https://zachgrace.com/tags/recruiting/Recent content in Recruiting on Zach GraceHugoen-usSat, 09 Sep 2017 00:00:00 +0000https://zachgrace.com/posts/experts_need_not_apply/Sat, 09 Sep 2017 00:00:00 +0000https://zachgrace.com/posts/experts_need_not_apply/<p>Recently, I tried to hire an AppSec contractor to add some capacity to our team. The request went out to some contracting firms and we received six resumes just a few days after posting. Now, the problem is that my team and I don&rsquo;t have the capacity to interview that many candidates or even a subset of candidates. So I decided to send all of the candidates a few relatively straight forward web app vulnerability challenges, or at least I thought they should have been straight forward or relatively simple to solve. The experiment showed us that the consultants, all of which claim to have 5+ years AppSec experience, couldn&rsquo;t identify major flaws in some stripped down CTF challenges. Their responses left me completely baffled and disheartened. I fear for our industry.</p>