Reverse engineering at the interview: how we hire
Hey. My name is Alexey Malanov, I have worked for five years as the head of the Antivirus Research Department at Kaspersky Lab. I want to share with you my experience of hiring virus analysts. The post, I hope, will be interesting and useful primarily for young professionals who are only going to take the first step in their careers. Well, the mother of IT-shnik, too, can be curious, what kind of questions are asked at the interview in the LC. At one time, my team had several dozen people and we hired constantly. I sought to attend each interview in person, to be sure that the person will be what is needed.
At some point, I stopped throwing out resumes of candidates, began to pile them up on the table. Now I calculated about 300 pieces, this is in two or three years. Why so much? The fact is that in the LC the Antivirus Research Department is a “personnel forge” for other departments of the Antivirus Lab. Please do not confuse the latter with Kaspersky Lab as a whole. In order to work productively in such departments as: the department of infrastructure development, the department of the development of antivirus technologies, it is necessary to have a good understanding of the subject area. We call it “feel Malvaru”, “sit on the stream”, “pick it up”. You can not reinvent the means of autodetection or code the anti-virus engine, if you have not seen the malicious code in your eyes and can not detect it with your hands. A lot of employees, and a significant part of the management staff of the Anti-Virus Lab, and of course, Kaspersky himself, in his time, were virus analysts on the stream.
')
Having felt for Malvar, having become experienced “woodpeckers”, they already “spread out” to neighboring departments, specialize in something narrower, and become managers. In general, therefore, the hiring of virus analysts is non-stop. On average, 1-2 interviews per week. Oh yeah, I myself also started with a junior virus analyst.
Since employees are always needed, and the labor market, that’s the trouble, doesn’t supply reverse engineers, and even with the experience of analyzing malicious files, we rely on the inexperienced, and then we grow and teach ourselves.
Personally, I prefer employees - senior students. They are ambitious, hardworking, fearless, open to everything new. What can not be said about experienced programmers. Experienced are afraid to learn new things. But, of course, full of exceptions. In addition, I myself believe that my brain worked best in my student years.
And here comes a young applicant. Experience is often not at all, or it is small. The summary lists what was taught at the institute. I am only ready to combine work with the institute (20 hours a week). Sometimes also afraid of me. In my opinion, the most important thing is to understand what he wants. Work and dump? “With experience I’m more worth it!” Or want him to be given a chance to prove himself? Or mom said: “Stop playing counter all day long, go work better.”
First, of course, greeting, presentation, friendly “how did you get? Tea, do not want coffee? ". And then immediately: “Tell me, what do you think the words“ good work ”mean?”
Oh, I heard a lot of answers:
And many more. Sometimes the applicant falls into a stupor. We have to help, suggest.
Why this question, what give the answers? For me, both the answers and their order are important. If the candidate called salary, proximity to home and office comfort, then in a year it will be hard for me to motivate him. He will believe that if it is hard and boring for him to work, it is because the money is paid little. Of course, there are such people good workers. And if a difficult financial situation, then the salary will come out in the first place for an enthusiastic person. But in general, I want the employee to love his work, appreciate the team. This will be in the future to program utilities that automate work, put forward "performance proposals", develop the work, if I may say so. And not just doing what they are asking, trying to skip this stage as soon as possible and move on to leadership.
A socially desirable answer to the previous question would be “good work - this is where it’s interesting.” Not every applicant, oddly enough, generally remembers this aspect in the top three. You even have to help. But in any case, I clarify what is interesting. The question is not as simple as it seems from the outside. Try to answer it. It is especially difficult to formulate an answer to an employer, if in fact you are interested in computer games, football, beer, parties and everything else, except for the actual work. I suppose, on Habré just such a little.
The simple answer: “But, actually, this is your information security and interesting,” - does not bring to the goal. Fool themselves will not succeed. I will clarify: love to program? Did you program something for yourself? Not for the institute, not for work, not for solving problems (scattering music into folders, for example), but just for fun. Someone complains about the lack of time. Someone reveals what I would like to do in fact, and this work is just to start somewhere.
There is such an approach to job search: send out a resume to 20-30 companies, place on all relevant sites, and wait for calls, go to choose. The approach has the right to life, it is generally effective. But if a candidate wants to work with us, to be honest, it affects me very much. Even if he himself inspired, all the same.
As you might guess, there are people who say to every employer that they have always dreamed of working for him. What questions do they usually “burn”:
My advice to you, be honest. This gives you an employer. Well, and the preparation for these issues would still not help to deceive him.
Rarely what work is dynamic and exciting for a long time. If you are a programmer, then you will still be coding a lot, no matter how interesting your projects are. If you are a manager, then you will be a lot of "resolve issues." If a virus analyst - a lot of malware will pass through your hands. And no matter how much you like the reverse, assiduity doesn't hurt you either.
This is not to say that if a candidate “loves the routine”, then this is good. In no case. But any agreement, readiness of the candidate sets him up positively for the future.
On one motivation you will not get far. Need and knowledge, too. Of course, we ask a lot of common questions, like:
etc. But there are favorite questions.
When assigning an interview, the candidate is invited to redirect a simple file at home. Knowledge of Asm is required for the position. Moreover, enough of the institute course, experience is not necessary. With this task we check not only knowledge, but also readiness to spend an hour or a day of our time. And if the applicant is really an expert, the task will take him 5 minutes. Some candidates are not so eager to work with us in order to waste their personal time on some kind of tasks there. This is also normal. Only in the position of a viral analyst will have to reverse and deal with. And if you are not interested in one sample, you will hardly be interested in analyzing them a lot.
A couple of times came the candidates who just google the crackme01_x64.exe file and took the solution from there. Epic victory.
xor eax, eax
or eax, eax
jz label
Will there be a transition on the label? Suddenly, you can find out that the candidate who decided the test task does not know what bit operations are or cannot write a truth label for the operation "OR".
Is it true that if 6 / a <3 , then a> 2 ? I am writing a question on a piece of paper, giving the candidate and asking him to write an answer, adding “think, take your time”. If a candidate writes “not true,” it means that he remembers what was taught in school, and the institute could not cloud the mind. We remove the piece of paper and proceed to the next question.
But if the candidate writes down “correctly”, then I am very curious to see how a person makes mistakes (with what speed, with what confidence) and how he treats his mistakes.
To begin, I ask you to substitute -1 (there was one applicant, then we still did not give the task before the interview, who could not say what 6 / -1 is equal to). And then I find out why the candidate was wrong. Someone hurried and very worried about this. Someone insists that "the task was set incorrectly, you did not warn me." Someone writes on a piece of paper: “True, provided that a> 0 ”. Someone has been trying to figure out for a long time how this goes, “after all, 3a> 6 ”, and even takes the task “at home”. Well, someone pushes the piece to the side: "garbage, let's continue."
In this work, the virus analyst constantly makes a decision (cases are complex and not obvious). There was an employee who, having admitted an unpleasant false alarm, justified himself: “So what, well, clean user files were deleted, restore from backup storage.” And I observed the opposite extremity: the analyst cannot decide to add the detector, everything is afraid, all of a sudden it’s just a clumsy component Chinese software.
We ask this question. We specify where, with what, what was remembered, whether I tried to analyze how I treated. Very frustrating answer: “I just reinstall the system.” And once I even heard: “I don’t cure viruses, they don’t bother me. I don’t have valuable information, let them be. ”It is clear that this level of responsibility will not suit us.
You ask, why are not those who we fight with - Malvarschiki, not introduced or retrained to us? Very rarely, but still they come for interviews. You look at the summary: the class specialist, knows a lot of things, it is clear that the experience is great. Wondering where such knowledge comes from. It starts: “Well, I worked there, in one company, we optimized software, worked with other companies, were engaged in software delivery ...” And to the questions “how many people were in the company, how many people were in the department, who are customers, from whom you received the task "answer completely unable.
And it happens the other way around. Confident comes: "I wrote such a cool worm, which you haven't been detecting for so many days."
Do not write in the summary that you are an expert on some issue. This simply teaches the employer to check how really cool you are. But most still just write "skills: Asm, C / C ++, C #." I ask to evaluate the skill on a 10-point scale. I note this 10-point scale is better than 5-point scale, obviously. And here often again the applicant puts dozens and nines.
Please name three main differences between C and C ++. And I hear such assumptions:
“Experts” for some reason completely forget about patterns and exceptions. Moral: soberly assess your knowledge. If it is difficult for you to assess the knowledge of a certain area, most likely you are not well versed in it. But excessive modesty at the interview is also useless.
An interview usually ends with a sample of an IDA sample in 15 minutes. Here we check the ability to grasp the new (if the new candidate was, of course). If difficulties arise, we can prompt by the first half, but should cope with the second by analogy.
There was one case. The employee came to the interview three times and “filled up” the analysis. As he himself later confessed, he simply went into a stupor and could not say anything. I am very glad that we still took it. He is one of the best employees in the department (now, by the way, the group manager).
In general, the starting salary in our position is “according to the staff schedule” and, as they say, bargaining is not appropriate here. Nevertheless, it is very important to find out the candidate’s expectations in order to understand whether he can work with us at all, all of a sudden we are in different universes. Here the salesman’s rule is well applicable: “first listen and then speak.” I advise you to apply everywhere. I use the approach my supervisor used when hiring me. Please write the expectations for three periods: the first year of work, the second, the third and beyond. I do not use the word "want", instead I say "your expectations." And such an approach to the formulation of the question allows the applicant to be fixed instead of “no matter how bad it is and does not scare away” by “how fast my skills will actually grow”. Immediately the automaton will reveal the idea of ​​a fair annual increase. And also, as it were, behind a contract for three years ahead on the dynamics of wages. For example, if in a year he comes and, conditionally, asks for a doubling of salary, I can get that sheet (summary) and ask if the skills have grown sodramatically significantly.
After that, unlike sales clerk, I do not say anything, but simply remove the answer sheet and turn to other questions.
The question is not so clear and even holivarny. I will designate my vision. First, after the interview, we often need to confer and weigh everything. Secondly, even if the candidate is obviously cool, you should not infect him with stellar disease, even if, as they say, “suffer a little”. This will benefit further career. If the candidate does not suit us, and we will inform the decision immediately, then:
But if he, suppose, did not answer a single question and understands everything perfectly, I immediately say that in this position a greater amount of knowledge is required.
In addition, there is an HR officer who usually reports a solution. He has a lot of experience reporting failures correctly , so it’s best to trust a professional.
And, of course, we have a rule: we report a decision in any case within three working days. And if we do not have time to decide, then we ask the candidate to wait.
And again: if the candidate does not pass solely on skills and knowledge, we suggest that he prepare better and come again (and even the third). This insures us and the candidate from all kinds of "eclipses." After the interview, he understands much better what exactly you need to know in order to cope with the work. Of course, only the one who really wants will take advantage of this opportunity, and not the one who as a whole does not care where to work.
I once read one post about "stupid" (open) questions at interviews, and I got the impression that the author does not understand at all why an interview is needed, because "everything in the summary is written." And what is striking, much of the commenting was in agreement with the author.
I also regularly asked questions: “What didn’t work out with the previous employer, what is your“ career growth ”for you, what would be your shortcomings?” And many other stereotyped ones. Believe me, not all give “socially desirable” answers, many really reveal their character traits. I have no secret tricks , I just listen and form an opinion. If the candidate seemed to me “impudent”, I ask around what could be conflicts in the team. If I suspect that a candidate is a “dolt” (a person who is preparing for the exam on the last night), I will ask whether it is better to: predict the completion date with a margin and finish in advance, or pass on time, but at the last minute? Etc.
If you think all these questions are meaningless , try putting yourself in the employer's place. People work in the department, someone works better, someone worse. And why is that? When they are already working, it is hard to understand what can be done so that “the eyes glow brighter”. And if you see a candidate for the first time, it’s much harder to predict.
There was once a candidate. HR employee honestly warned that he is not quite adequate, but not only me, but my partner. And he, radish, did not tell me.
I: How did you get there?
He: By train!
At first, I asked a couple of familiar questions, but then it became clear that we could not work. I complained that for work as a virus analyst, knowledge of the Assembler is extremely important (and the candidate, as it turned out, did not know him, although he indicated in the summary). He got up and began in an angry, scandalous voice: “Why then did you have to scoff, give these stupid tasks, moronic questions ?!” And further on in the same vein. Violently escorted him to the elevator.
I myself am convinced that regardless of whether the candidate approached us or not, we must show him that LC is a better place to work. And the office alone is not limited. If he wishes, we will show him virlab, smiling colleagues, answer all your questions. You can not press on the candidate, to fill up. And if he answers a question about some nonsense, I call it a curious point of view.
Why is this necessary? After all, he is unlikely to go post shit on the forum. I just try to make the world kinder.
Google recently admitted that interview puzzles were generally useless. And I will add that in the pursuit of some kind of “author's technique” of recruiting employees, it is very easy to slip into the list of “favorite questions” and thoughtlessly ask them in turn. That criticism of the questions at the interviews , which is full and on Habré, it seems to me, in fact, is directed not so much at the questions themselves, as at the stereotyped and soulless. So, I sincerely believe that we are looking for people who are really interested in reverse and exploring this aspect of IT Security, and therefore we practice the human approach during the interview; We are primarily looking for creative colleagues and friends, not those who are able to quickly solve puzzles.
I hope you were curious, you expanded your horizons, a little better understood why they are asking such "stupid" questions. And even better, if I helped determine future plans for life. And, of course, if you have questions - ask, I will answer with pleasure. Good luck!
UPD: Completely forgot! We also have excellent fresh vacancies, including for those who want to pick Malvar: http://kaspersky-lab.hantim.ru/jobs
Volume
At some point, I stopped throwing out resumes of candidates, began to pile them up on the table. Now I calculated about 300 pieces, this is in two or three years. Why so much? The fact is that in the LC the Antivirus Research Department is a “personnel forge” for other departments of the Antivirus Lab. Please do not confuse the latter with Kaspersky Lab as a whole. In order to work productively in such departments as: the department of infrastructure development, the department of the development of antivirus technologies, it is necessary to have a good understanding of the subject area. We call it “feel Malvaru”, “sit on the stream”, “pick it up”. You can not reinvent the means of autodetection or code the anti-virus engine, if you have not seen the malicious code in your eyes and can not detect it with your hands. A lot of employees, and a significant part of the management staff of the Anti-Virus Lab, and of course, Kaspersky himself, in his time, were virus analysts on the stream.
')
Having felt for Malvar, having become experienced “woodpeckers”, they already “spread out” to neighboring departments, specialize in something narrower, and become managers. In general, therefore, the hiring of virus analysts is non-stop. On average, 1-2 interviews per week. Oh yeah, I myself also started with a junior virus analyst.
Lecture hall
Since employees are always needed, and the labor market, that’s the trouble, doesn’t supply reverse engineers, and even with the experience of analyzing malicious files, we rely on the inexperienced, and then we grow and teach ourselves.
Personally, I prefer employees - senior students. They are ambitious, hardworking, fearless, open to everything new. What can not be said about experienced programmers. Experienced are afraid to learn new things. But, of course, full of exceptions. In addition, I myself believe that my brain worked best in my student years.
Motivation
And here comes a young applicant. Experience is often not at all, or it is small. The summary lists what was taught at the institute. I am only ready to combine work with the institute (20 hours a week). Sometimes also afraid of me. In my opinion, the most important thing is to understand what he wants. Work and dump? “With experience I’m more worth it!” Or want him to be given a chance to prove himself? Or mom said: “Stop playing counter all day long, go work better.”
Good job
First, of course, greeting, presentation, friendly “how did you get? Tea, do not want coffee? ". And then immediately: “Tell me, what do you think the words“ good work ”mean?”
Oh, I heard a lot of answers:
- This is where well paid
- This is when it is convenient to drive.
- This is where it is interesting to work.
- The main thing that the boss was kind
- The boss is good (not necessarily kind)
- Good team
- This is where there are prospects.
- This is where there is development.
- This is where there is a career growth.
- This is when you can combine with study
And many more. Sometimes the applicant falls into a stupor. We have to help, suggest.
Why this question, what give the answers? For me, both the answers and their order are important. If the candidate called salary, proximity to home and office comfort, then in a year it will be hard for me to motivate him. He will believe that if it is hard and boring for him to work, it is because the money is paid little. Of course, there are such people good workers. And if a difficult financial situation, then the salary will come out in the first place for an enthusiastic person. But in general, I want the employee to love his work, appreciate the team. This will be in the future to program utilities that automate work, put forward "performance proposals", develop the work, if I may say so. And not just doing what they are asking, trying to skip this stage as soon as possible and move on to leadership.
And what are you interested in?
A socially desirable answer to the previous question would be “good work - this is where it’s interesting.” Not every applicant, oddly enough, generally remembers this aspect in the top three. You even have to help. But in any case, I clarify what is interesting. The question is not as simple as it seems from the outside. Try to answer it. It is especially difficult to formulate an answer to an employer, if in fact you are interested in computer games, football, beer, parties and everything else, except for the actual work. I suppose, on Habré just such a little.
The simple answer: “But, actually, this is your information security and interesting,” - does not bring to the goal. Fool themselves will not succeed. I will clarify: love to program? Did you program something for yourself? Not for the institute, not for work, not for solving problems (scattering music into folders, for example), but just for fun. Someone complains about the lack of time. Someone reveals what I would like to do in fact, and this work is just to start somewhere.
I always dreamed of working for you
There is such an approach to job search: send out a resume to 20-30 companies, place on all relevant sites, and wait for calls, go to choose. The approach has the right to life, it is generally effective. But if a candidate wants to work with us, to be honest, it affects me very much. Even if he himself inspired, all the same.
As you might guess, there are people who say to every employer that they have always dreamed of working for him. What questions do they usually “burn”:
- And what do you know about us? And what products besides antivirus do we still have?
- And what other anti-virus companies do you know?
- And from what moment did you decide that? Have you been devoting reverse engineering all this time?
My advice to you, be honest. This gives you an employer. Well, and the preparation for these issues would still not help to deceive him.
How do you feel about the routine?
Rarely what work is dynamic and exciting for a long time. If you are a programmer, then you will still be coding a lot, no matter how interesting your projects are. If you are a manager, then you will be a lot of "resolve issues." If a virus analyst - a lot of malware will pass through your hands. And no matter how much you like the reverse, assiduity doesn't hurt you either.
This is not to say that if a candidate “loves the routine”, then this is good. In no case. But any agreement, readiness of the candidate sets him up positively for the future.
Expertise
On one motivation you will not get far. Need and knowledge, too. Of course, we ask a lot of common questions, like:
- What would you write an antivirus log parser?
- What are the known WinAPI functions for creating a new process?
- But you have here in the summary technology unknown to me, tell me why it is needed
etc. But there are favorite questions.
Crackme
When assigning an interview, the candidate is invited to redirect a simple file at home. Knowledge of Asm is required for the position. Moreover, enough of the institute course, experience is not necessary. With this task we check not only knowledge, but also readiness to spend an hour or a day of our time. And if the applicant is really an expert, the task will take him 5 minutes. Some candidates are not so eager to work with us in order to waste their personal time on some kind of tasks there. This is also normal. Only in the position of a viral analyst will have to reverse and deal with. And if you are not interested in one sample, you will hardly be interested in analyzing them a lot.
A couple of times came the candidates who just google the crackme01_x64.exe file and took the solution from there. Epic victory.
Assembler
xor eax, eax
or eax, eax
jz label
Will there be a transition on the label? Suddenly, you can find out that the candidate who decided the test task does not know what bit operations are or cannot write a truth label for the operation "OR".
Problem
Is it true that if 6 / a <3 , then a> 2 ? I am writing a question on a piece of paper, giving the candidate and asking him to write an answer, adding “think, take your time”. If a candidate writes “not true,” it means that he remembers what was taught in school, and the institute could not cloud the mind. We remove the piece of paper and proceed to the next question.
But if the candidate writes down “correctly”, then I am very curious to see how a person makes mistakes (with what speed, with what confidence) and how he treats his mistakes.
To begin, I ask you to substitute -1 (there was one applicant, then we still did not give the task before the interview, who could not say what 6 / -1 is equal to). And then I find out why the candidate was wrong. Someone hurried and very worried about this. Someone insists that "the task was set incorrectly, you did not warn me." Someone writes on a piece of paper: “True, provided that a> 0 ”. Someone has been trying to figure out for a long time how this goes, “after all, 3a> 6 ”, and even takes the task “at home”. Well, someone pushes the piece to the side: "garbage, let's continue."
In this work, the virus analyst constantly makes a decision (cases are complex and not obvious). There was an employee who, having admitted an unpleasant false alarm, justified himself: “So what, well, clean user files were deleted, restore from backup storage.” And I observed the opposite extremity: the analyst cannot decide to add the detector, everything is afraid, all of a sudden it’s just a clumsy component Chinese software.
Have you encountered viruses?
We ask this question. We specify where, with what, what was remembered, whether I tried to analyze how I treated. Very frustrating answer: “I just reinstall the system.” And once I even heard: “I don’t cure viruses, they don’t bother me. I don’t have valuable information, let them be. ”It is clear that this level of responsibility will not suit us.
And do not you have an hour?
You ask, why are not those who we fight with - Malvarschiki, not introduced or retrained to us? Very rarely, but still they come for interviews. You look at the summary: the class specialist, knows a lot of things, it is clear that the experience is great. Wondering where such knowledge comes from. It starts: “Well, I worked there, in one company, we optimized software, worked with other companies, were engaged in software delivery ...” And to the questions “how many people were in the company, how many people were in the department, who are customers, from whom you received the task "answer completely unable.
And it happens the other way around. Confident comes: "I wrote such a cool worm, which you haven't been detecting for so many days."
C vs C ++
Do not write in the summary that you are an expert on some issue. This simply teaches the employer to check how really cool you are. But most still just write "skills: Asm, C / C ++, C #." I ask to evaluate the skill on a 10-point scale. I note this 10-point scale is better than 5-point scale, obviously. And here often again the applicant puts dozens and nines.
Please name three main differences between C and C ++. And I hear such assumptions:
- Nothing much different, just the name is "C / C ++"
- Only classes added. Three differences are polymorphism, encapsulation and inheritance.
- Function overload appeared, variables can be declared in the middle of the block, type bool was added
“Experts” for some reason completely forget about patterns and exceptions. Moral: soberly assess your knowledge. If it is difficult for you to assess the knowledge of a certain area, most likely you are not well versed in it. But excessive modesty at the interview is also useless.
Sampling
An interview usually ends with a sample of an IDA sample in 15 minutes. Here we check the ability to grasp the new (if the new candidate was, of course). If difficulties arise, we can prompt by the first half, but should cope with the second by analogy.
There was one case. The employee came to the interview three times and “filled up” the analysis. As he himself later confessed, he simply went into a stupor and could not say anything. I am very glad that we still took it. He is one of the best employees in the department (now, by the way, the group manager).
Salary
In general, the starting salary in our position is “according to the staff schedule” and, as they say, bargaining is not appropriate here. Nevertheless, it is very important to find out the candidate’s expectations in order to understand whether he can work with us at all, all of a sudden we are in different universes. Here the salesman’s rule is well applicable: “first listen and then speak.” I advise you to apply everywhere. I use the approach my supervisor used when hiring me. Please write the expectations for three periods: the first year of work, the second, the third and beyond. I do not use the word "want", instead I say "your expectations." And such an approach to the formulation of the question allows the applicant to be fixed instead of “no matter how bad it is and does not scare away” by “how fast my skills will actually grow”. Immediately the automaton will reveal the idea of ​​a fair annual increase. And also, as it were, behind a contract for three years ahead on the dynamics of wages. For example, if in a year he comes and, conditionally, asks for a doubling of salary, I can get that sheet (summary) and ask if the skills have grown so
After that, unlike sales clerk, I do not say anything, but simply remove the answer sheet and turn to other questions.
Conclusion
Why I do not inform the decision immediately
The question is not so clear and even holivarny. I will designate my vision. First, after the interview, we often need to confer and weigh everything. Secondly, even if the candidate is obviously cool, you should not infect him with stellar disease, even if, as they say, “suffer a little”. This will benefit further career. If the candidate does not suit us, and we will inform the decision immediately, then:
- Candidate can begin to argue, persuade
- The candidate will doubt our objectivity, they say, we did not take into account all aspects
But if he, suppose, did not answer a single question and understands everything perfectly, I immediately say that in this position a greater amount of knowledge is required.
In addition, there is an HR officer who usually reports a solution. He has a lot of experience reporting failures correctly , so it’s best to trust a professional.
And, of course, we have a rule: we report a decision in any case within three working days. And if we do not have time to decide, then we ask the candidate to wait.
And again: if the candidate does not pass solely on skills and knowledge, we suggest that he prepare better and come again (and even the third). This insures us and the candidate from all kinds of "eclipses." After the interview, he understands much better what exactly you need to know in order to cope with the work. Of course, only the one who really wants will take advantage of this opportunity, and not the one who as a whole does not care where to work.
Other issues
I once read one post about "stupid" (open) questions at interviews, and I got the impression that the author does not understand at all why an interview is needed, because "everything in the summary is written." And what is striking, much of the commenting was in agreement with the author.
I also regularly asked questions: “What didn’t work out with the previous employer, what is your“ career growth ”for you, what would be your shortcomings?” And many other stereotyped ones. Believe me, not all give “socially desirable” answers, many really reveal their character traits. I have no secret tricks , I just listen and form an opinion. If the candidate seemed to me “impudent”, I ask around what could be conflicts in the team. If I suspect that a candidate is a “dolt” (a person who is preparing for the exam on the last night), I will ask whether it is better to: predict the completion date with a margin and finish in advance, or pass on time, but at the last minute? Etc.
If you think all these questions are meaningless , try putting yourself in the employer's place. People work in the department, someone works better, someone worse. And why is that? When they are already working, it is hard to understand what can be done so that “the eyes glow brighter”. And if you see a candidate for the first time, it’s much harder to predict.
Case of life
There was once a candidate. HR employee honestly warned that he is not quite adequate, but not only me, but my partner. And he, radish, did not tell me.
I: How did you get there?
He: By train!
At first, I asked a couple of familiar questions, but then it became clear that we could not work. I complained that for work as a virus analyst, knowledge of the Assembler is extremely important (and the candidate, as it turned out, did not know him, although he indicated in the summary). He got up and began in an angry, scandalous voice: “Why then did you have to scoff, give these stupid tasks, moronic questions ?!” And further on in the same vein. Violently escorted him to the elevator.
Positive precipitate
I myself am convinced that regardless of whether the candidate approached us or not, we must show him that LC is a better place to work. And the office alone is not limited. If he wishes, we will show him virlab, smiling colleagues, answer all your questions. You can not press on the candidate, to fill up. And if he answers a question about some nonsense, I call it a curious point of view.
Why is this necessary? After all, he is unlikely to go post shit on the forum. I just try to make the world kinder.
Total
Google recently admitted that interview puzzles were generally useless. And I will add that in the pursuit of some kind of “author's technique” of recruiting employees, it is very easy to slip into the list of “favorite questions” and thoughtlessly ask them in turn. That criticism of the questions at the interviews , which is full and on Habré, it seems to me, in fact, is directed not so much at the questions themselves, as at the stereotyped and soulless. So, I sincerely believe that we are looking for people who are really interested in reverse and exploring this aspect of IT Security, and therefore we practice the human approach during the interview; We are primarily looking for creative colleagues and friends, not those who are able to quickly solve puzzles.
I hope you were curious, you expanded your horizons, a little better understood why they are asking such "stupid" questions. And even better, if I helped determine future plans for life. And, of course, if you have questions - ask, I will answer with pleasure. Good luck!
UPD: Completely forgot! We also have excellent fresh vacancies, including for those who want to pick Malvar: http://kaspersky-lab.hantim.ru/jobs
Source: https://habr.com/ru/post/203228/
All Articles