Photo by Blake Cheek
We help companies find you! How we do it is a little different from the competition. They usually just make introductions. We give you lots of homework that helps with interview prep, resume formatting, and technical review. For example, we expect all of our candidates, regardless of education or experience to be able to talk through an entire APT (Advanced Persistent Threat) campaign, overlay it on the MITRE ATT&CK framework, and prioritize mitigations for that campaign using the Essential Eight Maturity Model. The good news is that we open sourced all the study material and it is available below.
As a recruiting firm we technically work for the company that hires you: the company pays us, not you. Also, what they pay us has no impact on you whatsoever. That is their cost of doing business.
We work at the national level. We might not have connections in your target area, but we will work to build connections to help you transition. Those of you on Active Duty have a long lead time which is a huge benefit!
We work with both private institutions for people with no clearance and no Federal experience AND government contractors at all classification levels.
We put our money where our mouth is. We will continue to publish/open source our candidate-focused intellectual property here so you can share it with the rest of the community. Because if the community succeeds, we all win.
Download and use this resume template. (Also, never enable macros). This template contains the scar tissue from reading literally thousands of resumes and reviewing almost every current resume book on the market and hits the center of the Venn Diagram that is the non-science art of selling yourself in a couple piece of paper.
General guidance: Utilize the following points. They will help for a number of reasons ranging from making sure an ATS does't just drop your resume because it can't read it to making sure junior HR professionals read the right content.
General guidance: Technical resumes should be two pages.
General guidance: Put the most important section, bullet, or list item first. If a bad recruiter only reads one thing, what do you want them to read?!
General guidance: From Laszlo Bock, the former lead talent officer at Google: "When it comes to resumes, Bock says, substance definitely matters more than style. He'd definitely prefer to see a simple, traditional, perfectly formatted resume than something creative that’s tough to read. “Unless you're applying for a job such as a designer or artist, your focus should be on making your resume clean and legible,” he writes." This quote is by The Muse Editor available at https://www.themuse.com/advice/5-huge-resume-mistakes-googles-head-of-hr-sees-all-the-time
General guidance: Lead is not LED.
General guidance: Delete the word/phrases "Responsible for," "proven," and "detail oriented."
General guidance: Use the Oxford comma. Oxford commas help readers differentiate between list items. Your resume is a list of lists. You may revert to serial commas for your side gig writing in prose.
Header: Do not put your actual address: Just city and state.
When writing a resume there are four audience to consider:
Applicant Tracking Systems: A Gatekeeper. You probably hate these. Rightly so. These are the robots that look at your resume and see if you are a fit. Many ATSs have hard time understanding columns so...avoid columns. See above. They also do not understand what a "Code Ninja" is so please use industry terms like "Senior Developer."
The junior recruiter / reviewer: A Gatekeeper. This is the HR guy that has been there a couple years and still has no idea about what it is you actually do. He thinks that Sec+ and OSCE are industry equivalents because OSCE is just another industry certification. To really get through to these people, you need to list not just the certification but also the things you learned in the certification. Example: during OSCP you will probably use nmap, Immunity Debugger, Ollydbg, Python, Ruby, and maybe reflective DLL injection so list those things as well.
The senior recruiter: This lady actually reads your resume and possibly hands it over to the hiring manager. This can be either a company internal recruiter or a recruting firm, by the way. Hopefully the senior recruiter actually has a technical background or enough time in the industry to understand your daily trials and tribulations and should definitely know the difference between CEH and CISSP.
The Hiring manager. This lady decides if you get the job and will probably be your boss. Everyone else you talked with prior was just a stumbling block designed to prevent access to her. She can see through your BS. She will probably ask you about everything on your resume. Note: if you list a skill on your resume but have not looked at in a while, grab a beer and a skill cheatsheet and study a bit before she calls you.
For more info on the Four Audiences, check out the 2018 Ladder's Resume Guide by Marc Cenedella.
Explain the model of what happens when you type in example.com (or google.com) into a browser and hit enter?
This is FAR more than just explaining DNS!
Be prepared to pick up a marker and walk to a whiteboard for this question.
As you walk through your explanation, talk about the assumptions you make: type of machine on which you press enter, operating system, browser variant, tab virtualization, etc. A great place to start is to assume that you start with a completely fresh install on an enterprise thin client that is properly physically connected, has joined the domain, and has no cache.
This question should take at least 45 minutes to explain and requires you to explain how an application works, how an operating system works, how the processor interacts with system interrupts and the stack/heap, how an ethernet frame is built from an application request, the difference between IPv4 and IPv6, virtualization, load balancing, ARP requests, DNS transfer type, application and network internal caching, CAM tables, routing, firewalls, TCP, IDS/IPS, client-server communication, 302 redirects, http vs https, TLS/SSL, html rendering, different routing protocols, and many, many other things.
At each step you need to annouce your series of assumptions and explain why you are choosing to explain a particular branch: At this point we'll assume there is no network internal caching server that might respond so now I'll explain X.
Now that you explained the model for what happens when you hit enter, how would you break that model?
Since you proposed how to break the model, how would you defend against your proposed break?
Explain an APT campaign and how to protect, defend, and respond to it through various stages of the process. (Hint: look at the first article in the reading list below or just click here for more info.
Why should I hire you?
How will hiring you increase our bottom line?
Why do you want to work here?
Tell me about yourself.
What did you do to prepare for this interview? This should include everything including initial research, reading SEC filings, reviewing product and service offerings, looking at geographic reach, speaking with company employees, what content studied, how you practiced for interviews and what that content covered, and anything else you did you to prepare. This question could actually be the only question you get asked.
What will you accomplish in your first 30/60/90 days here? Prepare for this question after researching the company and building out a plan that covers each 30-day block in the first quarter you will work there. Easier said than done!
What is your biggest strength and weakness? Do not say you work too hard even if you think you do. What you actually probably do is work very well in sprints which means you are very good at project-ized work rather than marathon grinds. If your biggest strength is creativity, then your biggest weakness is probably being stuck in a repetitive environment in which case you talk about ways that you either find creativity within that environment or how you evaluate a position to see if it aligns with your creative personality.
What is an APT? Explain one framework that shows how any APT operates.
Tell me a story about recent *unclassified* APT activity and how it relates to a campaign.
Explain a current industry gap.
Tell me about a current or recent technical side project and/or your home lab.
This article will either provide you a review of cyber frameworks and case studies that you should know or orient you do the the cyber domain.
This article covers effectively three APT case studies, a recent vulnerabiltiy at the hardware layer, and both the ASD Essential 8 Maturity Model and MITRE ATT&CK Framework.
If you are new to the field, the above topics are good to know. If you've been here for a while you should be more than conversant in an APT case study, know what is going on in the cyber world this week, and know the frameworks very well.
Book 0x00: The Best Team Wins: Build Your Business Through Predictive Hiring by Adam Robinson
Why: Learn about interviewing and onboarding from the other side of the table. Get in their head, learn from them, figure out what makes them tick. Also, most likely after a year or two you will be the hiring manager and it’s good to get reps in now. This book also introduces the 30/60/90 day onboarding plan which is effectively the core of this program: defining the actions you need to take to show value earlier than your peers.
0. READ WELL. Frames the whole book and does it well
1. Come back later. Hiring managers should own the hiring process. "...human capital [is] the number one challenge facing [employers] today." Intelligence and attitude are more important than technical ability and job description.
2. Come back later. The hiring mindset. "Hiring is an exercise in risk management." "Super Elements: attitude, a sense of accountability, past related-job success, and cultural fit." One bad hire potentially costs more than multiple great hires.
3. Come back later. Where/how to source candidates. Looks at different recruiting and staffing models.
4. Come back later. Don't follow your gut on hiring: use a scorecard to help remove emotional decisions. What does an A+ candidate look like?
5. READ WELL. Resumes and phone interviews.
6. FOCUS HERE. "Dig Deeper" with in-depth interviews. More great interview questions, quantitative predictors of success (multi-measure tests versus MBTI), and using the 30-60-90 day plan at a litmus test.
7. Skim. Reference checks versus background checks, how to verify a candidate's performance.
8. READ WELL. Getting an offer.
9. READ WELL. Describes how onboarding should work which will help drive your own 30-60-90 day plan! Also sets the tone for retention.
Book 0x01: High-Impact Interview Questions: 701 Behavior-Based Questions to Find the Right Person for Every Job by Victoria Hoevemeyer
Why: Learn to tell your story. As you go through the 701 interview questions in this book, probably 6-8 stories from your career will keep reappearing. Those are the stories that you should know and be able to tell at a question's notice.
0. Come back later. Introduction
1. READ WELL. How interviewing works and some class interview questions.
2. READ WELL. Competency-Based Behavioral Interviewing and counter arguments
3. READ WELL. What to think about when interviewing. Great reference for questions you can ask interviewers during the "What questions do you have for me?" block and metrics to recon prior to interview. Plus legal boundaries for questions.
4. FOCUS HERE. All the interview questions! Actually 701 competency and behavioral based (CBBI) questions. First, read the first 1-2 questions in category. The goal here is to identify the 6-8 stories from your career that you can speak to from multiple angles.
5. READ WELL. Follow up questions
6. Skim. Distance interviews
7. Come back later. Building a script
8. Come back later. Putting the data together
9. Skim. Using CBBI in other places to drive value such as performance management
10. READ WELL. Advice, STAR
Book 0x03: The Simple Art of Business Etiquette: How to Rise to the Top by Playing Nice by Jeffrey L. Seglin
Why: Understand some of the cultural differences between the military and the “outside.” This book covers everything from body language to meetings to asking for a raise. Quick, easy, useful, well written.
1. The Best You
2. Office Culture
3. Rising to the Top
4. Tricky Stuff
Book 0x04: The First 90 Days: Proven Strategies for Getting Up to Speed Faster and Smarter, Updated and Expanded by Michael D. Watkins
Why: Good to Great page three identifies GE as “the best-led company in America at the end of the twentieth century.” The CEO, Jack Welch, ran the company during that period. Fortune Magazine calls him the “Manager of the Century.” This is his personal take on how to lead and the book is effectively an MBA in twenty short chapters.
0. Business is a game, and winning that game is a total blast!
1. Mission, values, details
2. Your biggest enemy is how you communicate
3. Invest where payback is highest and cut everything else, differentiation
4. Let them speak
5. Focus: Eight rules of leadership
6. Acid tests, 4P&1E
7. Six practices to success with first being elevate HR to position of power
8. Firing and the three biggest mistakes
9. Four practices for change
10. Five assumptions for crisis management
11. FOCUS HERE. Strategy IS the game and it changes rapidly
12. Advocating for your budget
13. Growing within organically and avoiding common pitfalls
14. Executing mergers and adapting to change
15. Embrace Six Sigma if it applies
16. Evaluating yourself to try and find the right job
17. Staying competitive for promotion (it's not about the gas)
18. What if you get a bad boss?
19. Work life balance. Figure it out early
Book 0x08: Work Rules!: Insights from Inside Google That Will Transform How You Live and Lead by Lazlo Bock
Why: Lazlo was the Senior Vice President of People Operations at Google. This is his book full of the lessons he learned managing super high performing technical people. You’d be silly not to learn from him.
0. Frames the whole book and does it well
1. You make your culture
2. Culture trumps strategy
3. FOCUS: Why hiring is the most important aspect in a company
4. How to find the best talent
5. Instincts do not not work: evaluate
6. Balance management and team-led problems
7. Focus on building people
8. Focus on the top 5% and bottom 5%
9. Grow from within
10. Pay your top performers top salary
11. The process is repeatable
12. Communicate well and design for success
13. Lessons learned and how to avoid them
14. Starting the transformation today
Steps to Get Out
This guide is meant as a reference. If you find errors or omissions or notes that you think are important for the people who follow you to know, please take notes and let us know. We consider this a living document.
Over a year out, start looking for mentors, coaches, and communities that will help you transition. You know: like Rainier Cyber.
Get your wills, powers of attorneys, and other legal documents knocked out while you have access to free legal assistance.
About a year out, pull your medical records and find a VSO (Veterans Service Organization) that will help you navigate the VA.
If you are ETSing or going through UQR, schedule your VA medical evaluation at a convenient time.
Start researching things like insurance plans (HMO vs PPO).
SFL-TAP: Soldier for Life - Transition Assistance Program. You can schedule this up to one year out from ETS date. Clearing SFL-TAP is required to get orders/clearing papers and unlocks multiple other opportunities such as internships (Rainier Cyber can help secure internships).
SFL-TAP in-brief (pre-separation and initial counseling): You can either do the in-brief physically in person or through schedule to join their conference call. This in-brief is where you start the SFL-TAP process. You cannot schedule anything else (like the DOL workshop) without this inbrief. The in person option can have a three-month wait to start depending on post. The phone option usually has space within a week. You can schedule your conference call in-brief at the 24-hour SFL-TAP hotline at 1-800-325-4715.
SFL-TAP Class COA 1 – This is the best option. Go in-person to all five days, Monday to Friday. Uniform is professional business attire. The middle three days (Wednesday-Thursday) is the DOL Workshop. There are some good nuggets here and a lot of dedicated time to work on your resume, LinkedIn profile, personal statement, and just general time dedicated to some reflection and figuring out what you want to do when you get out.
SFL-TAP Class COA 2 - Do your in-brief and then you can schedule the 5-day program. Go first day and last day. You can get excused from the DOL workshop when a company wants to hire you and gives you an offer letter. We recommend you physically go to the DOL workshop but we want you to know that this is an option.
SFL-TAP COA 3 - Complete initial counseling and then complete the SFL-TAP Class Days 1&5 online at JKO (See COA 2 for info about the DOL workshop). Check to ensure the following JKO list is current! JKO SFL-TAP Equivalency
SFL-TAP close out - at the end of the 5-day course, you either have to schedule an out-counseling with your SFL-TAP counselor. Often this takes 4-6 weeks to get on their calendar. The alternate option is to complete Individual Transition Plan (ITP) sections 1, 2, and 6, make a note of your company commander’s email address, and then call the SFL-TAP 24-hour counseling hotline at 1-800-325-4715. The hotline can click the button that sends the DD2648 to your company commander for signature that completes SFL-TAP. SFL-TAP is congressionally mandated so service members must complete it. Your unit legal should do Post Government Service Employment Restriction Counseling at this time but expect to drive that process yourself. See below.
In this stage, review your SRB (ERB/ORB) and make sure it’s up to date! The SRB is what the Transition Office uses to generate your DD-214. This is especially true for combat deployments. They will NOT accept orders as proof of deployment, they only accept a deployment if listed on SRB.
Transition Award - you can start this award as soon as you have your ETS date. This award covers every duty position for your entire Army service. MSMs are not uncommon for SFC/CPT and above but require a GO signature so plan on additional time. You earned this.
Household goods - You can start this before closing out. The Army will only pay to move your things as far as your home of record. Anything past that you have to pay additional fees. After complete, you cannot submit your voucher until AFTER your final ETS/Retirement day.
Leave Form - You can start this as soon as you have your ETS date. To determine the number of leave days authorized days equals
MOD[(current days accrued)-(planned absences prior to final out)+2.5*(months of service remaining)]
Or just use 2.5days per month and round DOWN. (ex: 31.5 days -> 31 days)
Clear CIF - You can clear CIF whenever your commander is willing to take the risk of giving you an early turn-in memo. This memo must include the exact item, quantity, and NSN you are attempting to turn in. More likely, you will have to wait until you have orders. This can be one of the most stressful parts about clearing so attempt early and often until you are complete. CIF requires you schedule a turn-in block for bulk turn-in so schedule as early as possible.
Clear Unit - You must pick up clearing papers at the unit before picking up papers at the Welcome Center. Then you have some flexibility on your clear unit schedule but will touch the unit a few times while clearing post.
Clear Post - You will go back to the unit for some of this and especially at Brigade S1 for the PERSTEMPO. You can’t clear the Welcome Center without an updated PERSTEMPO.
Post Government Service Employment Restriction Counseling - This is probably not included in clearing. You will need an Ethics Letter from Designated Ethics Official (DEO). Fill out DD-2945 and take your last NCOER/OER to unit legal for help with your Ethics Letter. This letter outlines your left and right limits and any cool off periods you might have after leaving the military.
After clearing finance, you clear the Transition Center. This is where you get your DD-214, American Flag, etc. Bring your ORB to help make corrections There are multiple versions of the DD-214. There’s the Form 1 (Short Form) and the Form 4 (long form). It’s important to know that you cannot get another copy of the DD-214 Form 4. Immediately copy, scan, and secure. Additionally, any municipalities require a DD-214 paper copy for benefits. Any FOIA request about you at one of these municipalities will release your DD-214 with essentially your entire identity attached. Recommendation: credit monitoring!
Final Out - After you clear the Welcome Center (Finance, etc), your actual final out is with your unit. This is probably with your unit S1. They sign, you drive. It’s time to start your next career.