Skip to main content

LinkedIn Emails

Receiving mails via LinkedIn is an interesting experience. For example, how many folk actually personalise "contact requests" - from what I see, less than 1%. I typically try to because I think it shows some thought has gone into the request and it's friendly, but then "manners" on the Internet is a very different thing to the real world, right ;-)

Anyway, to the point of the blog post. In early November (2012), whilst I was preparing my Security Onion presentation for IrissCon (why did I bother when my MBP died on-stage), I received a very interesting and personal email via LinkedIn. The email came from a "Senior International Belief Instigator" (let's call him the SIBI - to save me typing) at Riot Games and the email was literally awesome, it hit many of the key points that you'd hope for in a recruiter email but it also had a wonderful tone. In my ignorance, I knew of League of Legends but not Riot (yes, I am embarrassed by that). I receive a lot of mails (some from so-called "top" tech companies) through LinkedIn that resemble mass mailings or show that the recruiter has done no researched, however, this mail showed that he had
  • researched my background
  • seen what I had or hadn't done in the past
  • developed a feeling for what I might like to do and I guess, developed an inkling that I may not be doing what I truly "loved"
To cut a long story short, I said (twice)

"No, thanks, sounds great but I'm not interested. I've a lot to do here where I am now."

but was eventually given the line that gets most people,

"Sure, why don't we just meet for a pint in Dublin!"

I then started doing my research, checking out the game and learning about eSports (I knew it existed but I'd no idea of the sheer size and the incredible growth) - I gradually became very excited. So on the night of the 2012 Riot Games Christmas party, I had a pint and learned a lot about the technical and engineering challenges that Riot were and are facing. I left that pub feeling like a kid in a candy store or something like that :p

Over the course of the next 6 months, I chatted to many folk within Riot (primarily on the Operations and Security teams and the SIBI, of course) and this included a very quick trip to LA for a round of interviews and dinner. That candy store soon grew to something like this - 


So despite being pretty happy in 10gen, witnessing remarkable growth, learning MongoDB, developing a security awareness/educational program and helping drive new security features, something was missing and my heart was pointing towards the challenges at Riot. 

To be honest, the overall interview/headhunting process was pretty unreal and I feel incredibly lucky and humble that Riot chose to talk with me and see if I was a fit. The one thing that struck me throughout the process (and this is very abnormal for many "awesome" techies) is how un-arrogant or humble everyone whom I talked to was. Don't get me wrong, I was drilled and I had some tough questions but the atmosphere was welcoming and relaxed (the 48 hour round-trip to LA was memorable and without jetlag).

Now I keep thinking,

"I get to play computer games at work"

Tomorrow (15th May, 2013) is day "numero uno" of many I hope and yep, I'm a little nervous but man, so excited! In my opinion, I think there are few morals to the story - 
  • Answer those LinkedIn mails, you never know what might happen.
  • If you're a recruiter, do your research and personalise your communication. You never know what might happen, plus a pint is always a good start (well, in Ireland anyway).
  • There are some cool technology jobs at the minute and luckily, for me, some are in Dublin :)
  • I'm incredibly lucky (currently waiting for someone to wake me up with a kick to the balls) and I'd two great companies who wanted me to work for them. Thanks to both 10gen (Meghan - I'm still going to do that Kerberos blog :) ) and Riot!
  • I can be bribed with a 


Comments

  1. Most interesting. I also got my current job via LinkedIn, in very similar fashion.

    I wasn't familiar with Halock, but had carved out a little niche for myself as the minor duchess of infosec recruiting in the big chop-shop IT staffing firm I worked for at the time, and I always wished I could officially specialize in infosec recruiting. My now-boss made initial contact with me because of a comment I'd made in a pentesting group - something about how C|EH certifications were overrated, I think! - and asked if I was interested in a recruiting role.

    No way, I said. Cool company, but you're in Schaumburg. I'm a Chicago girl who's never had a driver's license and has no plans to get one.

    I'd also never been really courted by a company before - nor worked in a candy shop.

    Seven interviews, two attempts at the road test, a new Fiat and yes, a pint or two later, and I'm coming up on a year in my dream job.

    You never know.

    ReplyDelete
    Replies
    1. Cool, thanks for sharing Eve :) It's great to hear you also had a pint or two, I'm delighted you liked the post.....woot :p

      The other interesting thing I forgot to mention is that amount of recruiters who ignore the candidate after the initial refusal has to be over 90%. Thankfully Riot didn't pay attention to the initial refusal :)

      Delete
  2. Any chance you could describe in a bit more detail what your LinkedIn account looked like? Was there a great deal of info on it or was it just because you worked for that company that you got the interest?

    Thanks in advance

    ReplyDelete
    Replies
    1. My LinkedIn profile is pretty detailed and fairly professional, however, it's far from the most professional. I genuinely don't think working at 10gen had any major influence over Riot being interested in me. *I believe* it was the stuff that I did *outside* my job, such as:

      - the blogging

      - the GIAC GSE (this was quite big to a few of the guys)

      - the presentations that I did at conferences or meetups (they could view them on slideshare or speakerdeck)

      - HackEire (as a CTF, it really is a great example of gamification)

      The "Belief Instigator" (that is a joke btw) that I referred to basically found me by searching for someone supposedly with security skills (living in Ireland) who contributed to the community, came across as passionate and humble. I have been told that he then researched further and the more he found by researching me on the Internet, the more he liked. I have never found anyone to do recruitment like Riot.

      So in summary, it's my belief that LinkedIn was primarily used as means to contact me, some minor research and then a reference point for others within Riot to review what I have or haven't done.

      Does that help?

      Delete
  3. Insightful and genuine as always. The very best of luck, (not that you'll need it). Remember the answer to any question is sharding!

    ReplyDelete
  4. Great post, and congratulations on the new gig! I hope to bribe you with a Guinness in the near future, for no reason other than because I'm sure I owe you one.

    ReplyDelete
    Replies
    1. Thanks James, I think you're ok on the pint :)

      Delete
  5. Same story, same SIBI, totally true. :-)

    Welcome Mark!

    ReplyDelete

Post a Comment

Popular posts from this blog

Being a Support Engineer @ 10gen - Part 1

There's a mis-conception around the role of a "Support Engineer".  As a clue, it's not what Urban Dictionary   says   - A person whose job is to answer calls from customers of a small- to large-sized company...... They are teathered to a their desk all day via phone headset........ phone jockeys usually hate their jobs.......they are are paid well enough..........until they completely burn out, and hate everyone.   and doesn't always involve this - Image Source: http://half-bakedbaker.blogspot.ie/2009/11/cannoli-and-broken-computer.html As you can see  here , there's lots of open roles in  10gen  and more specifically with 10gen, in  Dublin . I thought I'd write this quick blog to explain what Support Engineers actually do and why I joined 10gen as a "Support Engineer". I could be wrong but didn't Google come up with term " Site Reliability Engineer " to do away with the stigma associated with being a

What's the point of (InfoSec) Certifications?

Quite recently, my GSE was up for renewal. I'm currently in the middle of transporting my family to another continent and I've slightly more responsibilities work-wise in 2016 versus 2012. However, given the effort and study that it took to get the cert the first time (and to a lesser degree the expense), I figured it was a no-brainer to renew. For me, I've always been a huge fan of the GSE and considered it the epitome of InfoSec certifications, much like the CCIE for (Cisco) networking. Personally, I learn better by "doing" and consider it as the evidence that someone knows their stuff so the "2-day lab" element in the GSE was a both a huge goal and challenge that I was excited about. I talked about the value of "doing" when trying to learn about yourself previously here with the infamous Security Ninja and here on my own blog so there's no point in repeating myself. When I did the GSE, I absolutely loved the hands-on lab mo

Start-Up Security

After many years in Security @ Riot Games and eventually putting the "s' out there, I recently decided to jump out of my comfort circle for a new challenge and joined a   start-up   (yes, I left a comfortable, stable job in a pandemic, lunacy lol). Now that I've been here almost 6 months, I wanted to share some findings because security at a start-up is significantly different.  When you join a start-up, there's going to be so much that you can do and it will be incredibly easy to "boil the ocean", and try to fix everything. At best, this guarantees failure for the Security team, at worst, alienation from the engineering and product teams. There are some obvious quick wins that a Security team can make without slowing down iteration and innovation speed, while also reducing risk: Auth  Partner with Engineering/IT/CTO such that there's alignment on Security owning all things "auth(n|z)".  As part of this ownership, you need to be prepared to resp