Contributed by Renee Small
Like many of today’s cyber security professionals, Larry Sobers began his career outside of information security as a PC tech and then a Windows systems admin. Encounters with a computer virus put Larry on his present path to security leader.
Early in his career, Larry was able to custom-build a 486 computer system, which he then put to use connecting with AOL so he could download games to share with friends. As it turned out, one of the games he downloaded had a Stoned.Monkey boot sector virus contained in it, so his system began acting strangely, to the point that he could no longer access his CD-ROM drive.
To solve this concern, Larry replaced his hardware, then re-installed his operating system, and while his PC initially seemed to operate normally, it again began acting up. Larry then did his research, asking amongst his friends as well as searching online, before installing an anti-virus program, which revealed the culprit to be a copy of a variation of the Stoned.Monkey virus.
Larry was able to remove the virus from his computer and from his diskettes, but the incident troubled him. He thus continued to research ways on how protect his PC, and also applied the lesson learned in his work, where he and his manager began checking the company’s network with open-source tools; and it was from there that Larry began his career in information security.
“My goal is always to build a cohesive, high-performing team,” Larry says of his objective when heading up security departments. To this end, Larry hires, in addition to people with security experience, people who have had no experience with information security, which can sometimes raise concerns with team members. “I have occasionally faced challenges from other members on my hiring team as there is sometimes concern about bringing in personnel with a lack of Information Security experience. However, my philosophy is that the overall team concept allows for a strong candidate who brings in key soft skills like documenting, process, and communication skills that may be missing on the team to be the right fit regardless of their specific Info-Sec experience,” he notes.
Although he uses such traditional methods as LinkedIn, networking, word of mouth and local cyber security forums to search for possible candidates for his team, Larry also uses creative methods to find these candidates. One of the more creative methods he has used was a “hiring blitz,” where Larry worked with multiple hiring managers to interview several candidates for multiple roles within a half-day period. “The blitz works well when you have several roles to fill,” is his assessment of this method.
Larry admits that retention is a challenge, and some of the methods he uses to retain people is by providing flexible work arrangements, planning team-building activities around such activities as video games and puzzle solving, and ensuring that those new to cyber security are mentored. He even conducted a reading club where participants read Clifford Stoll’s Cuckoo’s Nest, which Larry considers a “must read” for those new to cyber security.
Renee Small is the CEO of Cyber Human Capital and author of the Amazon #1 best-selling book, Magnetic Hiring: Your Company’s Secret Weapon to Attracting Top Cyber Security Talent. Download a free copy at www.magnetichiring.com/book.