Mentioning Defcon or other security conferences in resume

**g3k_** · July 22, 2010, 07:20

Re: Mentioning Defcon or other security conferences in resume

I've found that sometimes it doesn't always help to mention Defcon. It's awkward when you are talking to a potential employer and they have no idea what Defcon is, so you have to explain it to them. Then you deal with the hacker question, not knowing anything really about infosec or what's going on. I didn't get a job at Raydon because of probably how little they knew about what was on my resume or what the hell I was talking about. Worst interview ever.

I've had to do this several times, and it seems to crop up as an issue for a lot companies that mention that they are PCI compliant :>

**Xeon** · July 22, 2010, 07:44

Re: Mentioning Defcon or other security conferences in resume

Originally posted by g3k_

<snip> ...when you are talking to a potential employer and they have no idea what Defcon is, so you have to explain it to them. ...<snip>

When you explain Defcon, what do you say about it? When talking to a potential employer, it seems that using the words "Security Conference" would get better results than "Hacker Convention".

If they know what it is, then they are probably friendly to the idea. If not, then they could be thrilled that "Once a year, I go learn about the latest security threats in order to build a defense against them." Who knows, they might even be willing to pay for attendance.

**willasaywhat** · July 22, 2010, 08:02

Re: Mentioning Defcon or other security conferences in resume

Originally posted by SHA-hi

I don't want the kid out of school that took software, I want the kid that has a good handle on software and knows about things like how SVN works, they've worked with some new frameworks and/or contributed to something, they've at least heard of Y-Combinator, rails, they know that there's a new C++ version released recently, the skill set varies depending on the job, but one of the biggest problems I see in programmers are the complete inability to understand security in their applications and think about vectors of attack while creating the code, and a lack of vision/imagination/creativity (which of course is required for the first one).

Y-Combinator? Are you a HackerNews user? I'll try not to threadjack, but I find it interesting that you mention them specifically.

**g3k_** · July 22, 2010, 08:12

Re: Mentioning Defcon or other security conferences in resume

Originally posted by Xeon

When you explain Defcon, what do you say about it? When talking to a potential employer, it seems that using the words "Security Conference" would get better results than "Hacker Convention".

If they know what it is, then they are probably friendly to the idea. If not, then they could be thrilled that "Once a year, I go learn about the latest security threats in order to build a defense against them." Who knows, they might even be willing to pay for attendance.

I've been using 'security conference' and 'some of the world's greatest computer security experts gather and give talks about cyber security' I did use 'hacker con' in one interview for a sysadmin job that wanted you to have CISSP, and that got the interviewer kind of excited rather than turned off.

**astcell** · July 22, 2010, 09:16

Re: Mentioning Defcon or other security conferences in resume

I'd mention Blackhat.

**willasaywhat** · July 22, 2010, 09:44

Re: Mentioning Defcon or other security conferences in resume

Originally posted by g3k_

I've been using 'security conference' and 'some of the world's greatest computer security experts gather and give talks about cyber security' I did use 'hacker con' in one interview for a sysadmin job that wanted you to have CISSP, and that got the interviewer kind of excited rather than turned off.

See, it's all about Social Engineering and sales. You can sell 'hacker con' to CIS organizations. They love that stuff, eat it up, hire it in a heartbeat. Others, not so much. Feel out your mark, do your homework, and sell it (you) to them.

**Darkfiber** · July 22, 2010, 16:27

Re: Mentioning Defcon or other security conferences in resume

And this is exactly why I didn't put anything next to defcon on my resume. I want them to ask me about it and depending on who it is, I'll explain it differently.

Abyssknight is right; Interviews are all about your personal sales pitch. It's also kind of like a poker game from a hiring point of view as I might just be looking for an offer letter and nothing more ;)

**Dr. Tran** · July 23, 2010, 18:15

Re: Mentioning Defcon or other security conferences in resume

I would only mention Defcon on a resume if you have given a talk. It's being active in the community and giving back that counts. Talking at Defcon shows initiative, passion, ability to present in front of large crowds, etc etc. Not to say attendees aren't any of those. Also, the managers I know that have been to Defcon, they know it's also one big party, haha.
If during the interview they ask about how you keep up to date on the industry or keep up with your certification requirements, then that's okay to mention Defcon. I use all the cons I attend and present at as CPE's for my certifications.

**g3k_** · July 24, 2010, 21:51

Re: Mentioning Defcon or other security conferences in resume

Kind of on topic, how many people bring copies of their resume to the con to hand out?

**theprez98** · July 25, 2010, 07:26

Re: Mentioning Defcon or other security conferences in resume

Originally posted by g3k_

Kind of on topic, how many people bring copies of their resume to the con to hand out?

Somewhere during your talk, mention that your company is hiring. At the conclusion of your talk you will find out the answer.

I had this happen to me at DEFCON talk and must have gotten at least half a dozen full-blown resumes and dozens of business cards.

**g3k_** · July 25, 2010, 19:17

Re: Mentioning Defcon or other security conferences in resume

Originally posted by theprez98

Somewhere during your talk, mention that your company is hiring. At the conclusion of your talk you will find out the answer.

I had this happen to me at DEFCON talk and must have gotten at least half a dozen full-blown resumes and dozens of business cards.

Excellent :) I'll keep my ear out

**Bytemi** · July 26, 2010, 03:44

Re: Mentioning Defcon or other security conferences in resume

This is my first year attending Defcon so I do not have it listed on my resume. Honestly I think I would like to attend two or three years before listing it.

But I can tell you as the person in charge of hiring, I look for things like Defcon and community activities when reviewing resumes and deciding who to call in for an interview. I honestly feel that people that attend Defcon have the right personality and dedication that is necessary to work in my department.

If there is nothing listed on a resume, I give people an opening during the interview with one simple question "How do you stay current?". That is the perfect time to tell me about Defcon or any other forums you are a member of.

Mentioning Defcon or other security conferences in resume

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment