The Cyber Security Recruiter Podcast

The Cyber Security Recruiter Podcast

por Thomas Richard
The Cybersecurity Recruiter talks to Manal Iskander, Founder, PCtronics Managed IT, Security and Automation
AI-Native Cybersecurity, MSP Automation, and What Education Must Change Next - with Manal Iskander On the Cybersecurity Recruiter podcast, the host speaks with Manal Iskander, founder of PCtronics , co-owner of Green Shack Marketplace, and Marketing Lead at Fugazi about how AI and cybersecurity are now inseparable and how she’s using an AI-native, agentic software stack (including SuperOps, NinjaOne, SentinelOne, Huntress, and SharePoint-based automation) to speed onboarding, triage tickets, and generate monthly security and operations reporting that drives recurring revenue plus project work. She describes using a human-centered “double diamond” approach (discover, define, design, deliver) with governance and accountability to decide what to automate vs. keep human-in-the-loop, giving examples like overriding blocked logins for a traveling CEO. She discusses private equity buying MSPs based on MRR, her goal to build toward a much larger exit, and her July 30 keynote in Sacramento for California higher-education CTOs on standardized AI adoption, governance, curriculum shifts toward critical thinking, and risks like Anthropic’s “Mythos” zero-day tool. Book recommendations mentioned: “Abundance,” “The Human Fork Encoded,” and “The 80-Year Theory.” 00:00 Welcome and Introductions 00:28 Keynote and AI Security 01:51 Manel Background Story 03:25 Restaurants and Balance 04:47 Building an AI Native MSP 07:25 PBS Show Origin Story 09:47 Tech as Human Extension 13:54 Human in the Loop Security 15:19 Double Diamond Workflow 19:58 Automated Reporting Engine 23:20 Private Equity and Exit Plans 24:41 Leaving Reporting Teams 25:30 AI Tools For Operations 25:52 AI Boom For Business 26:57 Education Adapts To AI 30:18 Governance For Universities 31:30 Mythos Zero Day Fears 32:48 AI Geopolitics And Money 37:06 Human Fork And Cycles 40:22 Future Work And UBI 42:23 Keeping Up With Pace 43:42 July Keynote Preview 46:46 Adoption Divide And Wrap
The Cybersecurity Recruiter talks to Gary Piper, Marketing Director, Black Talon Security
Marketing, personal branding, and networking for cybersecurity careers with Gary Piper Tom introduces a delayed Cybersecurity Recruiter Podcast episode with Gary Piper, Marketing Director at Black Talon Security, and outlines Gary's career from graphic design and creative leadership into cybersecurity marketing. Gary discusses the growing need for clear cybersecurity marketing, emphasising the importance of understanding a company's story, purpose and differentiators, while learning technologies well enough to communicate them effectively. He also shares lessons from a layoff in 2018, including the importance of keeping your CV and portfolio updated, staying aware of market opportunities, and continually building relationships with recruiters and your network. For personal branding, Gary recommends understanding what motivates you, highlighting what makes you different, and being willing to experiment with new platforms and approaches. He also discusses the importance of emotional intelligence, mentorship, communication skills and face-to-face networking. Reading/learning recommendations from Gary: Crucial Conversations: Tools for Talking When Stakes Are High by Kerry Patterson, Joseph Grenny, Ron McMillan, and Al Switzler which is a program focused on handling difficult conversations, conflict resolution, and communication. Situational Leadership by Ken Blanchard, a leadership course about adapting leadership styles to different people and situations. Co-Active coaching training developed by Henry Kimsey-House, Karen Kimsey-House, Phillip Sandahl, and Laura Whitworth focused on active listening and professional coaching skills 00:00 Late release intro 00:49 Meet Gary Piper 02:14 From design to cyber marketing 03:36 Explaining cyber to buyers 06:03 Breaking into security 07:12 Networking that pays off 09:20 Staying job market ready 12:42 Personal branding basics 17:39 Brand building takes time 25:10 Healthy conflict at work 26:54 Communication over tech 27:42 Scaling team leadership 29:25 Should you lead? 31:00 Managing personalities 33:10 Remote work reality 36:37 Active listening coaching 38:06 Finding great mentors 40:12 Industry community vibes 41:50 Events and cyber risk 45:19 Recruiting meets marketing 47:01 Security marketing pitfalls 48:19 Final wrap up
The Cybersecurity Recruiter talks to Craig Adams, Chief Product Officer, Rapid7
Craig Adams on Building Security Products: Why Me/Why Now, AI-Driven Remediation, and Extreme Ownership Tom chats with Craig Adams, Chief Product Officer at Rapid7 and Board Member at Peak Metrics. Adams describes himself as a builder, focused on driving revenue growth through technology by avoiding innovation that isn’t leveraged and by anchoring product strategy in “why me, why now,” plus strong execution. They discuss how AI has improved risk identification and verdicting (e.g., faster pen-test-like assessments) but has worsened alert volume, shifting cybersecurity’s center of gravity to remediation and response, including granular, agentic actions beyond traditional SOAR rules. Craig discusses how rapid industry change shortens roadmap planning to roughly nine-month increments, and he shares hiring priorities: attitude, work ethic (intensity), and intelligence defined as curiosity. They cover mission-driven teams, repetition in culture, EQ over IQ in leadership, and Craig recommends the book “Extreme Ownership,” emphasizing ownership paired with action and learning. 00:00 Welcome and Friday Vibes 01:06 Craig Adams Background 01:51 Builder Mindset and Growth 03:05 Why Me Why Now 05:39 AI Finds Risk Faster 07:19 From Detection to Remediation 09:53 Completing the Workflow 13:36 Roadmaps in Rapid Change 15:52 Hiring for Curiosity 20:24 Humans Still Do Analysis 22:56 Disruption and Services Future 25:41 Mission Driven Teams 30:32 Repetition and Culture 33:19 EQ Over IQ Leadership
The Cybersecurity Recruiter talks to Dave Cronin, Founder & Managing Partner, Mission Security
AI’s Impact on Cybersecurity: SOC Automation, GRC Limits, and the Rise of Boutique Advisory Tom welcomes cybersecurity veteran Dave Cronin, founder of Mission Security and vCISO/Head of Cyber Services with CyberTrust Massachusetts, who recounts his path from technical roles and teaching ethical hacking to senior leadership and nuclear compliance work across U.S. power plants. They discuss AI as a pivot point in cybersecurity, accelerating both defense and attacks, including uncovering long-standing vulnerabilities. Dave argues AI is rapidly replacing repetitive SOC/MDR Level 1 triage tasks, contributing to consolidation, while human judgment remains critical for response actions and for gray-area domains like GRC where politics and control tradeoffs matter. They cover market pressures from private equity, ROI scrutiny, workforce cuts, and CISO role changes, alongside increased demand for go-to-market, customer success, and relationship-driven services. Dave advises embracing AI, learning prompting, specializing skills, and he describes helping small organizations and municipalities with compliance needs such as CMMC. 00:37 Dave Cronin Background 02:10 Nuclear Compliance Stories 04:51 Ethical Hacking Roots 06:10 AI Finds Old Flaws 06:31 SOC Automation Impact 11:12 Human Relationships Matter 13:23 GRC and AI Limits 14:59 AI ROI and Cost Cuts 17:37 CISO Role Shifts 20:56 Future of MDR Vendors 22:37 Anthropic and Legal Disruption 23:28 AI for Legal Tasks 24:51 Who AI Disrupts Next 25:08 Future Proof Security Roles 26:21 Go To Market Surge 26:49 Human Service Comeback 28:24 Career Advice Embrace AI 29:36 Prompting and Learning Tools 31:27 AI Clones and Trust 33:54 Day Job Mission Security 35:04 CMMC Compliance Reality 38:42 Small Teams with AI 40:15 Layoffs and AI Washing 42:09 CISO Pay Compression Risks 43:02 Closing Thoughts
The Cybersecurity Recruiter talks to Dale Hoak, Chief Information Security Officer, RegScale
In this Cybersecurity Recruiter podcast episode, Thomas chats with Dale Hoak, a former US Navy veteran who transitioned to the commercial sector and progressed from to senior director and now Chief Security Officer/CISO at RegScale. Dale explains that leaving the military is difficult because individuals must take ownership of healthcare, career planning, compensation negotiation, and resume-building, recommending an exit strategy starting two years before separation and seeking early help (including AI tools) while understanding one’s individual value. He credits his advancement to strong networks and mentors, hard work, and learning to understand business value and communicate cyber risk in non-technical terms to leaders and boards, using approaches like threat modeling and risk scoring. He discusses AI as a helpful but fallible tool requiring fact-checking, emphasizes continuous learning. Dale recommends as a starting point "The 7 Habits of Highly Effective People" and then progressing on to 2 series of books by Gary Hayslip. He listens to lots of podcasts including New CISO and CISO Tradecraft. 00:00 Welcome and Introductions 00:36 Dale’s Career Snapshot 02:08 Life as a CSO 03:06 Leaving the Military 05:00 Certs Resumes and Value 07:31 First Civilian Break 08:51 Networking as a Superpower 10:05 How Promotions Happen 13:20 Building Business Awareness 17:03 Speaking Board Level Risk 17:40 Books and Daily Routines 18:26 AI Needs Human Communication 19:51 Phone Calls and Real Talk 21:18 Using AI Responsibly 22:15 AI Resumes and Hiring Reality 23:29 Culture Fit and Honesty 25:06 Never Stop Learning 27:11 Learning Resources and Creativity 30:26 AI Accelerates Skill Gaps 32:22 Leadership Lessons and Quotes 33:21 Books Podcasts and Wrap Up
The Cybersecurity Recruiter talks to Chris Tjotjos, Co-Founder, Simvay & Promithia
Chris Tjotjos on building businesses through crashes, advisory boards, and compounding growth Thomas chats with Chris Tjotjos on the Cybersecurity Recruiter podcast about his career from sales to leading Logos Communications and later co-founding Promithia and Simvay Systems Chris describes early entrepreneurial “full throttle” focus, reinvesting profits for years, and the power of compounding, including examples using pennies and leveraged real estate and recurring revenue. He recounts major disruptions - post-1999 internet implosion after buying out his partner and the 2008 crisis, and how transparency, profit-sharing via an EBIT plan, and shifting customer concentration helped stabilize and grow. A key turning point was meeting entrepreneur Jack Kale, starting an advisory board, and using book-based learning to reshape culture. Chris explains being approached to sell Logos to Black Box, scaling the division, and critiques lack of synergy in acquisitions. Book recommendations mentioned include "Financial Freedom" Mark Harrelson, "The Vital Difference," and "Leading From The Heart," by Jack Kale, "Rockefeller: The Titan," and "The 38 Letters Rockefeller Wrote to His Son." 00:00 Welcome and Setup 00:39 Meet Chris Tjotjos 01:58 Focus Then Scale 03:04 Early Entrepreneur Grind 04:34 Compounding Mindset 06:55 Leverage and OPM 09:27 Life After the Exit 13:22 Dotcom Crash Lessons 15:29 Open Books EBIT Plan 17:39 Jack Kale Book Club 22:26 Partnership Synergy 23:33 Faith Prayer Meditation 25:31 Perspective and Mortality 26:12 Greek Roots and Big Questions 27:20 Faith Over Wealth 27:50 Servant Leadership in Business 28:12 Why Logos Was Founded 32:26 Selling After the 2008 Storm 36:55 Acquisition Lessons and Synergy 38:54 Starting Again With Promethea 40:18 Advisory Boards That Scale 43:51 Building the Board and Jack Story 47:53 Closing Reflections and Thanks 48:27 AI as a Virtual Board 49:42 When to Form a Board
The Cybersecurity Recruiter talks to Shante Perrin, Director, Global Security Operations
Shante Perrin on SOC Leadership, Communicating Risk, and Curiosity-Driven Career Growth Thomas chats with cybersecurity leader Shante Perrin, who progressed from web developer and help desk roles to SOC leadership and Director of Global Security Operations. Shante describes SOC and MSSP work focused on preventing repeat incidents through policies, procedures, customer advisement, and deploying new services and tools that improve analyst efficiency and investigation quality. They discuss the challenge of convincing customers to prioritize security before a breach, emphasizing tailored communication, active listening, documenting risk, and framing guidance around business impact and reputation. Shante highlights interview and hiring themes such as curiosity, understanding why tools are used (not just clicking), teamwork, and cultural fit, plus using brown-bag sessions to share investigative thinking. Career advice centers on taking leaps into unfamiliar work, seeking support, and accountability. Shante recommends David Goggins’ book "Can’t Hurt Me" and mentions journaling and self-care for sustainable performance. 00:00 Welcome and Introductions 01:09 Shante's Security Ops Role 02:58 Convincing Customers to Act 04:50 Communication in the SOC 07:04 Incident Calls and Risk 09:39 Security as Business Partner 14:24 Career Growth Through Curiosity 20:01 Interviewing Beyond Tools 21:51 Curiosity Stands Out 22:45 Hiring For Likability 24:56 Humor Under Pressure 25:49 Help Desk Foundations 28:54 Learning Styles That Stick 29:56 Audio Diet And Mindset 31:38 Confidence And Speaking Up 34:16 Setbacks And Self Care 36:30 Book Pick David Goggins 38:28 Journaling And Control 39:38 Sustainable Work Rhythms 41:20 Final Thanks And Wrap
The Cybersecurity Recruiter talks to Thomas Donnelly, CTO & President, Co-Founder, Amplifier Security
From Security Executive to Startup Founder: Sales, Focus, and Raising a Pre-Seed Round On the Cybersecurity Recruiter podcast, Tom chats with Tommy Donnelly, CTO, President, and co-founder of Amplifier Security. Tommy describes founder life as high-ambiguity work requiring constant energy, disciplined routines, and learning new skills - especially sales - framing it as “finding” the right customers with urgency and budget rather than persuading everyone. He explains the value of narrowing product scope, defining an ICP, and iterating cheaply to reach product-market fit before scaling. Donnelly shares hiring traits he prioritizes (ambiguity tolerance, vision alignment, data-driven iteration), discusses leadership progression from technical roles to cross-functional and external influence, outlines how Amplifer raised a $3.3M pre-seed using design partners, networked VC outreach, and standardized SAFE notes (e.g., via Clerky), recommends TK Kader founder training, and cites Patrick Lencioni’s book “The Five Dysfunctions of a Team.” 00:00 Welcome and Banter 01:06 Entrepreneurship Reality Check 01:56 Energy and Founder Routines 03:20 Tommy’s Career Intro 04:02 Founder Life and Learning Sales 05:18 Listening and Networking Wins 09:21 Executive Communication Shift 12:33 Finding the Right Customers 17:46 Hiring for Ambiguity 21:44 From Startup to Scale Lessons 24:04 Structure vs Chaos 24:23 Climbing to VP Reality 25:54 Leaving Bullhorn for BetterCloud 27:14 Going All In as Founder 28:30 Staying Focused and Niche 30:50 How the Pre Seed Happened 36:28 Money Is a Commodity 40:44 Founder Sales Qualification 44:28 Best Founder Training Resource 45:49 Teamwork and Hard Conversations 48:16 Wrap Up and Thanks
The Cybersecurity Recruiter talks to Casey Murphy, Director of Revenue Marketing, Phosphorus Cybersecurity
Casey Murphy on Boundaries, Deep Work, and Learning Fast in Startup Revenue Marketing Had a great chat with Casey Murphy, who shares his career path from the US Navy submarine/nuclear program to Accenture, an MBA internship at Secure AI Labs, Microsoft, and his current role at Phosphorus Cybersecurity as Director of Revenue Marketing. Casey describes his identity as a Christian and frames his “Forrest Gump” career as a series of making the next right decision rather than following a grand plan, viewing successes and failures through faith and resilience. They discuss prioritizing family, creating boundaries to avoid burnout, and the importance of deep work, especially in remote settings, using examples like an Admiral’s early-morning focus block and a CFO’s handwritten index card of top priorities. They also discuss using AI as a learning aid while still doing painful, hands-on practice, and how printing, handwriting, and journaling improve thinking and retention. 00:00 Welcome and Catch Up 01:15 Casey Career Intro 01:52 Identity and Navy Lessons 05:35 Resilience and Priorities 07:49 Work Boundaries and Burnout 10:34 Remote Work Deep Focus 15:18 Simple To Do Systems 18:06 Learning and Upskilling 19:25 Using AI Wisely 23:38 Analog Thinking and Strategy 27:05 Wrap Up and Next Time
The Cybersecurity Recruiter talks to Andrew Kirch, Director of Technical Operations, Stoic Cybersecurity
Andrew Kirch on Hacker Mindset, Insider Threats, and AI’s Impact on Cybersecurity In this Cybersecurity Recruiter podcast episode, Thomas chats with Andrew Kirch, Director of Technical Operations at Stoic Cybersecurity, who describes his wide-ranging background across IT, red and blue team work, tabletop exercises, and early experience running a major DNS blacklist that helped him understand how attackers think. Andrew argues hacker mindset is learnable through experience, stresses reputational and insider threats, and explains prioritizing vulnerabilities based on real exploitability. He shares stories involving Anonymous, Occupy Wall Street amplification, and law-enforcement work culminating in Operation Cyber Slam. The discussion covers increasing criminal organization, AI-driven risks (voice cloning, fake candidates, faster exploit development, and corporate secrets leaking via public AI), the need for continuous learning, and sources he follows such as YouTube, Ground News, CISA updates, and The Register. 00:00 Podcast Welcome 00:55 Andrew’s Background 04:55 Hacker Mindset Tips 06:51 Prioritizing Real Threats 08:56 Anonymous Storytime 12:00 Operation Cyber Slam 15:24 Cybercrime As Business 17:25 How To Level Up 21:01 AI And IP Risks 24:04 Generalist Security Skills 24:41 AI Voice Fraud Threat 26:17 Fake Candidates Remote Hiring 27:39 AI Widens Attack Surface 29:28 Breach Costs and Insurance 31:01 Writing Reports With AI 34:10 Tone and Social Engineering 36:10 Cyber News Sources 39:22 Geopolitics and Ransomware 41:18 Utilities and SCADA Risks 42:53 Zero Trust and Passkeys 45:32 AI for SOC Defense 47:25 Wrap Up and Farewell
1 de 15