Recruiting and How to Find the Perfect Match with Mimi Gross
Hacker Valley Studio27 Syys 2022

Recruiting and How to Find the Perfect Match with Mimi Gross

Mimi Gross, Founder and Cybersecurity Matchmaker at People By Mimi, connects early stage through Series C cybersecurity startups with sales and marketing talent. As a recruiter and headhunter with over 5 years of experience, Mimi refers to the process of recruiting and hiring as “cybersecurity matchmaking.” Mimi joins Hacker Valley Studio this week to talk about what recruiting and dating have in common (including marriage!), and the ways to deal with rejection during the hiring process.

Timecoded Guide:

[00:00] Defining the term “cybersecurity matchmaking” as a recruiter

[04:00] Commonalities between recruiting and dating advice

[07:55] Dealing with job rejection like a bad breakup

[15:17] Balancing hiring manager wants and needs in the recruitment process

[20:11] Emphasizing chemistry between the ideal candidate and their future employer

Sponsor Links:

Thank you to our sponsors Axonius and Uptycs for bringing this episode to life!

The Axonius solution correlates asset data from existing solutions to provide an always up-to-date inventory, uncover gaps, and automate action — giving IT and security teams the confidence to control complexity. Learn more at axonius.com/hackervalley

With Uptycs, modern defenders can prioritize, investigate and respond to threats across the entire attack surface—all from a common solution: uptycs.com.

Where did the term “cybersecurity matchmaking” come from?

There’s a huge element of matchmaking in recruiting. That’s essentially what you’re doing — you’re matching a potential candidate with a potential new position. Certain recruiters and companies instead treat the act of recruiting candidates and hiring new employees like a sales transaction. This feels impersonal for everyone involved. Referring to recruiting as “matchmaking” reminds everyone involved that there are humans in the process at every stage, from application to references, interviews to onboarding. “Early on, I was disillusioned with recruiting, because I realized that people don't treat it like finding the perfect match. It's like sales for some people. I quickly said, ‘I can't do this thing unless I can call it matchmaking.’ That's where the term came in.” What does dating advice have to do with recruiting?

In both recruiting and dating, you’re trying to find the “right” fit. In dating, both people in a relationship are looking for “the one”; someone to grow with long term and to build a mutually beneficial relationship with. In recruiting, the founder or hiring manager is looking for the right candidate for the role, while the job searcher is looking for the right job for their career. In both dating and recruiting, when you find the right one, it won’t be a huge compromise or a challenging fit; the relationship will feel authentic and natural. “I find that the best matches I make — and I love to call them matches, because they really are — I look back at them, like, ‘You know, that was a good match.’ In those great matches, the chemistry was there right away.”

How do you help candidates deal with rejection?

Rejection is part of the recruiting process, just like how breaking up is part of the dating cycle. There are going to be times when the fit isn’t right and the job you want goes to a different candidate. The trick is to not take it personally. Instead, take a learning approach to the situation. The company might need to go in a different direction, or someone else in the organization may be taking over the position. Unlike dating, the hiring process is unrelated to who you are as a person. Focus on learning and applying your experience elsewhere.

“It’s not just about not taking rejection personally. You have to see that there will be the right fit for you, and that also, the person who is rejecting you now could be a valuable person to know in the future. Never burn bridges.”

What is one of the most important aspects in recruiting?

Chemistry is key in the recruiting process. You may have a company executive or a hiring manager who wants a specific trait from their applicants, like an Ivy League education. As a recruiter, you have to dig beneath the surface to discover the “why” behind a job qualification or educational requirement. Perhaps the employer actually wants someone organized or detail-oriented. Getting to know the “why” means that you can find the actual right fit, while the chemistry between the job seeker and the hiring executive will take care of the rest. “In the beginning, if you find the right match, the dating metaphor here is that nobody's perfect. You have to figure out what kind of imperfect you can handle and you can love, and that's the right match.”

----------

Links:

Spend some time with our guest Mimi Gross on LinkedIn

Learn more about cybersecurity matchmaking on the People By Mimi website

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase a HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

Jaksot(404)

Breaking Into Banks and Bypassing Modern Security with Greg Hatcher and John Stigerwalt

Breaking Into Banks and Bypassing Modern Security with Greg Hatcher and John Stigerwalt

Three banks in four days isn't just a bragging right for penetration testers. It's a wake-up call showing that expensive security tools and alarm systems often fail when tested by skilled operators who understand both human behavior and technical vulnerabilities. Greg Hatcher and John Stigerwalt, co-founders of White Knight Labs, talk about their latest physical penetration tests on financial institutions, manufacturing facilities protecting COVID-19 vaccine production, and why their new Server 2025 course had to rewrite most common Active Directory tools. They share stories of armed guards, police gun draws, poison ivy reconnaissance, and a bag of chips that saved them from serious trouble. The conversation reveals why EDR alone won't stop ransomware, how offline backups remain the exception rather than the rule, and what security controls actually work when attackers bring custom tooling. Impactful Moments: 00:00 - Intro 01:00 - New training courses launched 03:00 - Server 2025 breaks standard tools 05:00 - COVID facility physical penetration 07:00 - Armed guards change the game 10:00 - Police draw guns on operators 13:00 - Bag of chips saves the day 15:00 - Nighttime versus daytime physical tests 18:00 - VIP home security assessments 20:00 - 2026 threat predictions 22:00 - Why EDR doesn't stop ransomware 27:00 - Low cost ransomware simulation ROI 29:00 - Three banks in four days 32:00 - Deepfake as the new EDR Links: Connect with our guests –  Greg Hatcher: https://www.linkedin.com/in/gregoryhatcher2/ John Stigerwalt: https://www.linkedin.com/in/john-stigerwalt-90a9b4110/ Learn more about White Knight Labs: https://www.whiteknightlabs.com Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

18 Joulu 33min

Defending Your Cyber Systems and Your Mental Attack Surface with Chris Hughes

Defending Your Cyber Systems and Your Mental Attack Surface with Chris Hughes

When your firewall forgets to buckle up, the crash doesn’t happen in the network first, it happens in your blindspots. In this episode, Ron is joined by returning guest Chris Hughes, Co-Founder of Aquia and host of the Resilient Cyber podcast. Chris helps reframe vulnerability work as exposure management, connect technical risk to human resilience, and break down the scoring and runtime tools security teams actually need today. Expect clear takeaways on EPSS, reachability analysis, ADR, AI’s double-edged role, and the one habit Chris swears by as a CEO. This episode fuses attack-surface reality with mental-attack-surface strategy so you walk away with both tactical moves and daily practices that protect systems and people. Impactful Moments: 00:00 - Intro 02:00 - Breaking: Fortinet WAF zero-day & visibility lesson 05:00 - Meet Chris Hughes: CEO, author, Resilient Cyber host 08:00 - Mental attack surface explained and why it matters 18:00 - From CVSS to EPSS, reachability, and ADR realities 21:00 - AI as force-multiplier for attackers and defenders 24:30 - Exposure vs vulnerability naming, market trends 26:00 - Chris’s book & how to follow his work 30:00 - Ron’s solo: 3 pillars to patch your mindset 34:00 - Closing takeaways and subscribe reminder Links: Connect with our guest, Chris Hughes, on LinkedIn: https://www.linkedin.com/in/resilientcyber/ Check out the article on the Fortinet exploit here: https://www.helpnetsecurity.com/2025/11/14/fortinet-fortiweb-zero-day-exploited/  Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

11 Joulu 34min

Thriving Beyond Human Labor with Context-Powered AI with Daniel Miessler

Thriving Beyond Human Labor with Context-Powered AI with Daniel Miessler

The real disruption isn’t AI replacing humans, it’s the shocking possibility that human labor was the economic bubble all along. In this episode, Ron Eddings sits down with Daniel Miessler, founder of Unsupervised Learning and longtime security leader, to break open why companies are hitting record profits with shrinking workforces, and what that means for your future. Daniel shares how AI agents, context management, and his Telos problem-first framework are reshaping what it means to create value in the modern economy. From Apple to Human 3.0, Daniel explains why building in public, learning fast, and solving real problems are the ultimate career edge in an AI-powered world. Impactful Moments: 00:00 - Introduction 02:00 - Jobless profit boom accelerates 05:00 - Daniel's AI journey at Apple 08:00 - Building careers around problems 12:00 - AI bubble or timing problem 15:00 - Nine-year-old codes app in two hours 18:00 - Human labor is the bubble 22:00 - Context management changes everything 26:00 - Adaptation equals survival Links: Daniel’s Website: danielmiessler.com/ Daniel’s Github: https://github.com/danielmiessler/ Daniel’s LinkedIn: https://www.linkedin.com/in/danielmiessler/ Upcoming events: https://www.hackervalley.com/livestreams Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/ Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio

4 Joulu 29min

Building EDR for AI: Controlling Autonomous Agents Before They Go Rogue with Ron Eddings

Building EDR for AI: Controlling Autonomous Agents Before They Go Rogue with Ron Eddings

AI agents aren't just reacting anymore, they're thinking, learning, and sometimes deleting your entire production database without asking. The real question isn't if your AI agent will be hacked, it's when, and whether you'll have the right hooks in place to stop it before it happens. In this episode, Ron breaks down the ChatGPT Atlas vulnerability that shocked researchers, revealing how malicious prompts can turn AI assistants against their own users by bypassing safeguards and accessing file systems. He presents his new talk "Hooking Before Hacking," introducing a framework for applying EDR principles, prevention, detection, and response, to AI agents before they execute unauthorized commands. From pre-tool use hooks that catch malicious intent to one-time passwords that put humans back in the loop, this episode shares practical security controls you can implement today to prevent your AI agents from going rogue.   Impactful Moments: 00:00 - Introduction 02:00 - ChatGPT Atlas vulnerability exposed 04:00 - AI technology outpacing security guardrails 05:00 - Guardrail jailbreaks and prompt injection 06:00 - AI agents deleting production databases 07:00 - EDR principles for AI agents 09:00 - Pre-tool use hooks catch intention 11:00 - User prompt sanitization prevents leaks 14:00 - One-time passwords for agent workflows 16:00 - Automation mistakes across 10 years   Links: Connect with Ron on LinkedIn: https://www.linkedin.com/in/ronaldeddings/ Check out the entire article here: https://www.yahoo.com/news/articles/cybersecurity-experts-warn-openai-chatgpt-101658986.html  GitHub Repository: https://hackervalley.com/hooking-before-hacking  See Ron's "Hooking Before Hacking" presentation slides here: http://hackervalley.com/hooking-before-hacking-presentation Check out our website: https://hackervalley.com/ Upcoming events: https://www.hackervalley.com/livestreams Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/ Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio

2 Joulu 19min

Can AI Run Your SOC Better Than You? with Ahmed Achchak

Can AI Run Your SOC Better Than You? with Ahmed Achchak

What if your security team never missed a single alert and actually had time to think strategically? In this episode, Ahmed Achchak, CEO and Co-Founder of Qevlar AI, reveals how autonomous SOCs are reshaping security operations worldwide. From tackling alert fatigue to empowering analysts with intelligent AI-driven investigations, Ahmed shares the inside story of building a system that can act on threats faster than any human alone. Learn how Qevlar’s innovative approach is giving organizations clarity, control, and measurable ROI while freeing security teams to focus on what truly matters. Impactful Moments 00:00 - Introduction 01:30 - Founding Qevlar AI by chance 03:30 - Inefficiency of current SOCs 05:00 - Augmenting analysts, not replacing them 08:00 - AI investigating alerts at scale 11:30 - How autonomous agents handle phishing 14:30 - Why tackling all alerts maximizes ROI 17:30 - Graph technology as investigation backbone 25:00 - Limitations and randomness of LLMs 30:30 - Advice for testing AI in SOCs Links Connect with our guest Ahmed on LinkedIn: https://www.linkedin.com/in/ahmed-achchak-872554109/   Check out Qevlar’s website: https://www.qevlar.com/   Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

13 Marras 32min

Making Cybersecurity Marketing Creative (and a Little Sexy) with Maria Velasquez

Making Cybersecurity Marketing Creative (and a Little Sexy) with Maria Velasquez

Who said cybersecurity had to be serious? The future of cyber is creative, human, and even a little sexy. In this special 400th episode, Ron Eddings celebrates six incredible years of Hacker Valley Studio with one of cyber’s most creative voices, Maria Velasquez, Co-Founder of the Cybersecurity Marketing Society and Co-Host of Breaking Through in Cybersecurity Marketing. Together, they discuss how bold storytelling, authentic community, and a touch of fun are reshaping the way we connect in cybersecurity. Maria opens up about turning burnout into purpose, building a 4,000-strong global movement, and why the next frontier in cyber might just be entertainment.   Impactful Moments: 00:00 - Introduction 02:00 - CISA layoffs and collaboration fragility 04:00 - Welcoming Maria Velasquez 06:00 - How loneliness sparked a global community 08:00 - Why collaboration fuels cybersecurity growth 10:00 - When cybersecurity marketing was “boring” 12:00 - The rise of creativity and brand power 14:00 - Story behind Torque’s “Kill the S.O.A.R” campaign 15:00 - Making cybersecurity emotional and human 17:00 - Maria’s advice for bold marketing leaders 18:00 - The next big thing: experiential marketing 20:00 - Inside Cyber Marketing Con 2025 24:00 - Final reflections on community and creativity 27:00 - Ron’s takeaways: connection drives innovation Links: Connect with Maria on LinkedIn: https://www.linkedin.com/in/maria-vepa/ Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

6 Marras 30min

How to See Your Organization Like a Hacker with Chris Dale

How to See Your Organization Like a Hacker with Chris Dale

To defend like a human, you first have to think like a hacker. In this episode, Ron Eddings sits down with Chris Dale, Co-Founder and Chief Hacking Officer at River Security, to explore the human side of hacking, where curiosity, persistence, and vigilance meet defense. Chris shares how the traditional idea of penetration testing has evolved into a continuous journey of discovery, and why reconnaissance and storytelling are critical tools for modern defenders. From real-world breach stories to lessons on trust and responsibility, this episode reveals how thinking like a hacker, and acting like a human can transform the way we approach cybersecurity.   Impactful Moments 00:00 - Introduction and massive breach overview 03:00 - Trusted systems become exposure points 05:00 - Meet Chris Dale of River Security 07:00 - The problem with traditional pen testing 08:30 - Continuous reconnaissance and real-world risk 10:00 - Knowing yourself as a security principle 13:00 - The meaning of continuous vigilance 15:00 - Turning cybersecurity lessons into stories 18:00 - Storytelling and mindset in defense 19:30 - Final takeaways on fundamentals and vigilance   Links: Connect with our Chris on LinkedIn: https://www.linkedin.com/in/chrisad/ Read the Tech Radar article here: https://www.techradar.com/pro/security/f5-breach-fallout-over-266-000-instances-exposed-to-remote-attacks Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

30 Loka 25min

Coding by Vibe: The Future of AI-Built Security with Ron Eddings

Coding by Vibe: The Future of AI-Built Security with Ron Eddings

When code meets intuition, innovation gets personal. But what happens when we let AI vibe with our ideas? In this episode, Ron Eddings covers the rise of AI-driven development from Vibe Coding, where natural language shapes real code, to the emerging Model Context Protocols (MCPs) that redefine how apps talk to AI. He breaks down the recent Figma MCP vulnerability to discuss how creativity and security now collide in surprising ways. With hands-on insights using Raycast and practical steps for building responsibly, Ron takes you inside a new era where human intuition and machine intelligence truly build together.     Impactful Moments 00:00 - Introduction 01:00 - The Figma vulnerability explained 03:00 - Why MCP security matters 05:00 - What vibe coding really means 07:00 - Writing with intention and context 08:00 - The power of structured prompting 10:00 - How MCP connects everything 12:00 - Why adoption is skyrocketing 15:00 - Setting up an MCP server 17:00 - Agents, actions, and security trust 19:00 - The real takeaway: curiosity with caution 30:00 - Predictions on OpenAI’s upcoming browser 33:00 - The profit battle between OpenAI and Microsoft 35:00 - Windsurf’s rollercoaster of acquisitions   Links: Connect with our Ron on LinkedIn: https://www.linkedin.com/in/ronaldeddings/ Check out the Hacker News article here:  https://thehackernews.com/2025/10/severe-figma-mcp-vulnerability-lets.html?m=1   Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

24 Loka 20min

Suosittua kategoriassa Koulutus

rss-murhan-anatomia
psykopodiaa-podcast
voi-hyvin-meditaatiot-2
rss-liian-kuuma-peruna
adhd-podi
aamukahvilla
jari-sarasvuo-podcast
psykologia
rss-narsisti
rss-uskonto-on-tylsaa
rss-tule-tule-hyva-ero
rss-finnish-with-eemeli-podcast
rss-luonnollinen-synnytys-podcast
rss-koira-haudattuna
rss-niinku-asia-on
ihminen-tavattavissa-tommy-hellsten-instituutti
rss-vapaudu-voimaasi
rss-keskeneraiset-aidit
salainen-paivakirja
rss-tripsteri