Photo by Blake Cheek
We help companies find you! That's what we do. How we do it is a little different. The competition prepares you for the interview. We do that as well, but we give you a lot more homework!
As a recruiting firm we technically work for the company that hires you: the company pays us, not you, and what they pay us has no impact on you whatsoever. That is their cost of doing business.
We work at the national level. We might not have connections in your target area, but we will work to build connections to help you transition. Those of you on Active Duty have a long lead time which is a huge benefit!
We watched some of our best peers transition out of the Service and the standard recruiting firms just didn't know what to do with them. They struggled. And that hurt. A lot. Other firms put them in programs that neither fit their skills, nor maximizes their value. Both parties left money on the table. We figured we could do it better and a year later, we think we are! We are building the network you want and need and we have listened and implemented your feedback which literally meant going back to the drawing board and re-writing our business plan. This business started as a way to help our friends and we have evolved from there into something we certainly think you would like to join!
And since we put our money where our mouth is, we will continue to publish/open source most of our candidate-focused intellectual property here so you can share it with the rest of the community. Because if the community succeeds, we all win.
Download and use this resume template. (Also, never enable macros). This template contains the scar tissue from reading literally thousands of resumes and reviewing almost every current resume book on the market and hits the center of the Venn Diagram that is the non-science art of selling yourself in a couple piece of paper.
General guidance: Utilize the following points. They will help for a number of reasons ranging from making sure an ATS does't just drop your resume because it can't read it to making sure junior HR professionals read the right content.
General guidance: Put the most important section, bullet, or list item first. If a bad recruiter only reads one thing, what do you want them to read?!
General guidance: use the same font throughout.
General guidance: Use the Oxford comma. Oxford commas help readers differentiate between list items. Your resume is a list of lists. You may revert to serial commas for your side gig writing in prose.
General guidance: From Laszlo Bock, the former lead talent officer at Google: "When it comes to resumes, Bock says, substance definitely matters more than style. He'd definitely prefer to see a simple, traditional, perfectly formatted resume than something creative that’s tough to read. “Unless you're applying for a job such as a designer or artist, your focus should be on making your resume clean and legible,” he writes." This quote is by The Muse Editor available at https://www.themuse.com/advice/5-huge-resume-mistakes-googles-head-of-hr-sees-all-the-time
Header: Do not put your actual address: Just city and state.
Header: List available date or timeframe
Header: List any clearances
Header: List how relocatable you are
Body: Each bullet should be in the VAR format [PAST TENSE VERB] + [ACTION] + [RESULT] and be as quantitative as possible
Body: Each line needs to be a full line: either 3 or 4 lines, NOT 3.5 lines
Body: Again, put the most important bullet first!
Body: One-year jobs get at most three bullets. Five-year jobs can have up to six. Write short.
When writing a resume there are four audience to consider:
Applicant Tracking Systems: A Gatekeeper. You probably hate these. Rightly so. These are the robots that look at your resume and see if you are a fit. Many ATSs have hard time understanding columns so...avoid columns. See above. They also do not understand what a "Code Ninja" is so please use industry terms like "Senior Developer."
The junior recruiter / reviewer: A Gatekeeper. This is the HR guy that has been there a couple years and still has no idea about what it is you actually do. He thinks that Sec+ and OSCE are industry equivalents because OSCE is just another industry certification. To really get through to these people, you need to list not just the certification but also the things you learned in the certification. Example: during OSCP you will probably use nmap, Immunity Debugger, Ollydbg, Python, Ruby, and maybe reflective DLL injection so list those things as well.
The senior recruiter: This lady actually reads your resume and possibly hands it over to the hiring manager. This can be either a company internal recruiter or a recruting firm, by the way. Hopefully the senior recruiter actually has a technical background or enough time in the industry to understand your daily trials and tribulations and should definitely know the difference between CEH and CISSP.
The Hiring manager. This lady decides if you get the job and will probably be your boss. Everyone else you talked with what just a stumbling block designed to prevent access to her. She can see through your BS. She will probably ask you about everything on your resume so if you list a skill on it that you have not looked at in a while, grab a beer and a skill cheatsheet and study a bit before she calls you.
For more info on the Four Audiences, check out the 2018 Ladder's Resume Guide by Marc Cenedella.
Basic Interview Questions
Know the answers to these questions at a minimum. Each technical pipeline has its own questions.
What salary would you need to work here?
Explain the model of what happens when you type in example.com (or google.com) into a browser and hit enter?
This is FAR more than just explaining DNS!
Be prepared to pick up a marker and walk to a whiteboard for this question.
As you walk through your explanation, talk about the assumptions you make: type of machine on which you press enter, operating system, browser variant, tab virtualization, etc. A great place to start is to assume that you start with a completely fresh install on an enterprise thin client that is properly physically connected, has joined the domain, and has no cache.
This question should take at least 45 minutes to explain and requires you to explain how an application works, how an operating system works, how the processor interacts with system interrupts and the stack/heap, how an ethernet frame is built from an application request, the difference between IPv4 and IPv6, virtualization, load balancing, ARP requests, DNS transfer type, application and network internal caching, CAM tables, routing, firewalls, TCP, IDS/IPS, client-server communication, 302 redirects, http vs https, TLS/SSL, html rendering, different routing protocols, and many, many other things.
At each step you need to annouce your series of assumptions and explain why you are choosing to explain a particular branch: At this point we'll assume there is no network internal caching server that might respond so now I'll explain X.
Now that you explained the model for what happens when you hit enter, how would you break that model?
Since you proposed how to break the model, how would you defend against your proposed break?
What did you do to prepare for this interview?
This should include everything including initial research, reading SEC filings, reviewing product and service offerings, looking at geographic reach, speaking with company employees, what content studied, how you practiced for interviews and what that content covered, and anything else you did you to prepare. This question could actually be the only question you get asked.
What will you accomplish in your first 30/60/90 days here?
Prepare for this question after researching the company and building out a plan that covers each 30-day block in the first quarter you will work there. Easier said than done!
How will hiring you increase our bottom line?
What is your biggest strength and weakness? Do not say you work too hard even if you think you do. What you actually probably do is work very well in sprints which means you are very good at project-ized work rather than marathon grinds. If your biggest strength is creativity, then your biggest weakness is probably being stuck in a repetitive environment in which case you talk about ways that you either find creativity within that environment or how you evaluate a position to see if it aligns with your creative personality.
What is an APT? Explain one framework that shows how any APT operates.
Tell me a story about recent *unclassified* APT activity and how it relates to a campaign.
Explain a current industry gap.
Tell me about a current or recent technical side project.
Questions you can ask at the end of the interview!
How can I improve my interview?
What about the company or market keeps you up at night?
Why do you keep coming in to work in the morning?
I was looking over your annual SEC filings (10k) and I noticed that the company mission statement does not quite match up with the mission statement on the website. Could you help me understand the company's mission?
What is your favorite product/service at our company and why?
Is there any mandatory reading for the company or this position? If not, what could you recommend I study between now and a potential start date?
Could you give me feedback on my interview?
We are currently in the process of open-sourcing the entire candidate program.
This article will either provide you a review of cyber frameworks and case studies that you should know or orient you do the the cyber domain.
This article covers effectively three APT case studies, a recent vulnerabiltiy at the hardware layer, and both the ASD Essential 8 Maturity Model and MITRE ATT&CK Framework.
If you are new to the field, the above topics are good to know. If you've been here for a while you should be more than conversant in an APT case study, know what is going on in the cyber world this week, and know the frameworks very well.
Book 0x00: The Best Team Wins: Build Your Business Through Predictive Hiring by Adam Robinson
Why: Learn about interviewing and onboarding from the other side of the table. Get in their head, learn from them, figure out what makes them tick. Also, most likely after a year or two you will be the hiring manager and it’s good to get reps in now. This book also introduces the 30/60/90 day onboarding plan which is effectively the core of this program: defining the actions you need to take to show value earlier than your peers.
0. READ WELL. Frames the whole book and does it well
1. Come back later. Hiring managers should own the hiring process. "...human capital [is] the number one challenge facing [employers] today." Intelligence and attitude are more important than technical ability and job description.
2. Come back later. The hiring mindset. "Hiring is an exercise in risk management." "Super Elements: attitude, a sense of accountability, past related-job success, and cultural fit." One bad hire potentially costs more than multiple great hires.
3. Come back later. Where/how to source candidates. Looks at different recruiting and staffing models.
4. Come back later. Don't follow your gut on hiring: use a scorecard to help remove emotional decisions. What does an A+ candidate look like?
5. READ WELL. Resumes and phone interviews.
6. FOCUS HERE. "Dig Deeper" with in-depth interviews. More great interview questions, quantitative predictors of success (multi-measure tests versus MBTI), and using the 30-60-90 day plan at a litmus test.
7. Skim. Reference checks versus background checks, how to verify a candidate's performance.
8. READ WELL. Getting an offer.
9. READ WELL. Describes how onboarding should work which will help drive your own 30-60-90 day plan! Also sets the tone for retention.
Book 0x01: High-Impact Interview Questions: 701 Behavior-Based Questions to Find the Right Person for Every Job by Victoria Hoevemeyer
Why: Learn to tell your story. As you go through the 701 interview questions in this book, probably 6-8 stories from your career will keep reappearing. Those are the stories that you should know and be able to tell at a question's notice.
0. Come back later. Introduction
1. READ WELL. How interviewing works and some class interview questions.
2. READ WELL. Competency-Based Behavioral Interviewing and counter arguments
3. READ WELL. What to think about when interviewing. Great reference for questions you can ask interviewers during the "What questions do you have for me?" block and metrics to recon prior to interview. Plus legal boundaries for questions.
4. FOCUS HERE. All the interview questions! Actually 701 competency and behavioral based (CBBI) questions. First, read the first 1-2 questions in category. The goal here is to identify the 6-8 stories from your career that you can speak to from multiple angles.
5. READ WELL. Follow up questions
6. Skim. Distance interviews
7. Come back later. Building a script
8. Come back later. Putting the data together
9. Skim. Using CBBI in other places to drive value such as performance management
10. READ WELL. Advice, STAR
Book 0x03: The Simple Art of Business Etiquette: How to Rise to the Top by Playing Nice by Jeffrey L. Seglin
Why: Understand some of the cultural differences between the military and the “outside.” This book covers everything from body language to meetings to asking for a raise. Quick, easy, useful, well written.
1. The Best You
2. Office Culture
3. Rising to the Top
4. Tricky Stuff
Book 0x04: The First 90 Days: Proven Strategies for Getting Up to Speed Faster and Smarter, Updated and Expanded by Michael D. Watkins
Why: Good to Great page three identifies GE as “the best-led company in America at the end of the twentieth century.” The CEO, Jack Welch, ran the company during that period. Fortune Magazine calls him the “Manager of the Century.” This is his personal take on how to lead and the book is effectively an MBA in twenty short chapters.
0. Business is a game, and winning that game is a total blast!
1. Mission, values, details
2. Your biggest enemy is how you communicate
3. Invest where payback is highest and cut everything else, differentiation
4. Let them speak
5. Focus: Eight rules of leadership
6. Acid tests, 4P&1E
7. Six practices to success with first being elevate HR to position of power
8. Firing and the three biggest mistakes
9. Four practices for change
10. Five assumptions for crisis management
11. FOCUS HERE. Strategy IS the game and it changes rapidly
12. Advocating for your budget
13. Growing within organically and avoiding common pitfalls
14. Executing mergers and adapting to change
15. Embrace Six Sigma if it applies
16. Evaluating yourself to try and find the right job
17. Staying competitive for promotion (it's not about the gas)
18. What if you get a bad boss?
19. Work life balance. Figure it out early
Book 0x08: Work Rules!: Insights from Inside Google That Will Transform How You Live and Lead by Lazlo Bock
Why: Lazlo was the Senior Vice President of People Operations at Google. This is his book full of the lessons he learned managing super high performing technical people. You’d be silly not to learn from him.
0. Frames the whole book and does it well
1. You make your culture
2. Culture trumps strategy
3. FOCUS: Why hiring is the most important aspect in a company
4. How to find the best talent
5. Instincts do not not work: evaluate
6. Balance management and team-led problems
7. Focus on building people
8. Focus on the top 5% and bottom 5%
9. Grow from within
10. Pay your top performers top salary
11. The process is repeatable
12. Communicate well and design for success
13. Lessons learned and how to avoid them
14. Starting the transformation today
Steps to Get Out
This guide is meant as a reference. If you find errors or omissions or notes that you think are important for the people who follow you to know, please take notes and let us know. We consider this a living document.
Over a year out, start looking for mentors, coaches, and communities that will help you transition. You know: like Rainier Cyber.
About a year out, pull your medical records and find a VSO (Veterans Service Organization) that will help you navigate the VA.
Start researching things like insurance plans (HMO vs PPO).
SFL-TAP: Soldier for Life - Transition Assistance Program. You can schedule this up to one year out from ETS date. Clearing SFL-TAP is required to get orders/clearing papers and unlocks multiple other opportunities such as internships (Rainier Cyber can help secure internships).
SFL-TAP COA 1 – First go to the SFL-TAP in-brief. You watch a video and then can schedule the 5-day program. Go in-person to all five days if possible. Uniform is professional business attire. Wednesday-Thursday is the DOL Workshop. There are some good nuggets here and a lot of dedicated time to work on your resume and LinkedIn profile.
SFL-TAP COA 2 - First go to the SFL-TAP in-brief. You watch a video and then can schedule the 5-day program. Go first day and last day. You can get excused from the DOL workshop when a company wants to hire you and gives you an offer letter.
SFL-TAP COA 3 - Complete Days 1&5 online at JKO. They are listed below. Check for updates: JKO SFL-TAP Equivalency
SFL-TAP close out - at the end of the 5-day course, you either have to schedule an out-counseling with your SFL-TAP counselor. Often this takes 4-6 weeks to get on their calendar. The alternate option is to complete Individual Transition Plan (ITP) sections 1, 2, and 6, make a note of your company commander’s email address, and then call the SFL-TAP 24-hour counseling hotline at 1-800-325-4715. The hotline can click the button that sends the DD2648 to your company commander for signature that completes SFL-TAP. SFL-TAP is congressionally mandated so service members must complete it. Your unit legal should do Post Government Service Employment Restriction Counseling at this time but expect to drive that process yourself. See below.
In this stage, review your SRB (ERB/ORB) and make sure it’s up to date! The SRB is what the Transition Office uses to generate your DD-214. This is especially true for combat deployments. They will NOT accept orders as proof of deployment, they only accept a deployment if listed on SRB.
Transition Award - you can start this award as soon as you have your ETS date. This award covers every duty position for your entire Army service. MSMs are not uncommon for SFC/CPT and above but require a GO signature so plan on additional time. You earned this.
Household goods - You can start this before closing out. The Army will only pay to move your things as far as your home of record. Anything past that you have to pay additional fees. After complete, you cannot submit your voucher until AFTER your final ETS/Retirement day.
Leave Form - You can start this as soon as you have your ETS date. To determine the number of leave days authorized days equals
MOD[(current days accrued)-(planned absences prior to final out)+2.5*(months of service remaining)]
Or just use 2.5days per month and round DOWN. (ex: 31.5 days -> 31 days)
Clear CIF - You can clear CIF whenever your commander is willing to take the risk of giving you an early turn-in memo. This memo must include the exact item, quantity, and NSN you are attempting to turn in. More likely, you will have to wait until you have orders. This can be one of the most stressful parts about clearing so attempt early and often until you are complete. CIF requires you schedule a turn-in block for bulk turn-in so schedule as early as possible.
Clear Unit - You must pick up clearing papers at the unit before picking up papers at the Welcome Center. Then you have some flexibility on your clear unit schedule but will touch the unit a few times while clearing post.
Clear Post - You will go back to the unit for some of this and especially at Brigade S1 for the PERSTEMPO. You can’t clear the Welcome Center without an updated PERSTEMPO.
Post Government Service Employment Restriction Counseling - This is probably not included in clearing. You will need an Ethics Letter from Designated Ethics Official (DEO). Fill out DD-2945 and take your last NCOER/OER to unit legal for help with your Ethics Letter. This letter outlines your left and right limits and any cool off periods you might have after leaving the military.
After clearing finance, you clear the Transition Center. This is where you get your DD-214, American Flag, etc. Bring your ORB to help make corrections There are multiple versions of the DD-214. There’s the Form 1 (Short Form) and the Form 4 (long form). It’s important to know that you cannot get another copy of the DD-214 Form 4. Immediately copy, scan, and secure. Additionally, any municipalities require a DD-214 paper copy for benefits. Any FOIA request about you at one of these municipalities will release your DD-214 with essentially your entire identity attached. Recommendation: credit monitoring!
Final Out - After you clear the Welcome Center (Finance, etc), your actual final out is with your unit. This is probably with your unit S1. They sign, you drive. It’s time to start your next career.