Home > Apply hacking skills to your job search
Book Chapter:
EMAIL THIS LICENSING & REPRINTS

Apply hacking skills to your job search

19 Sep 2005 | Syngress

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   

Infosec Career Hacking: Sell Your Skillz, Not Your Soul

By Aaron W. Bayles, Chris Hurley, Johnny Long and Ed Brindley

472 pages; $39.95

Syngress

In this excerpt from Chapter 2 of Infosec Career Hacking, authors Aaron W. Bayles, Chris Hurley, Johnny Long and Ed Brindley provide an overview on how to apply social engineering to the information security job search.

Being able to determine which type of job you are seeking is crucial. In-house and contract employees have different challenges. If you decide to pursue a federal job, FISMA scores are a starting point, as well as a goal for understanding the environment. Much information is available publicly for federal and private sector companies. Recent contract wins and any enforcement action should be noted, as well as awards and recognition for outstanding work and employee satisfaction. Purchases and sales of smaller companies are a good indicator of business growth opportunities, as well as knowledge about skills important to the company.

In order to gain internal information about the company, try to get personal interaction with employees of your target. Human Resources departments sometimes hold job fairs or community outreach allowing you to get more information about the employees and their opinions. Research into newsgroups and mailing lists can turn up topics of interest to the company. Knowledge of regulatory environments for the company's customers is critical for interview stages.

More information

Read Chapter 2, Reconnaissance: Social Engineering for Profit

Read a review of this book by Information Security magazine

Read more book excerpts, chapters and reviews

Has this book helped your job search?

Visit our infosec jobs resource center for more advice on landing a job in information security

Solutions fast track

Narrowing your choices

  • For in-house work, try to match up your skill sets to a company with the same needs and challenges, in other words, remote connectivity, database intensive operations. Federal work needs to correlate to FISMA requirements.

  • Contractor work varies, but is still skill oriented. Large companies have stability, but are slower to move. Medium-sized companies are less stable, but more likely to create new opportunities. Small companies have a high level of risk, but are very flexible for new business and if successful, they are likely to be acquired.

    Digging for information

  • Search for company history on hiring and layoff trends.

  • Search for acquisitions and divestitures of smaller companies to find out growth potential.

  • Determine if your target company has received awards for work or satisfaction, or has been involved with recent business wins. Make sure your prospect does not show up as having excessive compliance issues or enforcement actions.

    Researching for rewards

  • Use Public Relations and Human Resource departments to gain personal interaction with employees.

  • Job fairs and outreach programs are a good way to gain face time with the target company.

  • Internships are a great way in for candidates recently out of educational work.

    Making the contacts

  • Blend in for personal interaction, and be flexible with your responses.
  • Try to keep talking at a higher level; don't overload the person with all your skills.

  • Find out background information, such as compliance or regulatory environments.

  • Be aware of contractual issues within a particular job or industry.

    Read the rest of Chapter 2, Reconnaissance: Social Engineering for Profit

    Sound Off! -   Post your comments |  See others' comments (1)


    Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   


    RELATED CONTENT
    Information Security Jobs
    RSA 2008: Financial industry security challenges
    The road from network administrator to information security professional
    Getting started on a career in penetration testing
    What Web security initiatives can be taken on a college campus?
    Getting your career in infrastructure security started
    Security career retrospection
    Who is responsible for handling security program development in an IT infrastructure?
    Rethinking certifications
    Strategies for landing a security management position
    CISOs mastering 'softer' skills

    RELATED GLOSSARY TERMS
    Terms from Whatis.com − the technology online dictionary
    CSO  (SearchSecurity.com)
    security clearance  (SearchSecurity.com)

    RELATED RESOURCES
    2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
    Search Bitpipe.com for the latest white papers and business webcasts
    Whatis.com, the online computer dictionary


    • TechTarget Security Media
    Information Security View this month\\'s issue and subscribe today.
    Information Security Decisions Apply online for free conference admission.
    		SearchSecurity.com
    HomeNewsMagazineWebcastsWhite PapersLearningAdviceTopicsEventsAbout Us
    SEARCH :     Advanced Search | Site Index Powered by: Search Powered by Google

    About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
    TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organizations' IT projects - with its network of technology-specific Web sites, events and magazines.

    TechTarget Corporate Web Site  |  Media Kits  |  Reprints  |  Site Map




    All Rights Reserved, Copyright 2003 - 2008, TechTarget | Read our Privacy Policy     		  TechTarget - The IT Media ROI Experts