|
the op of the yospos interviewing thread should have the original questions plus some other advice: https://forums.somethingawful.com/showthread.php?threadid=3845966&perpage=40&noseen=1#post480076891
|
# ? Oct 17, 2022 15:44 |
|
|
# ? Jun 10, 2024 11:38 |
|
here are the questions if anyone is for some reason allergic to clicking that link quote:- who do you work with on a daily basis / describe the day to day role
|
# ? Oct 17, 2022 15:45 |
|
Here is my absolute dump of questions I've pulled from various sources.quote:What's the company's biggest threat to success this year, and how will I be able to help overcome it in this role?
|
# ? Oct 17, 2022 15:54 |
|
Awesome thanks everyone. I will have some horrifying security stories to tell from this place if I do end up leaving.
|
# ? Oct 17, 2022 15:57 |
|
I've never just copy-pasted a quote from teams in here but you can't improve on perfectionquote:The pipeline is driven from a spreadsheet which the security team can validate Edit: This is permissions management on the sensitive containerized information system for a :checks notes: 11-figure-revenue company in a heavily regulated industry. KillHour fucked around with this message at 16:56 on Oct 17, 2022 |
# ? Oct 17, 2022 16:49 |
|
quote:- when was the last time you took pto / how much did you take / what did you do I chuckled at this one because I would look like an idiot trying to remember exactly when it was. Not because I never take PTO but because I take it often enough that it's not particularly memorable and "what I did" is usually "played video games for a week."
|
# ? Oct 17, 2022 17:07 |
|
KillHour posted:I've never just copy-pasted a quote from teams in here but you can't improve on perfection Amazing. No notes.
|
# ? Oct 17, 2022 17:32 |
|
https://twitter.com/TrackInflation/status/1582037239718383616?s=20&t=4dzgPcaml-QoLXzyrbrWMA lol
|
# ? Oct 17, 2022 17:51 |
|
If someone asked whats the biggest threat to the company mission and I said world peace would that be a good or bad answer? I work in the military industrial complex.
|
# ? Oct 17, 2022 19:56 |
|
I mean, I guess that depends on how likely you think world peace is.
|
# ? Oct 17, 2022 20:02 |
|
Defenestrategy posted:If someone asked whats the biggest threat to the company mission and I said world peace would that be a good or bad answer? I work in the military industrial complex. How else are you gonna achieve world peace except by MAD? Sounds like business is going to go up Up UP
|
# ? Oct 17, 2022 20:08 |
|
KillHour posted:I chuckled at this one because I would look like an idiot trying to remember exactly when it was. Not because I never take PTO but because I take it often enough that it's not particularly memorable and "what I did" is usually "played video games for a week." That's kind of a great answer, though, because it tells the applicant people feel free to take their PTO for any reason and none. Beats hell out of "it was 14 months ago for my 3-day honeymoon to Hawaii."
|
# ? Oct 17, 2022 20:45 |
|
George H.W. oval office posted:https://twitter.com/TrackInflation/status/1582037239718383616?s=20&t=4dzgPcaml-QoLXzyrbrWMA This was deleted but basically, parler cc'd every user on their platform rather than bcc. Basically they doxxed every single on of their users.
|
# ? Oct 18, 2022 01:51 |
|
I think it was later corrected that it was just verified users, blue checkmarks essentially, but still lol
|
# ? Oct 18, 2022 02:32 |
|
|
# ? Oct 18, 2022 02:42 |
|
I'm back at work after being off a couple weeks for surgery and some of these devs I swear to god they can't tie their loving shoes without me
|
# ? Oct 18, 2022 02:43 |
|
CLAM DOWN posted:I'm back at work after being off a couple weeks for surgery and some of these devs I swear to god they can't tie their loving shoes without me Why did you kill kuato?
|
# ? Oct 18, 2022 03:16 |
|
i took monday off and I'm already dreading tomorrow. gently caress i wish resumes weren't so hard i've got gold-ish handcuffs, since my healthcare is $30/mo (in america, you canadian swine) and I'm getting paid on the high end for baby's first helpdesk job.
|
# ? Oct 18, 2022 06:28 |
|
tokin opposition posted:(in america, you canadian swine)
|
# ? Oct 18, 2022 06:37 |
|
get me citizenship and i will forgive you for loving up cheese fries with onions
|
# ? Oct 18, 2022 06:39 |
|
tokin opposition posted:get me citizenship and i will forgive you for loving up cheese fries with onions mods??!??!?!?!!
|
# ? Oct 18, 2022 06:55 |
|
<laughs in Belgian socialist healthcare>
|
# ? Oct 18, 2022 09:18 |
|
What’s the IT sector like in Canada compared to the states? I live and work in New England right now, but I’m a Canadian citizen and always viewed that as a backup plan
|
# ? Oct 18, 2022 14:07 |
|
How much of a grind in general is consulting? Latest offer came in, its a significant pay raise for me, but Im a bit worried about work/life balance. I asked all the usual questions about work/life balance, on-call, PTO, etc, and got all good answers back. But I am a bit worried that there may be some split between the sales half of the house and the technical side. Like the sales guys are all out drinking at the country club and the tech people are fine to work 40 hours a week if they know their poo poo inside and out and can bend over backwards to get stuff working for the customers. I may be speculating far to much there, I have no indications that the company is like that, but I've never worked for a consulting company before so I have no clue.
|
# ? Oct 18, 2022 14:34 |
BaseballPCHiker posted:How much of a grind in general is consulting? Latest offer came in, its a significant pay raise for me, but Im a bit worried about work/life balance. Once you get past the ambiguity and understand how to make clients happy, IME it’s easy street. Biggest danger is working for body shops that boot people after a month on the bench or just body shops in general (places that just do staff aug and would put everyone on a 1099 if they could find enough people to do it). I always ask companies solutions they’re offering, how they structure contracts, size of clients, and how they approach project management these days. Those are the biggest things that can tell you what the day to day is really like.
|
|
# ? Oct 18, 2022 14:38 |
|
Thanks for the insight. Its a smaller company. I'd be their 40th employee, and turnover has seemed to be low, but they've only been around 6 years. Clients seem to mostly be smaller companies overall. My role would be to assist them in migrating to the cloud securely and tailoring recommendations and solutions to help the business with that. I will definitely ask about how they handle project management when I have the chance later today.
|
# ? Oct 18, 2022 14:42 |
|
"Consulting" is a massive category because it just means "working on behalf of a third party." Even if your company is good, your customers might be poo poo. Some customers might have your company do the project management and some might demand to do it themselves. Some customers might value your time and be very careful about when they engage and some might send you "emergency" emails at midnight demanding something by morning. The most important thing is to have management that has your back and will come in and be the "bad guy" for you when it comes to anything that you shouldn't handle politically. Good examples of that are when the customer has pointed questions about money or what other people have promised them. As a consultant the customer needs to be able to trust you, which means you have to be the good cop and always be "on their side," even if that means dragging your boss in to be the bad cop. I would specifically ask about times where customers had unreasonable demands and how they were handled.
|
# ? Oct 18, 2022 15:01 |
|
App13 posted:What’s the IT sector like in Canada compared to the states? I live and work in New England right now, but I’m a Canadian citizen and always viewed that as a backup plan There's work but the salaries are gonna be lower than the US, generally.
|
# ? Oct 18, 2022 15:15 |
|
App13 posted:What’s the IT sector like in Canada compared to the states? I live and work in New England right now, but I’m a Canadian citizen and always viewed that as a backup plan I’ve never come close to wanting for work yet. Lots of jobs especially if you’re in a big tech hub (Toronto, Vancouver), and plenty of American firms with American salaries playing in the space too. Salaries are lower but mostly at the top end IME. You’re not going to find a lot of >200k TC jobs without going to the top tier tech companies or some particularly well funded startups though, but past a certain point it’s all just keeping score. Also minimal gun violence. Minimal gun violence is huge!
|
# ? Oct 18, 2022 16:30 |
|
The Iron Rose posted:Also minimal gun violence. Minimal gun violence is huge! One could almost say priceless?
|
# ? Oct 18, 2022 16:33 |
KillHour posted:I would specifically ask about times where customers had unreasonable demands and how they were handled. I would not trust any consulting company’s response to this fwiw
|
|
# ? Oct 18, 2022 16:54 |
|
The Iron Rose posted:I’ve never come close to wanting for work yet. Lots of jobs especially if you’re in a big tech hub (Toronto, Vancouver), and plenty of American firms with American salaries playing in the space too. Salaries are lower but mostly at the top end IME. You’re not going to find a lot of >200k TC jobs without going to the top tier tech companies or some particularly well funded startups though, but past a certain point it’s all just keeping score. Basically this. Depends heavily where you are, you will want to be in Vancouver or Toronto for the good jobs. Yes salaries are lower than the US, but you're not paying for healthcare nor are you going to die in a mass shooting. Lots of solid public sector options if you have your citizenship too.
|
# ? Oct 18, 2022 17:03 |
|
i am a moron posted:I would not trust any consulting company’s response to this fwiw Both things can be true and often are. Crossposting this from the security thread, but as of today I have two different conversations about this Uber CISO conviction and I have to say, this poo poo is loving wild and I am not seeing enough news about it. As brazen as this guy was, the things he did are loving common. To say the rest of the officers of the company didn't know is laughable. While a CISO has a self serving obligation to hide poo poo for their own ego and marketability, there is ZERO loving chance that he acted alone in any of this.
|
# ? Oct 18, 2022 17:08 |
|
Sickening posted:Both things can be true and often are. First I'm hearing of the Uber CISO thing today, link?
|
# ? Oct 18, 2022 17:11 |
|
Is someone trying to claim that a $100k payment was made by the guy acting alone?
|
# ? Oct 18, 2022 17:11 |
Is this something new, or the case that was decided a week or two ago?
|
|
# ? Oct 18, 2022 17:19 |
|
rafikki posted:Is this something new, or the case that was decided a week or two ago? It was from the case a few weeks ago. https://www.forbes.com/sites/andrewhayeurope/2022/10/06/uber-decision-implications-for-virtual-cisos/?sh=4a6977531748 Thanks Ants posted:Is someone trying to claim that a $100k payment was made by the guy acting alone? Exactly.
|
# ? Oct 18, 2022 17:22 |
|
Sickening posted:"The evidence showed that, despite knowing in great detail that Uber had suffered another data breach directly responsive to the FTC’s inquiry, Sullivan continued to work with the Uber lawyers handling or overseeing that inquiry, including the General Counsel of Uber, and never mentioned the incident to them. Instead, he touted the work that he and his team had done on data security. Uber ultimately entered into a preliminary settlement with the FTC in summer 2016, supported fully by Sullivan, without disclosing the 2016 data breach to the FTC." While its possible, I am finding it incredibly unlikely that this much work was being done and no other leadership but him knew it was happening. I would take a wild guess that in person meetings and phone calls surged during these times and emails and other messaging dropped, if you get my meaning. And when I say work being done, i mean this. Sickening posted:The evidence demonstrated that, shortly after learning the extent of the 2016 breach and rather than reporting it to the FTC, any other authorities, or Uber’s users, Sullivan executed a scheme to prevent any knowledge of the breach from reaching the FTC. For example, Sullivan told a subordinate that they “can’t let this get out,” instructed them that the information needed to be “tightly controlled,” and that the story outside of the security group was to be that “this investigation does not exist.” Sullivan then arranged to pay off the hackers in exchange for them signing non-disclosure agreements in which the hackers promised not to reveal the hack to anyone, and also contained the false representation that the hackers did not take or store any data in their hack. Uber paid the hackers $100,000 in bitcoin in December 2016, despite the fact that the hackers had refused to provide their true names. Uber was ultimately able to identify the two hackers in January of 2017 and required them to execute new copies of the non-disclosure agreements in their true names and emphasized that they were not allowed to talk about the hack to anyone else. Sullivan orchestrated these acts despite knowing that the hackers were hacking and extorting other companies as well as Uber, and that the hackers had obtained data from at least some of those other companies. doesn't pass the smell test for anyone else that works in companies with these types of situation. Sickening fucked around with this message at 17:35 on Oct 18, 2022 |
# ? Oct 18, 2022 17:31 |
|
Thanks Ants posted:Is someone trying to claim that a $100k payment was made by the guy acting alone? Not quite. It gets a bit complex, here is a decent NYT article although it will be paywalled, NYT is my fav outlet: https://www.nytimes.com/2022/10/05/technology/uber-security-chief-joe-sullivan-verdict.html?searchResultPosition=1 The New York Times posted:Mr. Sullivan said he would discuss the breach with Uber’s “A Team” of top executives, according to Mr. Clark’s testimony. He shared the matter with only one member of the A Team: the chief executive at the time, Travis Kalanick. Mr. Kalanick approved the $100,000 payment to the hackers, according to court documents. I don't know all the ins and outs but it does seem like this sort of conduct would not be unusual for security leaders, and he did gets his actions signed off by the CEO Kalanick, but unfortunately for Mr. Sullivan it appears that sign-off did not obviate his criminal liability in this case. (IANAL) Inner Light fucked around with this message at 18:09 on Oct 18, 2022 |
# ? Oct 18, 2022 18:06 |
|
|
# ? Jun 10, 2024 11:38 |
|
My poo poo company literally had a huge incident a few weeks ago that they refuse to call an incident because the product was so loving destroyed there were no logs to even show lateral movement, data exfiltration, etc. So with full sign off from the CISO and legal they said there was no evidence of any of the above, because the attacker literally destroyed the evidence on their way out.
|
# ? Oct 18, 2022 18:18 |