From Security Recruiter to Vulnerability Analyst at Form3 

Our Security team work with the latest, cutting edge-technology on a custom-built platform that sets them apart from the rest. So, finding talented candidates who are well-versed in these areas can be a real challenge.  

I set myself the task of learning more about the technology used at Form3 and the domains that our Security team work within, so that I could get creative when sourcing and identifying talent that may otherwise have been missed.  

To do this I spent time with our Security team, asking (too many) questions to better understand the tech they use and the projects they are working on;.   

• What does this technology do?   
• Are there any other technologies that solve a similar problem?   
• Why is this technology suitable for a company like Form3?  

I then supplemented this knowledge by enrolling on several Udemy courses (thanks Form3 for providing me with unlimited Udemy access!) and attending in-person security events.  

This process not only expanded my knowledge of security- related technology , but it also helped me build strong relationships with Form3’s Security teams and gained a true appreciation for the incredible work they do.   

In attaining more security knowledge, I gained the trust of Form3’s Security teams. This made true collaboration possible, and really helped me provide a better recruitment experience for all stakeholders. By understanding what it meant to work at Form3, I could help define job specifications and set more realistic expectations with hiring managers around how long it may take to find the profile they were looking for.   

Over the time spent working with Form3’s Security team we’ve made incremental improvements to the recruitment process, specifically around how we assess candidates, the documentation to ensure consistency and sharing more information with candidates before and after interview. 

Equipped with the above meant I could get creative when sourcing, exploring avenues that I would not have known existed previously.   

As an example of this, rather than only reaching out to people that specifically mentioned Kubernetes on their profile or CV, I began to incorporate other terminology, methodologies and technologies into my searches that centred around container orchestration. This opened so many doors and allowed me to find many more relevant candidates.  

Once I had identified a potentially suitable profile, I could then utilise this knowledge to create custom outreach messages which I hoped would better attract the candidate's attention, and therefore make it more likely they would apply to Form3. The increase in response rate was also thanks to the engineers who I sat with and listened to as they spoke about the criteria, they have for messages that would warrant a response from them.   

The understanding I had of security practices meant I was able to provide candidates with an authentic and hopefully attractive overview of what life within Form3’s Security teams was really like during our introduction calls.   

I’d encourage anyone working in Talent to make the effort to really understand the areas they recruit into. Not only does it help with your personal and professional development, but it will massively improve your ability to deliver for your candidates and stakeholders.  

From the learning & development budget available to all employees and the educational materials we have access to, to the willingness of our Security teams to invest time in me to help my development, Form3 has enabled me to learn so much more than I ever thought possible. This also seems like an appropriate time to thank them for their patience and support throughout my time with Form3 so far!  

These learnings have not only helped me grow as a person but have also facilitated the next step in my career; a move into Form3’s SecOps team as a Vulnerability Management Analyst.   

I am incredibly grateful for the opportunity and extremely excited to start!