2024-08-06 –, Florentine B2
Over the course of 18 months, I applied to way too many jobs, and I learned hard, painful lessons. The main one? It wasn’t about what I was looking to do that mattered - what did was in what kind of environment. For me, the people and values of the organization are significantly more important than the role itself. I have had incredibly unique jobs, some in toxic environments. In this talk, I’ll draw on lessons from OSINT, risk analysis, and maturity assessment to explain how to conduct "cultural due diligence," including how to maximize chances of an interview and which questions to ask during interviews. Attendees will save on the cost of the job hunt based on my experience.
Presentation Outline
My Existential Introduction (5 min)
- Who am I?
- Why am I here?
- What have i done?
Who this is for / what needs to be true for you (7-8 min)
- Requisite analogy about asset inventory and vulnerability assessment
- Thomas Kilmann Conflict Mode Assessment
- Knowing how you handle conflict
- Cool Shit, Toxic Environments
- Doing what you love in a place you hate
- How you know that matters more / less
- What Matters: Who and How
- Litmus tests: salary or satisfaction
- Why you have changed jobs
Lines of inquiry (10 min)
- What kind of people excel
- How the org handled the pandemic
- If DEI matters to you
- Language: how to evaluate
Finding sources (10 min)
- OSINT: how to really use LinkedIn, Glassdoor, and Indeed (and Instagram)
- Your security network: cultivating community and connections
- Your non-security network: talking to people who don’t work in security
- Getting sufficient number of people to be confident
A few notes (5 min)
- What layoffs can mean, but don’t always
- Caveat emptor: YMMV
- Reminder: I’m a misfit at most places
3 takeaways (5 min)
- Interviewing for culture is hard and requires patience, but here is a framework for how to approach it.
- You cannot measure job search progress by number of interviews alone, but by what you learned about the organizations you are likely to fit into it.
- There are a few simple steps you can take and questions you can ask to maximize your chance of finding the right organizational home for your talents.
Munish Walther-Puri (he/him) is the VP of Cyber Risk at Exiger, where he focuses on supply chain and cyber risk in the tech, media, and telecom sectors. He is the former Director of Cyber Risk for New York City Cyber Command. He also teaches on cyber resiliency and cybersecurity at NYU Center for Global Affairs and Columbia SIPA.
Prior to working for the City of New York, he led analysis and intelligence for a dark web monitoring company, advised startups in corporate investigations, encrypted communications, and political risk, and consulted independently on applying technology and analytics to geopolitical analysis, forecasting, and open-source intelligence analysis. He also spent time at a large American bank, working on the intersection of fraud, cyber investigations, and terrorism, and at a leading think tank, focused on nuclear policy and international security.
Munish is a Life member of the Council on Foreign Relations and co-founder and advisor to the Fletcher Political Risk Group. He is an ally for the #ShareTheMicInCyber campaign and an Eagle Scout.