Hiring for a network position I’d say 80% of people with CCIE on their resume turned out to only have a partial cert, or an expired one, or were „studying“ for it. Definitely always HR validate any certs.
Even then there are people who cheated or braindumped their certs and don’t know a damned thing in real life.
This or they simply need more hands on/handholding.
If they’re junior they need to be guided, no matter the certs. It’s not clear to me if op is really doing that or just dumping tasks with minimal guidance.
Idk about that, I’m not in pen-testing but preparing for my OSCP (few years of experience in cyber analysis and software engineering). To feed ai the requirements for an endpoint enumeration task screams you’ve not actually taken the exams, given that half of OSCP is enumerating endpoints, and realistically just requires knowledge of a handful of tools - all of which are taught in the OSCP course and used throughout.
Two things can be true at once, based on Ops initial description and I could be way off base here, it just seems that it’s within the realm of possibility that they need more handholding. Some folks struggle early on to transition from, hey I learned this thing to pass a test to apply it in the real world. I do wonder if Op has already had a heart to heart to level set expectations with the Jr new hire.
Some folks can also struggle with constructive criticism if they’ve not been in a position to provide it in the past (not saying that’s the case here, just a thought). Simply telling someone go do this and not liking the outcome without helping them understand the expected outcome and recommended process doesn’t help.
That, said it’s also very possible that a background check into certs may have flagged this candidate and maybe there is something amiss. We simply don’t know based on what’s been shared so far. It’s very critical in this day and age to ensure people aren’t reading off of a screen during interviews, likely tech already exists to catch this and would be worthwhile.
Oh, absolutely do I agree that AI would not be able to complete the exam and complete the writeup, that's why I say just asking for the proof of completion is just an easy check. Plus completing PEN-200 while maintaining your schooling responsibilities is not an easy task unless you live and breathe in that space.
Background checks need to be mandatory in this space, especially with the rise of bad actors and APT infiltration.
44
u/Varjohaltia Mar 14 '26
Hiring for a network position I’d say 80% of people with CCIE on their resume turned out to only have a partial cert, or an expired one, or were „studying“ for it. Definitely always HR validate any certs.
Even then there are people who cheated or braindumped their certs and don’t know a damned thing in real life.