Top 3 Ways To Fail As A Technical Recruiter

Quick disclaimer.  I am not actively looking for a new job.  I have a solid salaried gig that pays well and allows for a very accommodating work/life balance.  But that doesn’t mean I don’t still ‘collect’ contact information with solid recruiters in case the shit hits that fan.  So when I get contacted about jobs, 99% of the time I am already going to say ‘not interested’.  But politely, and I will take some time to build a bit of rapport in case I need to talk to the person again in the future.  But…this describes the idealistic scenario that rarely occurs.  The reality of what I experience with unsolicited recruiters is far from amicable.  In fact, I have begun to have an anxiety response before ever speaking to most of them.

I started asking myself, why am I so upset about people trying to find me work?  Well after a very brief examination of my experiences, a few major gripes covered almost all of my experiences with technical recruiters.  Those who are the exception to what I list below, are not only going to hear back from me if/when I am back on the market, but will easily get referrals for my friends/colleagues. If that is what you are looking for when recruiting for technical positions, then you better pay attention and take this to heart.  After asking around, I am not alone in this, and my responses are often (unbelievably) more tasteful than some of the anecdotes I have heard from friends.


NUMBER 1: Don’t speak clearly or effectively

A typical week for me would not be complete without roughly a half dozen unsolicited phones calls about positions. This sounds like a large amount of unrealized opportunities right?  Well, you got the unrealized part right, but not for the reasons most would think.  The reality is that nearly all phone calls I receive about new positions are completely unintelligible.

aaeaaqaaaaaaaaanaaaajdbiy2uzyzkwlwvhzgqtndc3mi1inty3ltq2yze3yjy1yjcwmgNote that this doesn’t mean I have to listen to the message two or three times to discern what is being said.  I mean literally unintelligible.  If it weren’t for the different numbers, and clearly different voices and dialects, I would think I was getting trolled or pranked.  Because I cannot understand what the majority of these callers are saying, I have just begun to ignore calls from recruiters, and if I can’t understand the first few words in the voice mail message when played back, it gets deleted outright.  A typical voicemail, and again I get about a half dozen of these a week, sounds like this:

“HHHHaslo, ez eez yeshmal galbreek <unintelligible words mixed with crumpling paper sound> position <whispered and unintelligible>”

As I was trying to write that out I just gave up trying to translate.  And that right there is the problem.  I am literally trying to translate it and the message is still not discernible.

So let me repeat that I receive at least a half dozen of these a week.  At this point, I see a number I don’t recognize and my blood pressure goes through the roof.  Stop, just STOP.

  • Don’t farm out recruiters
  • Don’t take a phone gig in a language you are not fluent
  • Do email.  It’s easy, and audio technical difficulties and accents are much less of a problem

NUMBER 2: Don’t understand the sector for which you are recruiting

This is disturbingly common.  It would appear that people get into recruiting thinking it will be easy money and most jobs are interchangeable.  Maybe that happens in other sectors, but I seriously doubt it.  And with technology I can speak with utter certainty that this isn’t the case.  Because I believe examples and metaphors are the best way to convey a concept, let’s look at a recent conversation I had.

Before I stopped accepting calls from unrecognised numbers and while I was still actively looking for work, I answered one such call and the conversation went like this:

Me:  Hello?

Caller: Good Morning Mr. <blank>, how are you this morning?

Me:  Um, I’m good…..

Caller:  That’s nice to hear! I’m calling about an amazing opportunity we have with a client, and I was wondering if you are currently looking for a new position?

Me:  Actually I am at the moment.

Caller:  Excellent!  It’s a three month contract for <company>, doing quality assurance!  I see that this kind of work is on your resume and thought you would be an amazing fit!

Me: …oh….ah….well, that was about 10 years ago, and would be a massive step back in my career.  It’s not remotely what I do now.

Caller: <a few seconds of silence>…I haven’t even gotten to the best part.  It pays $15 an hour!  That’s good money!

Me: <unable to stifle the laughter> That’s so below what my going rate I can’t…I…wow, no.

Caller: Really?!

Me:  …ah…ya.  So like I said, I did that work over 10 years ago.  I work in information security now.  I can’t even remotely entertain that kind of a step back.

Caller:  How much of a step back is that really?  I mean it’s the same kind of work.

Me:  …so I’m actually going to hang up the phone now.  I would highly advise you to research the industry a little more before cold calling people.

<I hung up>

less-is-moreFor those not in the know, pen testing is in the range of 75k to 150k depending on experience and credentials (read certifications).  At $15/hour this guy was pitching me a $30k/year job and treating it like it was the holy grail.  This is all after he failed to recognize that he was pitching a job from 10 years back in my career, and failing to recognize that what I do now is not remotely the same as what he was pitching.

If this were an isolated incident it would be a humorous anecdote at best.  But….it’s not an isolated incident.  I have had conversations like this, mostly over email now, over a dozen times.  That’s a trend folks.  A clear cut sign of laziness.  Don’t just think that he’s screwed up by pitching me a job incorrectly, but think about how this represents him as a recruiter.  He was lazy and uninformed.  Do I want that person looking for work for me?  Do I want that person representing me?  Hell no.  Don’t be this guy.

  • Don’t be lazy about reading and comprehending resumes.  A couple hours of reading about an industry can ratchet up your success rate by filtering appropriately
  • Don’t be delusional/arrogant about who you are or what you know or what you have to offer
  • Do take the time to find a solid fit, or at least approach it differently (“I see you haven’t done this in a while, but thought why not try?”, will go much further for longevity of interaction, and actually something I encountered from a recruiter with whom I still speak to this day, primarily because of using that approach)


NUMBER 3: Don’t recognize time zones

Assuming I come across a recruiter and there is a need to interact long term, this next one has been a major problem in the p ast.  Not so long ago I found myself looking for work with a bit of an intense drive.  I felt I needed a new position immediately and was willing to overlook several issues just to have more opportunities.  Along came one such opportunity that actually sounded great and not like I would have to settle for a lesser position just to get a pay check.9cedc5066c87efc1c09dffe668c6adf919500a34b9cb337a3afff7aa1622f6fc

The initial outreach was over linkedin and email.  After a couple messages I was handed off to a ‘lead recruiter’ to facilitate interaction with their client.  The next morning, at 5am local time, my phone began to ring.  Turns out, the recruiter is on the east coast, and I’m on the west coast.  And more importantly they did not see me as a person but a name on a list that would potentially convert into a commission.  Nothing else.  This sounds jaded and/or cynical, but the reality is that this wasn’t an isolated incident.

After apologizing to me after I enlightened him about what it meant to be 3 hours earlier, he continued to forget about the time zones no less than 3 more times over the stretch of two weeks.  The fourth incident saw no apology or recognition.  It became clear he just didn’t care, and expected everyone (me) to be at his beck and call.  I was highly motivated for a new job, and yet I told him to stop calling me.  It wasn’t worth the stress of the interaction, and more so, I realized that if he was this inattentive with me, then representing me to the client was going just as dismally.

No thanks.  Don’t need that, don’t need you if this is your mentality. Let me reiterate, I was highly motivated to find work, and was willing to risk losing the opportunity because this person was so awful.

  • Don’t expect you’re clients (on either side) to cater to you, you are the one offering a service, we are the customers, cater to us
  • Don’t treat you’re clients like expendable fodder for your bank account
  • Do think of us as what we are, people.  With lives of our own
  • Do be personable and compassionate (pretend to be a friend if you have to)

An OSCP Review – The OSCP Epic Part 3

I just purchased my third month, and I have mixed feelings about doing so.  I have spent almost 6 weeks (minus 2 out of the 8 for selling my house and moving), averaging almost 20 hours per week.  At this point i have 25 machines fully rooted/system’d, including the ‘gimme’ msf box.  My goal was 24 before taking the exam, but that goal has changed as i discovered my personal weak areas.  That being privilege escalation and modification of binary exploits.

I can say with certainty that web based application hacking experience has carried me far, and fast.  I dropped MANY machines by utilizing web based attack vectors, but have been informed that most machines have multiple avenues of compromise.

Currently, I have all but one network unlocked (dev…wtf?!).  This is a major bone of contention for me.  I have access to the machine that touches the dev network, but haven’t gotten priv esc to unlock the network key.  Why is that frustrating?  because i have shell, and can…well in the real world I WOULD be able to….access the dev subnet.  But because i haven’t unlocked the subnet, i can’t reset machines, and am having port scans come up dead.

So the try harder adage applies right?  Well, yes, but i have uncovered no less than half a dozen machines that unlock the IT network, and only one that unlocked the admin network, and one that will likely unlock dev.  I find this to be disproportionate, and ridiculous, especially when i find a fucking IT subnet key, on an admin network machine (you have to unlock IT before admin).

So i’m a bit frustrated, and a bit disillusioned.  Having done Red Team exercises and pen testing (professionally) for a few years now, i find some of the lab to be realistic, and other parts nothing more than game play.  There is literally a box where it’s nothing more than a CTF style challenge.  No spoilers, but that one aggrevated me on a whole new level, and not because I couldn’t pop it, but because it had no real value other than playing a ‘game’.  It’s not realistic in the slightest.

This leaves me with another month to do the following:

  • Pop a few more boxes (ideally the dev net…sight)
  • Practice priv esc until i gain a little more comfort
  • Practice exploit modification (essential for the exam)
  • Write my lab report
  • Prep my test report

That’s a tall order for one month, but i’m tired of the ‘game’ aspect of the lab, and really fatigued.  I need to rest, and want the exam done with.  So i will be scheduling it for a few weeks after this month is over.  So I should be taking it sometime before christmas.  I can’t wait….lol

An OSCP Review – The OSCP Epic Part 2

Haven’t updated in a while, and that’s because I just got my ass kicked (time wise) from moving.  But here is a breakdown of the experience thus far.

Week 1:

I had only evenings (1-2 hours) and Sunday (all day) to devote to the materials, but part of the certification includes doing the exercises in the material.  I felt much of it was busy work and review, but that may be because I have done this kind of thing in live environments professionally.  For most people I would be the material is pretty overwhelming.  The details are missing in a few places, so without experience it can leave the uninitiated with a lot of homework to do.  BUT, the material was highly relevant.  Using powershell as a call back mechanism, was discussed.  This was very nice to see, and VERY relevant to modern techniques.

Having said it was almost all review for me, it still took me an entire week to get through.  That being a little over 20 hours of time total.  If this stuff is new, plan to multiply that time out at least to a magnitude of 2 or 3.

Week 2:

This is where it got fun.  Finally.  I had finished the exercises in the materials, and was finally hitting the lab.  Doing the exercises did build a little bit of a base, since they have you do a few things that will get you started.  There were a handful of boxes that fell to a VERY well known exploit.  And in roughly ’67’ seconds I had some proof.txt files.  Then I came to a screeching halt.

I enumerated and enumerated and enumerated.  Researched flaw and flaw and found that the labs are constructed with a lot, and i mean a LOT of red herrings.  So don’t expect a scan and pop scenario.  Those exists, but not by and large.

About the 5th day in, I reverted to what i knew best (web applications) and started smashing.   I popped one more really quickly, then found three more to crush.  Unfortunately moving day arrived and I lost internet connectivity until two days ago.  So i just lost an entire week of lab time.  Extension here i come.  I don’t have 10 boxes yet, but should in the very near future.

A big gripe i had, and maybe i just missed something, is that i unlocked a subnet, but have no idea what the range is.  OK, i know, cheating right?  except that i have a client side attack into a network, and no idea if it is one i have unlocked.  See the problem?  I could pivot through, but if i haven’t unlocked the subnet, i can’t progress into that area.  There is a mismatch on that goal.  And i may be stymied until i unlock other subnets, even though in the real world i’d be moving along no problem.

And that’s the update.  I’m on week three, and finally able to get back to the lab (though i’m working so nights and weekend are my limitations)

EDIT: The subnet i unlocked was not visible until i logged in and out of the dashboard.  it did, in fact, coincide with the attack method i discovered so i should be able to pivot into second network very soon.