ISSA-LA November Virtual Monthly Meeting 2020 – Cyber Security hiring in a pandemic

Hiring in the age of a pandemic from 3 different perspectives: agency recruiter, internal recruiter & hiring manager.

Moderator:

Kris Rides – CEO at Tiro Security

Kris has been working in tech recruiting for over 20 years and founded Tiro Security a specialist cyber security staffing and professional services firm in 2012.  He is a founding Board Member of the Southern California Cloud Security Alliance Chapter and serves as an advisory board member to the National Cybersecurity Training & Education Center (NCYTE). When it comes to cyber security staffing Kris is recognized as one of the most experienced specialists in the industry, he has spoken at some of the most prestigious conferences in our industry including DEFCON, RSA, BSidesLV and the ISC2 Congress. When not he isn’t working, Kris is looking forward to a time when his daughter is old enough so that family holidays can involve snowboarding and scuba diving with sharks.

Panelists:

Agency recruiter

Chrissy Morgan – Senior Consultant at Tiro Security

Chrissy Morgan is a specialist Cyber Security Recruiter with Tiro Security, based in Los Angeles but covering positions all over the U.S.A. for multiple clients.  She has been recognized for her focus on Diversity & Inclusion, maintaining quality relationships as well as her consultative approach to matching great candidates to great careers. If you or a friend are seeking a change, contact Chrissy via LinkedIn: https://www.linkedin.com/in/chrissy-morgan/ or email her on: [email protected].

Internal recruiter

Merissa Villalobos – Recruiter at Tanium

Merissa has been a cybersecurity recruitment professional for over 11 years. She has built a national Talent Acquisition department from the ground up, she has managed a recruiting team that provided global support for the largest (purely) security consulting firm in the world and now recruits for Tanium, the world’s only real-time endpoint communications platform for the enterprise. Merissa started her career in the DC/MD/VA area at a Federal Government contractor, where she recruited for the intelligence community and various Federal Government agencies. When she moved back to soCal, she worked at a staffing agency, where she recruited for the Military, Government agencies and tech giants like Google. After her short stint there, she became a Talent Acquisition Leader for 2 consecutive security consulting firms and played a key role on the HR team in managing the contingent workforce, leading diversity recruitment, diversity recruitment programs, developing workforce plans and being a strategic recruitment partner. Merissa is on the Leadership Team for WSC (Women’s Society of Cyberjutsu) for the soCal chapter, she was a former Board Member for ISSA Los Angeles and helps plan career villages for local events like ShellCon and LayerOne. In 2018, she delivered a talk at ShellCon, called “Wecurity” to provide some data-based insight on diversity and the value it brings to an organization. Merissa is also an ongoing resume reviewer for BSides Las Vegas, Defcon’s first Career Hacking Village and she was a volunteer for Day of Shecurity. She has also been featured in a Security Weekly interview with Paul Asadoorian where they discussed WSC and building a more inclusive and diverse cybersecurity workforce and recently she spoke on a recruiter panel for BIC (Blacks in Cyber).

Hiring Manager

Andy Grant – Head of Offensive Security at Zoom

Andy Grant is the Head of Offensive Security at Zoom. He has more than a decade of professional experience in offensive security, and two decades of involvement in computer security. His team at Zoom is responsible for finding security vulnerabilities in the company and its products, which involves conducting security assessments, performing vulnerability research, and engaging with third-party security vendors. He is also responsible for building out a dedicated red team and leading purple team exercises.

Prior to Zoom, Andy was a Technical Vice President for NCC Group and worked on a wide variety of projects over his twelve years with the company. He performed countless application assessments across many platforms and systems. He also conducted internal and external network penetration tests, architecture and design reviews, and threat modeling exercises. Andy worked with small tech start-ups, small and large software development groups, and large financial institutions. At times, he was embedded in corporate security programs for multiple months to provide ongoing security guidance and program/process improvements.

Prior to working at iSEC Partners (acquired by NCC Group), Andy was part of a three-person team that developed the security application that became the foundation for Dasient, a dynamic, behavioral-based engine to defend web sites against attacks and malware. He has a B.S. in Computer Science and an Advanced Computer Security Certificate, both from Stanford University.