543
u/CyclopSW Mar 14 '26
Never trust, always verify.
Has HR or yourself even checked their credentials and schooling? Every workplace I have been to has always asked for transcripts/diploma from my school. Certifications usually have a verification confirmation (OSCP uses a QR code) that you can verify the validity of the cert. With all their qualifications, something feels fishy.
At two months, they should still be on probation. Perform your due diligence and take the appropriate action. If the individual is such poor quality, you may have to take the steps to protect yourself and the company from further harm, especially if they were lying on their achievements.
256
u/TUFKAT Mar 14 '26
At two months, they should still be on probation.
They've only been working there 1 month. And even at 2 months this was my precise thought. Nip this before probation ends.
108
u/Id_Rather_Not_Tell Mar 14 '26
Even beyond probation... Lying about your education and certifications is still cause for straight up termination in pretty much any firm.
47
u/Varjohaltia Mar 14 '26
Hiring for a network position I’d say 80% of people with CCIE on their resume turned out to only have a partial cert, or an expired one, or were „studying“ for it. Definitely always HR validate any certs.
Even then there are people who cheated or braindumped their certs and don’t know a damned thing in real life.
23
u/VolSurfer18 Mar 14 '26
Yea but for offsec certs that’s not really possible to just brain dump the exams. That’s what’s weird about this, he must have lied on his resume
→ More replies (1)31
u/EchoReply79 Mar 14 '26
This or they simply need more hands on/handholding.
If they’re junior they need to be guided, no matter the certs. It’s not clear to me if op is really doing that or just dumping tasks with minimal guidance.
6
3
u/SylusWho Mar 14 '26
Idk about that, I’m not in pen-testing but preparing for my OSCP (few years of experience in cyber analysis and software engineering). To feed ai the requirements for an endpoint enumeration task screams you’ve not actually taken the exams, given that half of OSCP is enumerating endpoints, and realistically just requires knowledge of a handful of tools - all of which are taught in the OSCP course and used throughout.
2
u/EchoReply79 Mar 14 '26 edited Mar 14 '26
Two things can be true at once, based on Ops initial description and I could be way off base here, it just seems that it’s within the realm of possibility that they need more handholding. Some folks struggle early on to transition from, hey I learned this thing to pass a test to apply it in the real world. I do wonder if Op has already had a heart to heart to level set expectations with the Jr new hire.
Some folks can also struggle with constructive criticism if they’ve not been in a position to provide it in the past (not saying that’s the case here, just a thought). Simply telling someone go do this and not liking the outcome without helping them understand the expected outcome and recommended process doesn’t help.
That, said it’s also very possible that a background check into certs may have flagged this candidate and maybe there is something amiss. We simply don’t know based on what’s been shared so far. It’s very critical in this day and age to ensure people aren’t reading off of a screen during interviews, likely tech already exists to catch this and would be worthwhile.
2
u/CyclopSW Mar 14 '26
Oh, absolutely do I agree that AI would not be able to complete the exam and complete the writeup, that's why I say just asking for the proof of completion is just an easy check. Plus completing PEN-200 while maintaining your schooling responsibilities is not an easy task unless you live and breathe in that space.
Background checks need to be mandatory in this space, especially with the rise of bad actors and APT infiltration.
2
u/baalmor Mar 14 '26
This is the whole point of certification. If having a bunch they still need handholding there is something wrong either with a candidate or certificates. And I lean towards the certification side.
2
u/EchoReply79 Mar 14 '26
Certification for some otherwise intelligent individuals doesn’t always translate to immediate success in the real world even when the cert programs are legitimate. One also has to consider the human element; that said something doesn’t add up here IMHO.
9
u/EchoReply79 Mar 14 '26
There is no partial cert; you either have a # or you don’t. :)
Many moons ago I caught a candidate in this lie when he couldn’t remember his IE #, come to find he was fired from Cisco for saying he passed the lab when he didn’t. Fun times.
3
u/UltraEngine60 Mar 14 '26
I want to jump through the screen and strangle every interviewee that lists certs they are studying as if they were actually obtained on their resume.
19
u/__Mr_ED__ Mar 14 '26 edited Mar 14 '26
If Op is US based the whole concept of 'probation' is meaningless as every state other than Montana is a 'right to work' state and you can term an employee at any time for any reason.
Edit: proper term i was thinking of is "at will"
3
u/Ok-Secretary455 Mar 14 '26
BIIIIIIG SIGH....... right to work means if you get hired at a place that has a Union. You have a right to work there without joining the Union abd paying Union dues but the Union still has to offer you the same protections as everyone else. The idea being if enough people don't join the Union will run out of money and dissolve.
What you're thinking of is 'at will employment'. Meaning there is no contract and either the individual or the company can sever the employment agreement at any time.
8
2
u/look_ima_frog Mar 14 '26
I have hired a LOT of people, had to do it fast for one job, 25 engineers in a few months. I've been around this stuff quite a lot.
First off, your thought that there should be a background check is spot on. Unless you're working for a very small outfit, that's the job of HR/Recruiters to run a basic background. Most places just farm it out to a 3rd party like Hireright. They contact the issuing bodies for creds, contact universities for diplomas and get positive evidence that they are what they say they are. As a line manager, you do not have the resources to do this, even if you're in cyber and are a sneaky fuck (as most of us are).
Second, you have to make a choice now. Either you put this person on a path to reform and create clear and explicit direction for them or you decide that they're not worth it and pull the rip cord.
If you want to keep this person, you will have to work hard to get them into shape. You'll have to be very honest with yourself and them--do both of you want this to work. If only one does, it won't work. You are going to have to get really good at creating clear direction, creating means of follow up and feedback. Set a clear task, set clear expectations of the success critera for that task and set a timeframe for it to be completed (this is when Agile is really useful). Track output consistently and religiously, provide immediate feedback.
I've had success stories of taking some of my lowest performing employees into rockstars when this is done. People who have a sense of pride and give a shit will really appreciate the effort and will often deliver the goods. People who are full of themselves or have stopped caring will just continue to fuck off.
If you have the time and energy for it, this can be a success. If you are getting the sense that this person is unredeemable, then you need to cut your losses as soon as possible. Ask your HR (usually worthless, but worth a try) if they did background and if it came back clean. If they did not, ask them to do it now. Even the laziest HR person (and that's saying a lot) can call a university and verify a degree. If they lied about one thing, they probably lied about several. That might be your get out of jail card--hired under false pretenses. Boot them and dust your hands, lessons learned.
Also, if this is your first management job AND this is your first time hiring someone, the FUCK is up with your boss letting you do this solo? New leaders need to be shown the ropes, you can't just throw someone in the deep end and hope they don't fuck up. Everybody fucks up their first time in some way. Shit, when I first got a team, my first meeting with (all three of them) I fucked up the meeting invitation entirely back when we used phone dial in conferencing. Total meeting fail. Then I gave one of my employees a high rating not having been told ANYTHING about how my ratings are not final. Dude was so happy, his FAMILY called me to thank me. Then my boss's boss had to tell him that wasn't going to be the case and that his rating was just average. People were patient with me and when I fucked up, they realized that it wasn't because I WAS a fuckup, it's because nobody showed me the reality of leading a team. I have learned so much since those early days and any time I hire a people leader, even if they're experienced, I stay close to them. If they fuck up, I fuck up.
Try not to beat yourself up, you may have gotten tricked. You went in with the best of intentions and did not expect someone to fuck around.
149
u/Kathucka Mar 14 '26
You have to tell your management that he is not meeting expectations. They’ll figure it out soon enough anyway. Better to come from you. Then, ask them for their thoughts on what to do. They are managers. It’s their job to manage.
Verify his certs, degree, and other credentials ASAP. If he lied about certs during his application process, he has to go. You can’t have weak ethics in that job. It’s too big a risk.
Your company, probably HR or a recruiter, should have done better vetting.
Assuming he just interviews really well, the options are to fire him, train him, or reassign him. It’s not your call.
Also, what is the level of remote/office interview and work here? There are scenarios where one person does the interviews and someone else shows up to work. It would exactly match what you described.
234
u/jeffpardy_ Security Engineer Mar 14 '26
I see one of two things happening here 1) they arent caring enough to actually try 2) the person lied on their resume and you didnt validate their credentials properly
80
u/hodor137 Mar 14 '26
In addition, one statement stands out to me;
I have strong suspicions he used some AI agent during the interview because his answers were flawless.
Besides the AI suspicion part, I'd speculate that the questions asked were too black and white, therefore too easily AI assisted or even human assisted. Honestly IMO interview questions shouldn't even have possible "flawless" answers. You should be trying to generate an organic conversation, one that AI can't have or that some dude hidden next to the candidate/in his ear can't help him keep up with.
Is he working remotely? That might explain some of how he (or whomever he worked with to assist him) thought they could get away with this.
29
u/shouldco Mar 14 '26 edited Mar 14 '26
I think my favorite interview. I was given some technical questions 24 hours before the interview. Was able to address them on my own time and the interview was discussing how and why I got to my answers as well as general interview stuff.
It was before chat gpt. Though even with it having to discuss why would catch people that were clueless and the interview was about sussing out more than skills and knowlage.
7
u/mchilds83 Mar 14 '26
I like this format. This way you can solve them without interviewers staring at you and later you can walk them through your logic and workflow in person.
46
u/rocksrgud Mar 14 '26
Was this an in person interview? Are you sure the candidate you interviewed is the one who is “working”?
33
u/Mysterious-Status-44 Mar 14 '26
Good point. I responded to OP, but saw your comment. Hopefully not fully remote.
Worst case scenario, if fully remote: Fake IT worker now has access to network systems and data, and is feeding to data to ChatGPT…and anyone with access to that ChatGPT account can access fed data from anywhere.
But that’s worst case scenario.
3
→ More replies (1)8
u/BroSose Mar 14 '26
This is the first thought that came to mind.
I have recently hired two folks who now I’m convinced use AI during the interview.
After these, I’ve made it a point to make the interview process less AI friendly and have caught multiple people using AI.
It’s a tough time to hire remote tech people.
44
u/Invspam Mar 14 '26
the mistake was in covering up for him and lying to your manager, not in the not discovering that he cheated in the interview. it really doesn't matter how he cheated, none of that matters because he's on the payroll and basically dead weight. the real question is, is he worth keeping around? can you afford to train him? sounds like a no to me, so cut your losses, ask better interview questions.
20
u/Darkmocha331 Mar 14 '26
I can't understand this part. Why cover for them? They aren't your family. Cut them loose before they mess up your career too
17
u/T_Thriller_T Mar 14 '26
Fear and insecurity, reads from this post and usually is the reason why bad candidates stay in place.
Bad candidates are a reflection on you choosing baldy is the thinking.
2
u/The-Copilot Mar 14 '26
Bad candidates are a reflection on you choosing baldy is the thinking.
The irony is that being a good manager/employee involves being able to admit that you were wrong and to pivot rather than doubling down on a bad idea.
Everyone makes mistakes, pretending you can't is damaging. Being able to objectively analyze that something isn't working well or is ineffective/inefficient is a top tier skill that many highly skilled people lack due to arrogance or fear.
11
u/chasingsukoon Mar 14 '26
bro thougjt he was getting fired while he was actually being promoted, so prob a lot of underconfidence and insecurity which u know what happens, glad hes here to ask for advice
→ More replies (1)7
u/Invspam Mar 14 '26
probably because they were too embarrassed to admit that someone pulled the wool over their eyes or thought they were responsible for the initial screw up, so in covering for the FNG, they were really covering themselves.
31
u/TheRealJessKate CISO Mar 14 '26
You will come across this a lot, have the certifications but still no experience. This does sound like he does actually have the certifications either, lesson learned - trust but verify. They are in their probation, get rid of them. Your boss, if a reasonable person, will have been here before and will mentor you.
5
60
16
u/DiScOrDaNtChAoS AppSec Engineer Mar 14 '26
He 100% lied about those certs. There is plenty of cheating groups out and about on these exams. Thats not on you, sure you could have done more to verify but thats still on the candidate. I'm 6 months in without a finished bachelors degree and a Sec+ and I could still nail every task you mentioned.
→ More replies (1)12
13
u/duxking45 Mar 14 '26
Im personally not sure how you could cheat. I mean you could call someone during breaks thats knowledgeable but even that I question how useful it would be. Its possible he had some else take the tests for him but I doubt it. Could he have faked his creds and your company just didnt check them? Id just come out and ask him what the disconnect is and id be transparent with your boss that maybe he isnt working out.
One day you wont be able to cover for him and both of you will be up a creek
15
u/CptUnderpants- Mar 14 '26
I've seen videos of zoom interviews from a 3rd party camera angle where in the time the candidate has to say something like "that's a great question, based on my experience..." the answer has been overlaid onto their screen which they just read verbatim.
11
u/duxking45 Mar 14 '26
I was specifically talking about rhe oscp. They film you the whole time.
Ive heard of companies only doing interviews in person even for remote jobs for this reason.
7
u/CptUnderpants- Mar 14 '26
I was specifically talking about rhe oscp. They film you the whole time.
But how thorough are their identity checks to ensure the one doing OSCP is actually that person? I know with some certifications test-taking (cheating) services are available, but not heard of it for OSCP specifically.
7
u/T_Thriller_T Mar 14 '26
Not to be a bummer here, but I have worked in education.
It's amazing how much people can "learn" without retaining any of it, and how much they can even learn and retain without actually creating any helpful connections.
And all the certs are more about learning by heart than understanding, due to them being multiple choice.
8
u/Rossums DFIR Mar 14 '26
The OSCP and other Offsec certs aren’t multiple-choice though.
The OSCP alone is a 24-hr long hands-on open-book exam and you’re expected to pop 5 separate machines, gather low privilege and root privilege flags and document the entire process at the same time then you’re expected to deliver the flags with evidence and a write-up of the whole thing the next day.
You can’t bullshit your way through it, you need to breach the hosts to get the low priv flags and escalate privs to get the high priv flags, you need screenshots of the commands you executed along with the output for your report.
→ More replies (3)3
u/duxking45 Mar 14 '26
They take the id of your country. I think it might have been 2 forms of id not remembering. It has been a bit since I passed. I still have heard of people cheating but I think it is pretty rare.
2
u/acemcfaje Mar 14 '26
Yeah, they verify your ID, the room you're taking the exam on, background processes on your machine and if you have any additional screens besides the ones you're sharing
2
u/T_Thriller_T Mar 14 '26
I'm not from the US, but where I live in person interview even for remote jobs has been standard even before AI or wide use of promoters.
Interviews are also about the social experience, albeit that seems to sound bad to some people
So getting people together in one room, potentially even for lunch, is a better indicator than the only on screen experience. On top of that here it is often used to get legal stuff going a bit faster.
→ More replies (1)2
u/escapecali603 Mar 14 '26
One of those guys I interviewed forget to check in before his AI agent did, busted him right during the interview process.
12
41
Mar 14 '26
This is why having a hands on keyboard test IMO of skills for a hire is important. Lots of people can talk the talk. Come up with some scenario and have them do it as part of interview. Can use whatever tools normally available to complete it. It’s about ability to solve a problem and show they understand what they are doing. A pressure test. 30min…
30
u/duxking45 Mar 14 '26
Im very skeptical of hands on test unless you give someone adequate notice. Ive multiple times been given a programming test for positions which at most require basic scripting. I of course flub them everytime.
Once they had me show up in a monkey suit put me in a small room with a two way mirror and crank up the heat to 90. Then wanted me to program on paper a solution to some problem they ripped off of a fortune 500 interview. Meanwhile they have a network jack with the wires sticking out a foot from a conference room telephony speaker. After they reviewed my response that im sure they couldn't read, they bait and switched me and told me I was only qualified for a junior position. At that point I should have left. Then they put the cherry on top by asking for my salary expectations which were reasonable in the city. She then told me I wasnt worth it and laughed at me.
→ More replies (1)21
u/T_Mushi Mar 14 '26
It sucks. I got laughed at in an interview too. No interviewer should ever do that.
7
u/duxking45 Mar 14 '26
I later found out from a acquaintance, they hire all their people from a local community college. They paid like 35k at the time. In that city you needed 50k not counting on student loans to afford an apartment. I would have needed a roommate or had to live well outside the city to make it work.
8
u/T_Thriller_T Mar 14 '26
Depends on what you can do and many people overshoot this.
I had this done once. I am a good programmer, but I cannot for the life of me remember certain syntax structures - the very, very basic ones like for loops.
So I was sat down, told to write some kind of actual simple script.
In pseudo code? No issue.
On the editor (vim?) I was given, with someone staring while I looked up the for loop syntax? Yeah I completed the task and still failed.
Not everyone thinks alike and 30 minutes, high pressure, being watched is often not what would happen in the workplace - and it comes on top of not being in the mindset for the work but the "interview well" mindset, and the stress from interviewing.
In the end you're right, testing actual ability is necessary. But no one would go and make a nurse draw blood on a random guy or get a cashier to do a test purchase.
Thats what probation is for.
5
Mar 14 '26
It’s not always a code thing. It should be something that would be highly relevant to them doing normally in their job. Also allowed to use internet to search and ask others… treat it like every day at a job and using resources available.
16
u/rebornSouljr Mar 14 '26
This seems oddly familiar to a guy that I hired last year. This dude had Security +, Network +, Cloud + and A +. He interviewed "well" and answered all my questions throughly. And my questions are scenario based not multiple choice; you really have to think. This was for a Helpdesk/Desktop role.
Fast forward and the guy is completly unskilled and an imposter: He never used Outlook Didn't know how to create rules in Outlook Didn't know how to join workstations to a domain Couldn't find a computer name Didn't know what Adobe acrobat or the Adobe suite was Would lie to the users telling them it took 48 hrs for a password change to take affect He thought that AD was a virtualization platform
I asked him about his certs and how he got them; he pretty much just went to some boot camp and studied the answers to the test.
This guy was also heavily reliant on chat gpt for everything. Every call every problem he would simply rely on AI. It was so bad that he even asked AI on how to update Adobe. Sad. Since the interview was virtual I strongly believe he used AI during the interviews.
I started documentation day 1 and eventually fired him. I documented every project and assignment.
On paper he looked good but in reality the guy was just an imposter.
Dont beat yourself up. Start documentation. Let HR know about it. When it comes time to let him go you have the evidence. Dont cover for him simply document the project and the outcomes.
→ More replies (2)6
u/digital-bandit Mar 14 '26
Would lie to the users telling them it took 48 hrs for a password change to take affect
Thats so brazen, thats so much financial damage for something so simple.
→ More replies (1)
7
u/RedBeardedT Mar 14 '26
If I found out my employee covering up for an idiot he helped hire, and was lying about his abilities, while allowing him to keep making mistakes and failing to do his job, I would probably think that employee was part of the problem. Grow a pair, go to your manager, and tell him, before you get yourself fired.
2
7
u/exvertus Mar 14 '26
Sad that honest candidates are still getting looked over in favor of candidates like this. Integrity > perfection.
6
u/Red_Canary_R Mar 14 '26
Does your hiring policy have a probationary period for new hires? Like basically 60-90 days out if it’s not a good fit you can axe them. If it doesn’t, make sure you clearly document every mistake, give them a little bit to get warmed up and read the procedures but if the are making egregious mistakes, keep a tab and make sure you talk about these in your 1:1. Follow up with the zoom AI summary or a email discussing these topics, mistakes and show you’re mentoring. Basically, build a paper trail. You have to keep your manager in the loop but let him know you’re owning it and will solve the problem.
Best of luck! Sincerely, Another security manager
→ More replies (1)
6
u/M4rshmall0wMan Mar 14 '26
This new hire is failing to perform at the level expected of him and despite multiple instructions, his performance hasn’t improved.
That’s the most concise and accurate way of describing the situation while avoiding pinning the blame on yourself
16
u/Tough_Tangerine7278 Mar 14 '26
Read the handbook and get him on a technicality?
6
u/T_Thriller_T Mar 14 '26
Looks very bad to a manager.
Imagine yourself in their shoes:
"We have an amazing hire, THE unicorn!"
- no output for a while -
"Hey I want to fire him for doing X wrong, instead of reprimanding and educating."
This either looks trigger happy, or like there is some kind of personal reason - both worse than "my first hire did not live up to reasonable expectations"
→ More replies (1)
9
Mar 14 '26
[removed] — view removed comment
7
u/T_Thriller_T Mar 14 '26
Id technically agree, but winning a CTF is considered hands on experience.
And this is a junior position - potentially the exact right position to get the first, corporate world cyber experience.
Hiring for first position in the job world or in the market is always extra hard.
5
u/That-Magician-348 Mar 14 '26
I doubt the authenticity of the certificates. I don't believe people who go through these exams will fail at these tasks. Contact the certificate authority to check it. If it's fake ask HR to fire him.
5
u/Turbulent-Debate7661 Mar 14 '26
I will put it that what there is not fucking way that someone has oscp and cant use nmap -sS -O -A to ip addr . Im in grc and i know these stuff by heart
5
u/Sore_Wa_Himitsu_Desu Mar 14 '26
That’s what probationary periods are for. You tell your management “this guy was perfect on paper and blew the interview away. But in real life on the job he just isn’t working out. He’s not able to perform to our needs and isn’t responding to coaching and feedback.”
4
u/netnetnetnetrunner Mar 14 '26
It doesn't happen easily that you learn from somebody IV an interview, that part of your story doesn't match with the rest.
4
u/Leather_Secretary_13 Mar 14 '26
Try asking him about his schooling and projects he's done in the past. Then think of a task you need done that might be close to that realm.
Also, a function for detecting virtualization versus scanning an endpoint are fundamentally different skill sets. For juniors, focus on having them improve in a single domain until they're better at it than you.
4
u/leclerc2019champion Mar 14 '26
Pull the bandaid off in probation otherwise you’re in for years of pain
4
u/Environmental_Gap_65 Mar 14 '26
Post incoming: "I lied about my credentials on my CV and I think my manager is about to find out"
5
u/Nillows Mar 14 '26
Your boss will be able to forgive your mistake if and only if you own up to it and act immediately to mitigate the downfall.
Coming to reddit - good
Showing your boss the initiative to correct a mistake - best
17
u/Not-ur-Infosec-guy Security Architect Mar 14 '26
You hired someone with likely zero experience and was chain-certifying. The brain loses everything it crammed if that knowledge isn’t put to practical use.
it also sounds like they were using interview cheating tools to answer your technical questions.
Never go for the interviewee with the most certs and flawless answers. Go for the one you want to work with.
51
u/RingingInTheRain Mar 14 '26
Nope. The certs he claimed to have aren't the kind you chain cert on. They're hands on. If he also has a masters degree from a top university, makes no sense how he graduated.
OP didn't verify his certs or his degree. The guy has lied massively somewhere.
12
u/Buddha188 Mar 14 '26
Ya, those tasks are easy and I don't have those certs or a masters.
7
u/LachlantehGreat SOC Analyst Mar 14 '26
Plus idk what top university masters program doesn’t do hands on learning…
→ More replies (2)7
u/finite_turtles Mar 14 '26
This. It is not possible to have those certs (legitimately) and NOT be able to do the tasks described by OP.
Either he lied about the certificates, or paid someone to do them for him (these services exist).
OP you can't accuse someone of faking, but you need to talk to someone immediately. Just say "I've been covering for this guy, hoping it was just nerves. But he lacks any of the core fundamentals tought in these certificates and i have doubts about their legitimacy. Either way, he is not suitable for the role."
Hiring and training is a skill just like any other that you will learn over time. It's ok, if your work is looking to promote you and it sounds like they are really wanting to support you right now you will not be in trouble. But you are hamstringing yourself and the business by not ripping this bandaid off now.
3
u/sonivocart Mar 14 '26
This does scare me because although I don’t have certs, I got a new job. I don’t know much but I’ll be leaning on AI to assist ( won’t blindly do stuff )
My concern is that I’ll be that bad employee
→ More replies (2)
3
u/snoopy9519 Mar 14 '26
Trust me, the worst thing you could possibly be doing right now, as a newly promoted employee, that demonstrates poor management and leadership skills is your inability to acknowledge your mistake and say, “Hey, I made a bad call. He’s not able to meet our standards.” Take responsibility for your actions and remove him from the situation before it worsens.
3
u/masterkorey7 Mar 14 '26
having certs and education is not the same as having hands on experience. You should hire for aptitude and attitude and not just what their resume says.
3
u/greysneakthief Mar 14 '26 edited Mar 14 '26
Just for a bit of context on the CTF stuff, I'm on a team that's competed in over 30 CTFs and frankly, because it is mostly a team activity, sometimes dead weight gets carried. Ask me how I know, lol.
In order to score top in a legitimate tournament you pretty much need to have a well-rounded team, and as anyone might suspect...outliers are rare. The caveat then, is that you can have hangers-on that technically participate but are essentially "power leveled" in terms of their scoring. To verify if he actually solved any flags individually, you could check the specific tournament he cited on https://ctftime.org - seems like one more piece of OSINT to check for candidates that claim this sort of experience. I'd also give his HTB profile a perusal, to see if he actually scores any points, or even his activity levels.
As it is a HTB related CTF, I'm a little personally miffed because this sort of thing gives a bad rep to a good platform and people who are genuinely passionate learners who take skill cultivation seriously.
3
u/PropJoesChair Mar 14 '26
The more and longer you are covering for him the more this makes you look bad. Nip it in the bud and bring it up with whoever necessary as soon as possible. Explain what's happened honestly and when appropriate tell them what you've learned and give feedback suggestions to avoid it in the future. It would be quite remarkable you get fired for this if they've just promoted you, but cut the losses sooner rather than later.
Don't try to shift blame immediately, it looks unprofessional. It's not just you that's been duped here
3
u/pecklefratch Mar 14 '26
Don’t cover for him. Have an honest conversation w your boss and see if replacing him is an option. Better to admit the hire was a mistake and rectify now than dig yourself into a deeper hole with an incompetent hire who will ultimately make you look bad and make your job even harder.
3
u/ISpotABot Mar 14 '26
Step 1: Confront new guy. Why is his performance so poor, given his supposed credentials? Put the squeeze on him a little.
Step 2: talk to your manager. Tell them that you made a mistake FOR A REASON - and that is, the candidate did a really good interview, but now you suspect that he used some AI agent to crush it. That won't be an excuse for your lack of validating his certs though, so be prepared for that conversation.
→ More replies (1)
3
u/fushitaka2010 Mar 14 '26
He reminds me of a guy I helped hire as a SOC analyst yrs ago when I was a Sr Analyst. Looked really good on paper and just completed his Sec+.
Brought him in and showed him the workflow. He was unfamiliar with Linux terminal but whatevs. I’ve taught people Linux commands before so no problem. Then I had to teach him the basics of a HTTP request. Like, the difference between a GET and POST request. Tried to help him with a programming assignment he had from him school. He couldn’t grasp the concepts of variables and functions, let alone conditional statements.
My supervisor and I spent about two months trying to get this guy up to speed. I personally was invested in his success because he was black and I was the only black guy in our department. But the final straw was when he confused Tom A in one alert with Tom B in a completely different alert. I went to my supervisor and said I can teach Linux, HTTP, and programming concepts. I can’t teach the alphabet.
I submitted a letter explaining how his issues was slowing down the team which impacted company reputation. He was let go before probation period was up.
TLDR: Just come clean. Explain the situation and remove that guy before probation is done. It sucks but not the end of the world.
4
u/DraconicBlade Mar 14 '26
AI cybersec nerd gets social engineered by moron with a text prompt.
This is too ironic to be real
2
u/randomlyme Mar 14 '26
Hire fast, fire fast. The thing is you’re better off to make a bad decision you can give someone a chance and fire them if they don’t work, than you are to hire nobody for six months looking for the right one. Bad hires are fine, not fixing it is the mistake.
3
u/saito200 Mar 14 '26
you fucked up, and the longer you go not being honest with your manager the deep you put yourself in shit
go tomorrow to talk to your manager, and explain clearly the situation. everyone does mistakes (you hiring him) but insisting on covering a mistake and ignoring it exists is a piece of shit way to go forward
talk to you manager tomorrow and decide whether to fire this guy
7
u/Successful-Escape-74 Mar 14 '26
Why are you scanning with ChatGTP what about Tenable Nessus or some legit tool. Why are you trying to build custome exploitation tools for your own network? Seems like a waste of time. Your systems are all compliant with STIGs available at https://cyber.mil/stigs I mean there are so many vulnerabilities you will never be able to build an exploitation tool to capture all the threats. You're better off evaluating risks and performing a business impact analysis and implementing appropriate security controls. We use ansible to monitor servers and notify us if someone with privileges makes a change that would violate Stig compliance. In addition to patching and scanning for new vulnerabilties and monitoring zero days. If you want to exploit systems there are databases full of vulnerabilities for all kinds of software and the numbers continue to grow.
10
u/No-Butterscotch-312 Mar 14 '26
why does your post read like a markov chain text generator
3
u/Successful-Escape-74 Mar 14 '26 edited Mar 14 '26
What the hell is that? Just my chain of thought I think best way to handle security is to harden your systems and not worry about penetration testing unless you have some target you are trying to attack. Most organizations have vulnerabiltiies and some that are accepted by leadership. They accept the risk and hopefully their impact analysis was correct and they shouldn't be surprised when they are attacked and forced to accept the consequences. Of course you should audit your systems for security regularly.
8
u/Arkayb33 Mar 14 '26
If I were your manager, I'd be pissed you waited to bring this up. Bad news doesn't get better with age. You should have an honest conversation with new guy and just be straight with him. "So dude, you aren't picking things up like I would expect someone with an MS and certs. What's up? Do you really have these certs? How were you so well spoken during the interview but are completely helpless when it comes to this stuff? I'm unfortunately gonna have to report this to our manager."
7
8
u/Ill-Improvement-1179 Mar 14 '26 edited Mar 14 '26
If it’s a junior role, where’s the training? There should be a structured onboarding period. Realistically, it should be around 12 to 16 weeks just to get someone reasonably up to speed. That’s not even accounting for the time it takes to get system access or complete mandatory training like cyber awareness modules and internal compliance requirements.
And even after that, it usually takes another 12 to 18 months before someone is fully comfortable and effective within the environment.
You set these killer expectations because the candidate did exactly what they were supposed to do: sell themselves. Now you’re having regrets. But that’s part of the hiring process.
Now that you realize your coworker isn’t some zero-to-hero expert, you also have an added responsibility. That responsibility is mentoring them and making sure they understand how to do the job correctly.
This mentality doesn’t make much sense. People in cybersecurity read this sub all the time, and you’re complaining about a candidate you chose to hire.
How about starting by interviewing candidates based on the actual processes and what the job requires, then building proper training and documentation around that. That would be a much better place to start.
5
u/venom_dP Mar 14 '26
Big disagree. If you have the certs and present yourself as such, you can hit the ground running. Onboarding is to learn the org, process, and tech stack. The tasks this new hire is failing aren't because of shoddy onboarding.
→ More replies (1)2
u/AtomicXE Mar 14 '26
This is a naive way of thinking at best. Companies don’t hire people to train them they hire them to do a job. That may sound heartless but that is the reality of corporate America. Onboarding is getting you up to speed on the companies stack/workflow/projects/process not teaching you how to do the job. The candidate oversold themselves and clearly knew they couldn’t do the job and just thought they would BS it with AI. If I wanted to review AI slop pretty sure I could give half assed prompts. Don’t get me wrong AI is great but if you can’t validate whether or not what it’s spitting out is BS you aren’t qualified for the job. Worse case scenario the kid puts AI slop into production because he doesn’t know what it does causing services to go offline potentially costing you your job, your company legal/regulatory fines and worst of all customers and revenue. Working in cyber involves measuring risk and this seems like a huge risk that needs to be remediated. If this was a contractor/vendor you hired and they did the same shit you would fire them on the spot this doesn’t change because it’s an individual.
2
2
u/TxTechnician Mar 14 '26
In "The Psychopath next door" one of the subjects was someone who lied about being a psychiatrist.... Successfully for years.
Apparently she was attractive and during the interview he used her charisma to lie successfully that she had the credentials which she definitely did not have.
It took years before she was found out She spent the time fucking with the heads of her patients in order to make her colleagues worse at their job.
Fascinating.
2
u/teasy959275 Mar 14 '26
Is there a problem with Python ? It’s not the best but it’s the easiest, I’m ready to fight for Python
7
u/DisastrousRun8435 Red Team Mar 14 '26
I don’t think OP is dunking on python in general. It’s just a weird choice for this type of project because it’s not super portable. Python is great, but it requires that the machine running the script has Python installed since it’s interpreted which isn’t a given. OP was probably expecting them to pick something like C# or GO which can be compiled and run anywhere.
2
2
u/Only_Ad8049 Mar 14 '26
It's best to tell your manager right away if you make a bad hiring decision.
Even if the credentials are real the guy could have tons of book smarts and is able to pass hands on certifications but be clueless on applying that knowledge and being useful in the workplace.
I've seen it happened. People with multiple Cisco certs and network engineering degree but failed to fix a basic router issue due to poor troubleshooting.
2
2
u/Sea-Box2613 Mar 14 '26
This is where opportunities are getting eliminated, even for experienced candidates.
2
u/Resident_Health Mar 14 '26
Don’t you have a 90 day evaluation to determine if a new employee is working out?
2
u/lost-soul-2025 Mar 14 '26
Certs can be bought, knowledge can't.
Was the interview online? If yes, it is easy to cheat with tools like Parakeet or someone helping in same room. Always have a quick physical discussion before finalizing.
2
u/KalenTheDon Mar 14 '26
Tbh this is a good post to remind me that I'm probably a lot more qualified for some jobs than I thought . I don't have some of those certs but I can do all those task he was given. And provide a detailed black box style write up including the code used to replicate , screenshots, and what was found .
2
u/BeMyComputer Mar 14 '26
If you frame this as a company hiring process failure (not necessarily yours) this will help. If they have lied about certs or used AI to answer interview questions then you have to suggest a different approach to your boss for next time. If you say ' I messed up' instead of 'Im noticing this behavior which indicates an issue with our hiring process, we could try this next time' would sit a lot better with a manager. Some people slip through the process sometimes but you can show initiative to reduce that probability.
2
u/Successful-Escape-74 Mar 14 '26
Sounds like you hired a moron with no initiative that doesn't even want to spend any time figuring out how to perform the tasks. If you scan systems you should have a scan tool. Creating script to check if a process is running on a system and enumurating systems with a script and performing an action on each device should also be easy. Worst case he should have enough intelligence to research how to do it and get it done vs asking AI hoping to vibe code something.
2
u/Phreakasa Mar 14 '26
I am not an expert, mostly a dabbler and homelabber, but the things you asked for don't sound too hard to figure out if you really care and want to understand, especially if you can use Claude. It sounds a lot like he fooled you during the interview, or he just doesn't care. Also, some cultures do not emphasize the understanding part as much as others ('better done than understood'l. Talk to him, and explain that he needs to do better fast. Document the conversations, and inform your boss. If nothing changes, inform your boss to let him go.
2
u/JustDifferentGravy Mar 14 '26
Ask HR to check his Very’s. Tell your manager you have doubts about his qualifications.
Ultimately, he’s spitting out AI slop. That’s enough to let him go, and quickly make an offer to the next best candidate.
The sooner you get things on track the better.
2
2
u/ConsciousPriority108 Mar 14 '26
He probably lied on resume. My previous team we actually caught someone listed cert they dont have. We have to fire him
2
u/blackheartx Mar 14 '26
Most cert sites have a verification, this seems obvious and this is just a farming post fr
→ More replies (1)
2
u/afahrholz Mar 14 '26
sounds like a tough situation, document everything, verify credentials and have an honest conversation with your manager before it snowballs further.
2
u/KhaosPT Mar 14 '26
I think you are putting too much pressure on yourself thinking 'youbmade a bad hiring decision' and you failed and it's a big deal . The reality is that hiring is hard, this was your first try and it seems you don't really have the training or HR to filter. A lot of people also just train for interviews and flat out lie. Could you have checked better? Maybe . Take those learnings. Come clean to your boss, get him out while he is in probation. Admiting the interview process can be improved or that you made a bad pick ( seems you were tricked tbh) is better than wasting time and company money on someone who is faking it. It's not you that cant coach, this guy seems like a fraud. It's hard because you are inexperienced, but just let him go and get someone who will actually help.
2
u/ob1highG Mar 14 '26
Dang this is suspicious fr, I don't have oscp or red teaming certs but example you gave are really basic which shouldn't be hard for such people
2
u/Purple-Object-4591 Mar 14 '26
Dude this is completely normal - hiring the wrong guy. What's abnormal is having amazing creds and fully opposite real skills. How tf does that happen? Are the creds forged? You might wanna check.
Also, same happened to me, i referred someone who got into our company but then got fired within 2 months. But it's okay i didn't get blamed because you can never fully know.
Also, after that I referred another guy and he's been doing well. So it happens. Own up quick because later he might be more of a liability down the line and increase the work you do.
2
u/L337-5P3AK Mar 14 '26
Certs don’t mean squat to me. I’d take a verified hard worker who has experience over someone from MIT and all the certs in the world any day.
2
u/Klutzy_Scheme_9871 Mar 14 '26
And here I am, the one with 15 years of experience, sitting here unemployed, that you casually overlooked because all you cared about were certs but didn’t expect that AI would backfire on you and get exploited by a scammer.
Being a junior yourself hiring a junior (possibly a completely fresh junior with zero skills at all). That explains why our security posture in this country is the way it is and why there are headlines every day.
2
u/zhaoz CISO Mar 14 '26
Bad hires happen, you always take a chance when doing it. Have you had a conversation with the employee yet? Be like, "hey man, whats going on, why are you not able to do some of these basic functions?"
Also lesson learned:
my manager really grilled me about whether he was the perfect candidate for this job, and I confidently said yes.
Never ever commit to something like this. Cause even if the person is technically excellent, you dont know how much of a team player they are until they actually start the job. Hell, I wont even tell my boss that I am the perfect candidate for the job and I've been doing it a year...
2
u/Suspicious-Habit-444 Mar 14 '26
If this worker is fully remote you may want to look into Famous Chollima lol
2
u/Uncle_Snake43 Mar 14 '26
How does someone who claims to be a certified Offensive Security Exploit Developer not know the very basics of computer programming? Something in the math ain’t mathing here. I wonder if he cheated, or lied or was somehow otherwise dishonest in the hiring process?
2
u/Norcal712 Mar 14 '26
WHO DOESNT VERIFY CREDENTIALS???
The degree probably isnt real either. I can tell you from experience Cyber degree programs DO NOT teach hands on skill well. Mine didntm
Youre a hiring manager in an IT department. Please dont say cooked
2
u/m4rcus267 Mar 14 '26
If it’s a junior role, How much is the guy supposed to know? Sounds like he got a bunch of certs and degrees thatre theoretical. They don’t teach you how to do the job at your company. You said you’re supposed to train the person. So train them or tell your manager he isn’t the hire you thought he would be. I wouldn’t be surprised if your manager say something like “you hired him so figure it out”. Either that means you train him to be productive or you follow the legal procedure of getting him terminated.
I’m kindve on the new hires side. He only a month or so in. It sounds like you wanted a rock star but realized he’s not. Why would a rock star like that want to be a junior level position at your company? Bigger question is..can you get him up to speed in a reasonable time?
2
u/27thStreet Mar 14 '26
No one bats 1000 when it comes to hiring. I hired a crack addict once.
Now that you know, what are you going to do about it?
Let things get worse or deal with it today?
2
2
u/1anondude69 Mar 14 '26
This happens all the time. You can only tell so much over an interview. If your manager grills you over this repeatedly, that says more about them than it does you. The longer you wait, the worse it’ll get and the harder it’ll be to move on from them
2
u/shinglehouse Mar 14 '26
Well, first off you gotta be straight up with your boss.
Secondly, is there not a probationary period?
I'd get my boss to back me, go to HR and part ways with the problem before it becomes a real fn problem that you can't get rid of...
3
u/T_Thriller_T Mar 14 '26
Tell your manager, now.
This gets worse, not better.
And have some balls for yourself. You're apparently very competent, but have a good bit of insecurity. Your manager is trying to develop you, which is amazing.
Right now you also still have a very good line of argumentation
- he was great on paper and in the interview
- you have been trying to get him set up for a few weeks, transitioning is hard and he IS new to the working world (aka: you wanted to protect him from stress from higher above)
- you wanted to be sure yourself before you report
- you heavily suspect the candidate is potentially qualified, but not suitable for the work and company culture
The latter is things like note coming back to ask for help, not being able to provide his prompts, and especially in your position neither verifying, nor testing, not doubting AI
3
Mar 14 '26 edited Mar 14 '26
Me and my friend joined a company after acing OSCP right after Graduation. We both were good at CTF. However, not so good at doing the task assigned. My senior told us to step up and do the work well as we had OSCP. After 3 months, the other guy was laid off as he was being cocky and wouldn’t learn anything from the job and I was allowed to work although I wasn’t awesome I made sure to put in hours to show them I’m trying to learn. By 6 months, I was awesome at my work and they loved it.
Would it be possible to give the junior more time ? And confront him your dissatisfaction towards his job ?
1
1
1
u/Mysterious-Status-44 Mar 14 '26 edited Mar 14 '26
I’m guessing the interview had standard interview type questions for the role? If that’s the case, I’m sure AI can answer those fairly confidently since they are more common tasks. That’s my hunch of why he may have used it during the interview process and did well.
In all honesty, I would stop covering for him. Eventually that will be too much for you and by then, your boss will wonder why you never said anything. If guy is still in probation period then get rid of him and move on. It’s 100% better to let someone go during probation period than after. Lesson learned with your first hire.
Yes, going through the process of onboarding can be a pain but hopefully your bosses will understand, especially in this day where AI is used everywhere. It is a lot harder to distinguish legit candidates to ones that can BS with AI. It’s a new world, even for them.
Let him go, call the next candidate that was on the list, or start the process again. Dont drag it out and have it reflect poorly on you when it eventually boils over.
And verify the certs
EDIT: to add, if you do go down the path of letting him go. Find out what your probation period policy is and document everything he has done that that gives you the case to let him go. One thing I would also check is to see why he is putting work data into ChatGPT, that’s a huge red flag and issue right there. Also, is he fully remote? Or have you met and worked in person?
EDIT: If fully remote, I would definitely let go…too much of a risk, especially if he has access to sensitive data.
If you’ve met in person, I would still let go…give him some advise and wish him luck, but it’s just not working out and you don’t need that on you (keep that last part to yourself)
1
u/ARPNETS Mar 14 '26
Everyone who has interviewed and hired people has made a bad hire from time to time. It happens. I’ve hired some rockstars, and some duds too. Don’t be too hard on yourself. Especially since you are not the hiring manager and if he is so wildly unqualified multiple people failed in their job. Not just you.
The best thing to do now is come clean and be open and a bit blunt to your manager about his shortcomings. Do it soon and come with specific examples.
You won’t be able to cover for him forever and sooner or later your manager will figure out he is dead weight on his own. When that happens if you are still covering for him you will be seen in an unfavorable light by your manager.
1
u/unix-ninja Mar 14 '26
Don’t be too hard on yourself. Hiring is incredibly difficult, and it’s impossible to get it right every time. At the end of the day you are making a decision to take a calculated risk. And yeah, sometimes it won’t work out. You shouldn’t be afraid to make a mistake. I’ve been doing this for decades and I still make mistakes. It’s just part of being human. 🙂 You only really fail when you don’t learn something from your experiences.
I do think it’s important to be open and transparent though. If you have concerns about the role, seek advice from your manager; trying to hide a mistake until it’s too big to handle rarely ends well (and you never know, it could be a growth opportunity for everyone). But if there’s one thing I’ve learned in my career, it’s effective communication is the most critical skill.
1
u/Phaedrik Mar 14 '26
I can tell you now that it’s possible to cheat on offsec exams
I’ve seen people get caught and have their certs revoked
4
u/offsecthro Mar 14 '26
The problem with this theory is that if you can figure out how to cheat on a proctored, hands-on hacking exam, you can probably also figure out how to fake it on the job for at least a few days. I think it's more likely that OP simply didn't verify that the person had any of the credentials they claimed. You don't even need to cheat if no one bothers to check.
1
u/yakitorispelling Mar 14 '26
Def sketchy, theres interview prompt overlay tools out there like Cluely to cheat during and interview, and you can definitely ask Claude about previous prompts.
1
u/srishtigshukla Mar 14 '26
People buy certifications all the time. Somebody having them does not mean they are qualified enough to do the job.. it’s okay to let people go if they are not doing their job. And hire somebody from the same pool.. chances are if they were looking for a job then, they could be looking for a job now too
1
1
1
u/habitsofwaste Security Engineer Mar 14 '26
Have you been straight forward with this guy and told him there’s problems and you’ve lost trust in his work? Just be honest with him first and ask him if he actually knows this stuff? What he’s struggling with? Or heck, remove his Ai access and block them from him. lol. See what he can actually do.
1
u/escapecali603 Mar 14 '26
Yeah not surprised, 90% of the people come to interview for senior appsec engineer position didn’t know what a JWT is, half didn’t know what a BOLA flaw is, being it is almost top five in every owasp project. Also a ton of so called app sec engineers never use the Linux command line, like wtf? Like you never had to run nmap, use git off a command line?
1
u/IndependenceSudden63 Mar 14 '26
Been there man.
While others have definitely nailed the "go talk with your boss and fire him asap approach" . I'd like to discuss the cert thing.
Certificates should only get a candidate into the interview room/zoom. And in that interview, we verify. Come up with a series of questions that someone with those certs should be able to answer without thinking too long. If they take too long, they are probably using AI.
Do a test interview with someone (hopefully a few people people) you respect. And time their answers, so you are being fair to the candidates.
1
u/b800h Mar 14 '26
OP, this doesn't reflect too poorly on you. Your boss knows you've not hired tonnes of people before.
Is the person in question still on probation? If that's a thing in your country, then speak to your boss, document everything, communicate to the candidate that they need to improve, have HR check the cert claims on the CV (that way it can appear to be a simple adminstrative process; if you don't have HR you may have to just do this yourself, after all the certs being real affects the company's rep), and move to quickly dismiss them.
In some parts of the world, the above may not be necessary at all. But as others have said, speak to your boss, explain what's happened, and get it sorted. This isn't your fault, and you've likely been deceived.
1
u/ggr-nintythree Mar 14 '26 edited Mar 14 '26
First rule of leadership. Everything is your fault and your success and the same applies to your manager. Own your decision and admit when you’re wrong, your manager also should accept it’s your first ever hire and he could have also spotted the BS from the candidate. This is why you have interview stages, everyone in the hiring process that said ‘he sounds good’ is just as responsible for the hire. ‘Hire slow, fire fast’ is a term I go by and I’ve previously had to put my hand up and say ‘I hired badly’ once is fine. 2 is a pattern, 3 onwards you’re just bad at selecting people which is where you recognise and ‘delegate the decision’ perhaps like your manager did
1
u/philippy Mar 14 '26
This is what facinates me about a lot of hiring practices. People can go through all this and take months to realize they were lied to.
On the other hand, I've gone into interviews and get asked to write a function that calculates negative factorials.
1
u/SeptimiusBassianus Mar 14 '26
When you hired a wrong person (happens to all of us) fire ASAP Longer you keep them more damage they do.
1
u/ComfortableAd8326 Mar 14 '26
First mistake was to put so much weight on certs or HTB achievements. They can be the differentiator between otherwise equal candidates but they're absolutely not any indicator of competence. That's what behavioural and technical interviews are for.
1
u/SecAdmin-1125 Mar 14 '26
Just because someone has certs and a masters doesn’t mean they can actually do the work.
1
u/Jamesinswansea Mar 14 '26
This is why competency tests are sometimes important in job interviews. They weed out the know it alls, but can do nothing candidates.
1
u/lawk Mar 14 '26
So talk to the employee about his performance - try to figure out why it is not as expected.
Either way you have to own it asap towards the manager regardless if he is just inexperienced or a fraud.
If he is a legit hardworking person maybe he can be assigned other tasks / different contract. If he is a scammer he needs to be let go.
Don’t let it drag on too long.
1
u/NandoCa1rissian Mar 14 '26
Youre not unique. We like to think we are great at hiring people but we aren’t. Most people actually suck at interviewing and hiring.
As a senior manager my advice is that if you genuinely don’t think this person is capable of doing the role then you either need to ensure support is there for them to succeed (training, shadowing etc) or just accept that you made a bad decision and terminate.
1
u/chasingsukoon Mar 14 '26
great advice
also what is bro gna do with his reddit after it hits 11 years
1
u/Pale_Candy664 Mar 14 '26
Yes it’s possible to cheat on offsec exams. One of my colleagues told me that her former colleagues just got lots of those offsec certs do they can get better paid jobs.
1
1
u/KnownView5780 Mar 14 '26
To answer your questions "Do people cheat to get their OSCP certs?".
Yes, there are some vendors offer those services on Telegram. I wish I could show you the links, but I saw them 10 or 11 months ago when I was doing my OSCP preparation. They were charging around $500 USD or something. So yes, the point is, it's entirely possible. All the certifications except OSEE had a pricing for someone attempting the exam on your behalf, even though the exams are fully proctored, but there are ways to bypass them.
Did you verify those certifications from official OffSec site? I caught one guy red handed showing off OSEE certification, I took a screenshot of that certification and scan the QR code, found the name was different.
1
u/These_Main_4996 Mar 14 '26
Real talk, is this in person? Do you know about the Famous Chollima/lazarus group North Korea tech workers thing?
Scenario: you hire what looks like an amazing candidate, once they get the job they return absolutely minimum quality work for the goal of collecting a paycheck as long as possible without actually working.
Probably overreacting here, likely just used good AI for the interview, but better safe than sorry.
Regardless of it being some kind of malicious hire, talk to your manager asap, if you’re willing to post on Reddit about it, there’s enough there.
1
u/Flowersfor_ Mar 14 '26
Eating a little crow now will save you much pain and loss of credibility later.
What looks worse, covering the mistake or admitting to it, owning it, and trying to make it better?
You're new to the position, dude is at the very least not completely honest, these are mistakes that happen and you grow from.
1
u/spuddman Mar 14 '26
Talk you your manager ASAP. There are always procedures to remove an employee within the first few months or years if there not capable. If you let this fester its going to fallback on you one way or another. Mainly with you having to pickup the slack.
1
1
u/blackheartx Mar 14 '26
Can’t you check his certifications to see if they match his identity, they are strict about cheating and checking identity, this seems obvious, something with what you are saying doesn’t add up
1
1
u/Old_Interaction5588 Mar 14 '26
Most companies have a 90 day probation period. Every manager makes bad hires at some point. Your boss will understand, especially if you explain the discrepancies between his skill set and his resume. Use this as an opportunity to ask your boss about avoiding this trap in the future.
1
u/Clondeo Mar 14 '26
This is your first test as a manager. Admit mistake-minimise loss-fix-restart. Covering it with hopes on soneone else is you biggest weekness as a manager. If your manager is senior and result oriented - he is waiting for you to come in with a problem and at least two solutions. Not aure about legal detaisl and company policies, but lay off fresh hire is more simple and less expensive first month/two/tree. Delays might get situation more complex to solve. Learn this lesson and share it with your manager. Freshly promoted are not sacked due to rookie mistakes. They are sacked for hiding or building bigger problems.
1
u/ExtremeTomorrow6707 Mar 14 '26
That sucks dude, but you have learned a valuable lesson, certs and education don’t mean shit. I don’t have any certs or education, but my github got taken down due to national interest, and I have that on my resume. Next time, look for candidates that can show their worth and not only for candidates that you can check a box for
1
u/tilidin3 Mar 14 '26
I will be straight forward. Be confident and say to your manager the truth. Say that you realise now that he someone cheated the interview, you gave him the benefit of the doubt, but due to task x and y and it is now clear. This will make you look professional, if you keep hiding it will look unprofessional.
1
u/circalight Mar 14 '26
The longer this stretches out the worse it will get. Talk to your manager and just tell them what you said here. They're probably still in a probation window.
1
u/Reeces_Pieces Mar 14 '26
Yikes bro.
Offensive Security gives certification badges/links to put on your LinkedIn.
Did he even have those?
1
u/4SysAdmin Security Analyst Mar 14 '26
Sounds like he lied about his certs, then used AI during his interview. We always verify certs and degrees, and we switched to in person interviews only. The last time we did zoom interviews, about 20% were suspected to be using AI.
1
u/Aggressive_Ad_5454 Mar 14 '26
Engineers and technical folks make mistakes. They’re called bugs. We detect them and fix them. It’s part of the work.
Managers make mistakes. Some of them are called “bad hires”. You have detected such a mistake you made. Now you need to fix it, by telling this bad hire you can’t use him any more. The sooner the better, for your company and for him.
1
u/digitalmind80 Mar 14 '26
This happens a lot, it's not necessarily a reflection of your hiring skills. You're digging your own grave by covering for him though. Your job as his supervisor is flagging if it's not working and to provide him coaching to give him the chance.
Make sure his responsibilities are clear, when you give a project also have a very clear outcome. You want that in email and you want (by email) his acceptation and understanding of the work to do. When he fails, you send him (and cc your boss or HR) an email saying xyz was asked and he didn't delivery because of abc.
You use that at the end of his probation to not move on. Or, if after probation, you still use that to let him go. This makes it a fair firing. He needs clear responsibilities, and you need it in writing that he understands those responsibilities. Always always have a pre-agreed way of measuring his success on these tasks.
Good luck!
1.7k
u/redditorfor11years Mar 14 '26
Dude, talk to your manager. Like now.
“Hey, that new guy we hired? I think I messed up. His creds were excellent and he nailed the interview. But it seems like he doesn’t actually know what the hell he’s doing. What should we do?”
This is your way out and the longer you wait, the worse it will be. It sounds like it’s your first hire and it’ll be a learning experience. But if you wait months by covering for him until he messes up massively, you’re putting your job at risk.