My favorite thing about my career in security consulting has been the constant opportunity to learn new topics. Security weaves itself through every aspect of software, and software is everywhere. The phone in your pocket, the bluetooth chip in your headphones, your automobile, and the SCADA systems you rely upon every day execute millions of lines of code on your behalf. The idea that each of those systems gives me the opportunity to gain new knowledge is truly exciting.
Read more >>
A Conversation With the Father of Public Key Infrastructure
In today's post, I'd like to introduce you to Loren Kohnfelder, an old friend of mine. I met Loren at Microsoft in the late 90's when we were tasked with the herculean task of improving the security of Internet Explorer.
It was an exciting and harrowing time, and while it is amazing to think about how far we've all come, it is also surprising to realize how many of the security challenges we struggled with twenty years ago are still with us today.
Read more >>
Getting to Yes
In this post I want to try something new. Rather than writing an article, I’ll capture a dialog between Joe and I as we discuss a topic that interests us both.
On Joe’s recommendation, I recently read Getting to Yes , written by Roger Fisher, William Ury, and Bruce Patton for the Harvard Negotiation Project. The book is nearly thirty years old, but it has been continuously updated and it still contains lessons worth learning.
Read more >>
Defcon - There Has Never Been a Better Time to Get Into Security
I just returned from the 27th Defcon security conference. I’ve been attending for the last 12 or so years and it has been interesting and fun to see the conference grow and mature. Once intimidating due to the homogenous attendees, lewd contests, and a “Try Harder” mantra, it has now evolved into a great place to learn and meet new people.
Each year I speak at, or attend, a handful of security conferences.
Read more >>
Can Security Training Change Lives?
I had the opportunity to spend a few days at a security conference last month, in which I talked with hundreds of people in the information security community about their fears, concerns, hopes, and plans. One thing that stood out to me was the sheer optimism and joy that most of the conference attendees brought with them. They were not there (only) for the swag or the cocktail hour or the chance to be away from their day jobs for a few days.
Read more >>