[46378] in North American Network Operators' Group
Re: How to get better security people
daemon@ATHENA.MIT.EDU (Sean Donelan)
Tue Mar 26 14:19:22 2002
Date: Tue, 26 Mar 2002 14:15:46 -0500 (EST)
From: Sean Donelan <sean@donelan.com>
To: Tony Wasson <ajwasson@inficad.com>
Cc: "Stephen J. Wilcox" <steve@opaltelecom.co.uk>,
Avleen Vig <lists-nanog@silverwraith.com>,
"LeBlanc, Jason" <Jml@ebay.com>, <nanog@merit.edu>
In-Reply-To: <00d501c1d4f9$47ba6e30$0200a8c0@chelly>
Message-ID: <Pine.GSO.4.40.0203261412130.144-100000@clifden.donelan.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Errors-To: owner-nanog-outgoing@merit.edu
On Tue, 26 Mar 2002, Tony Wasson wrote:
> >> If I was looking for top security talent, what would I ask for whether
> >> I was hiring directly or outsourcing?
>
> I agree with Steve Wilcox, incidents are important. I would ask for a
> description of the 3 most interesting incidents they've ever worked on, and
> what they contributed.
I'm sorry, but that's confidential information and I can't disclose it.
Would you hire a "security" person, who will likely be involved in the
most embarrassing slip ups your company makes, if he tells people about
"interesting" incidents at previous employers.
Maybe, it depends on what he says.
