[TIPS] How to Recruit a Hacker for Your Company


[TIPS] How to recruit a hacker for your company

Check the web and you’ll see a lot of people ask about hackers and how to become one.

But before becoming a hacker or maybe recruiting one for your company let’s define what a hacker is.

Today, mainstream usage of “hacker” mostly refers to computer criminals, due to the mass media usage of the word since the 1980’s. This usage has become so predominant that the general public is unaware that different meanings exist.

What are they?

Hackers can be classified in different categoriesnone of them are bad guys:

The white hacker (or white hat):

Computer security professionals who perform intrusion tests in accordance with their customers and legislation to qualify the level of security of a system. It’s a real job and a really useful one; remember the naked pictures of celebrities that spread on the internet few weeks ago? It could have been avoided by using people like them. These security consultants and network administrators are working to secure the software you use every day (and trust me mostly everything is software).

The black hacker (or black hat):

Virus writers, cyber-spies, cyber-terrorists and cyber-crooks, acting outside the law for the purpose of harming, making a profit or obtaining information. These hackers do not have the same ethics as White Hats and are often malicious. The most malicious are called crashers.

Hacktivist (a portmanteau of hack and activist):

Use computers and computer networks to promote political ends, chiefly free speech, human rights, and information ethics. Carried out under the premise that proper use of technology can produce results similar to those of conventional acts of protest, activism, and civil disobedience.

The term has been used since November 1995. The well-known Anonymous is a Hacktivist.

But let’s be clear: for White and Black hackers the only difference remains in their objectives.

Who are they?

Let me introduce you to two of the most famous black hat hackers of all time who changed their mind and got back on track.

Kevin Mitnick: From hacker to computer security consultant (and CEO)

Probably the most famous hacker of his time, Mitnick was described by the US Department of Justice as:

“The most wanted computer criminal in US history.”

He supposedly hacked into the systems of some of the world’s top technology and telecommunications companies including Nokia, Fujitsu and Motorola. After a highly publicized pursuit by the FBI, Mitnick was arrested in 1995. Now he runs a computer security firm. He doesn’t refer to his activities as ‘hacking’ and instead he calls them ‘social engineering’.

Steve Wozniak: Phone all the way

Stephen “Woz” Wozniak began his hacking career with ‘phone phreaking’. While studying at the University of California, he made ‘blue boxes’ for his friends that let them make free long distance phone calls. Wozniak supposedly called the Pope with one.

He dropped his hacking career when he met his friend and business partner Steve Jobs and formed Apple Computer, the rest, as they say, is history.

How to recruit them?

If you need a real hacker, you’ll have to find a white hat and they really prefer to be called computer or IT security consultants.

The best way to find an IT security consultant is on the web. Forget about newspaper ads and traditional job boards.

“Why?! Job boards are on the web!?”

Yes, sure, but these jobs are in growing demand, ranked in the TOP 100 of the most wanted profile by companies. They don’t need to find a job; a recruiter will have to find them, so job boards are clearly out.

But there are still some proved solutions to find a white hacker here is the recipe:

Start by posting a job offer on your career website.

  • As a recruiter, you might not know the jargon of this job so please DON’T use it, or you will miss out on most of the potentials applicants.

Ask your employees, referral is always the best way to find atypical profiles

  • If you don’t have referral software (it might be time to get some) send the job description to your IT team and ask f they know someone who would be able to HELP you, not WORK for you. Yes, it’s how it works if you want to find an IT security consultant, you are not offering a job you are seeking assistance.

Cross platform campaigns

  • Multi-posting your job offer might work (if well written and sharable). Share it in LinkedIn groups in IT, Twitter with special hashtags like: #security #computer #job. Facebook is not really useful as your Facebook company’s page and the reach of a post is about 3 to 10% of your community

Remember, never go wild if you are not prepared and know exactly the profile you are looking for. It may backfire and could damage your brand, especially with a hacker.

Once all of this is set up and part of a strategy, launch your recruitment campaign and wait for the results.

Bon vent job offer!

Maximize Social Business