Career/Job Related Stuff

101
Business
Career Growth/Progression
Careers in InfoSec
Choosing a Job/Looking for Work
Company Culture
Compensation
Contracting & Consulting
Difficult Conversations
Employee Attrition
General(Miscellaneous)
Hiring
Imposter Syndrome
Independent Business
Informal Laws & Principles
Interview Prep
Interviewing
Management
Meetings
Mental Health
Mentoring
Metrics
Networking(social)
Non-Competes
Non-Technical Skills
Organizational Theory
Performance Reviews
Post-Mortems
Project Management
Resume
Strategy
Teams
Testing
Other
Industry

Career Information

101
- Ten Simple Rules for Doing Your Best Research, According to Hamming
- ‘Thought Leader’ gives talk that will inspire your thoughts | CBC Radio (Comedy/Satire Skit)
  - Self proclaimed “thought leader,” Pat Kelly gives his talk on “thought leadership” at the annual This Is That Talks in Whistler, B.C. In the seminar, Kelly covers: How to talk with your hands, how to get a standing ovation, and how to inspire people by saying nothing at all.
- Lack of progress exposed by the Canary MacGuffin - rachelbythebay
- Strategy Letter I: Ben and Jerry’s vs. Amazon - Joel on Software
- Defining The Corporate Hierarchy - Erik Dietrich
- The Beggar CEO and Sucker Culture - Erik Dietrich
- One week of bugs - Dan Luu
- I could do that in a weekend! - danluu.com
- Harvey Weinstein and the Common Knowledge Game - Ben Hunt
- Cybersecurity Career Pathway
- Tech Company Org Charts(Joke)
- Keynote by Jayson Street at leHACK 2019 in Paris
  - What is a Hacker Convention & who deserves to be called a Hacker (Plus other uncomfortable discussions with Jayson)
- Real Software Engineering by Glenn Vanderburg(Lone Star Ruby Conference(2010)
  - Software engineering as it's taught in universities simply doesn't work. It doesn't produce software systems of high quality, and it doesn't produce them for low cost. Sometimes, even when practiced rigorously, it doesn't produce systems at all. That's odd, because in every other field, the term "engineering" is reserved for methods that work. What then, does real software engineering look like? How can we consistently deliver high-quality systems to our customers and employers in a timely fashion and for a reasonable cost? In this session, we'll discuss where software engineering went wrong, and build the case that disciplined Agile methods, far from being "anti-engineering" (as they are often described), actually represent the best of engineering principles applied to the task of software development.
- The Rise of the Meritocracy - Wikipedia
  - [...] a book by British sociologist and politician Michael Dunlop Young which was first published in 1958. It describes a dystopian society in a future United Kingdom in which intelligence and merit have become the central tenet of society, replacing previous divisions of social class and creating a society stratified between a merited power-holding elite and a disenfranchised underclass of the less merited. The essay satirised the Tripartite System of education that was being practised at the time.
- Operator: The Well-Rounded Hacker - Matthew Curtin(CircleCityCon2018)
  - Technical skills are of little value if they cannot be put to work, which is to say, put in context. While specialization, and even hyperspecialization can provide certain advantages, it comes at a cost: the inability to adjust to changes outside of one's field of expertise. It is no secret that demand for "security professionals" is high, that barriers to entry are great, and that rate of burnout is high. What starts as specialization ends with pigeonholed: trapped in a position that is unrewarding. We introduce the *Operator*: a hacker with not only depth of knowledge, but important breadth, and the ability to apply the combination of skills to problems and opportunities encountered over a lifetime.
Attention
- Attention is your scarcest resource - benkuhn.net
Business
- When Everything That Counts Can’t Be Counted - Joshua M. Brown
- The Trillion-Dollar Vision of Dee Hock - Mitchell Waldrop(FastCompany)
- The Longest Yard: Reorganizing IT for Success - Bruce F. Webster
- How Complex Systems Fail - Richard I. Cook
- Big companies v. startups - Dan Luu
- The Innovation Equation - Safi Bahcall
- The story of Totlol
  - Example/reminder of why you don't build your product on someone else's API.
- Benchmarking - Wikipedia
  - Benchmarking is the practice of comparing business processes and performance metrics to industry bests and best practices from other companies. Dimensions typically measured are quality, time and cost.
- Capability Immaturity Model - Wikipedia
  - Capability Immaturity Model (CIMM) in software engineering is a parody acronym, a semi-serious effort to provide a contrast to the Capability Maturity Model (CMM). The Capability Maturity Model is a five point scale of capability in an organization, ranging from random processes at level 1 to fully defined, managed and optimized processes at level 5. The ability of an organization to carry out its mission on time and within budget is claimed to improve as the CMM level increases.
- Explain Security To Business People - wiki.c2
- Sharpe ratio - Wikipedia
  - In finance, the Sharpe ratio (also known as the Sharpe index, the Sharpe measure, and the reward-to-variability ratio) measures the performance of an investment (e.g., a security or portfolio) compared to a risk-free asset, after adjusting for its risk. It is defined as the difference between the returns of the investment and the risk-free return, divided by the standard deviation of the investment (i.e., its volatility). It represents the additional amount of return that an investor receives per unit of increase in risk.
Career Growth/Progression
- How Developers Stop Learning: Rise of the Expert Beginner - Erik Dietrich
- Your Job Title of Tomorrow: Efficiencer - Erik Dietrich
- Things I Learnt The Hard Way (in 30 Years of Software Development) - juliobiason.net
- [Recommended Reading for Developers(2015) - blog.codinghorror.com]
- Research Debt - Chris Olah, Shan Carter
- A day at the park - mused
- The Asshole Filter - Siderea
- Hacking a Security Career - Deviant Ollam(WWHF19)
- Accelerate Your Career By Building FIVE Critical Professional Skills - Ted Demopoulos
- Continuous Skills Improvement For Everyone - Matt Scheurer(OISF19)
Careers in Information Security
- 101/General
  - NICE Cybersecurity Workforce Framework - NICCS.us-cert.gov
  - Cyber Career Pathways Tool - National Initiative For CyberSecurity Careers and Studies
    - This tool presents a new and interactive way to explore work roles within the NICE Cybersecurity Workforce Framework. It depicts the Cyber Workforce according to five distinct, yet complementary, skill communities. It also highlights core attributes among each of the 52 work roles and offers actionable insights for employers, professionals, and those considering a career in Cyber.
  - Q: Why Do Keynote Speakers Keep Suggesting That Improving Security Is Possible? A: Because Keynote Speakers Make Bad Life Decisions and Are Poor Role Models
    - Some people enter the technology industry to build newer, more exciting kinds of technology as quickly as possible. My keynote will savage these people and will burn important professional bridges, likely forcing me to join a monastery or another penance-focused organization. In my keynote, I will explain why the proliferation of ubiquitous technology is good in the same sense that ubiquitous Venus weather would be good, i.e., not good at all. Using case studies involving machine learning and other hastily-executed figments of Silicon Valley’s imagination, I will explain why computer security (and larger notions of ethical computing) are difficult to achieve if developers insist on literally not questioning anything that they do since even brief introspection would reduce the frequency of git commits. At some point, my microphone will be cut off, possibly by hotel management, but possibly by myself, because microphones are technology and we need to reclaim the stark purity that emerges from amplifying our voices using rams’ horns and sheets of papyrus rolled into cone shapes. I will explain why papyrus cones are not vulnerable to buffer overflow attacks, and then I will conclude by observing that my new start-up papyr.us is looking for talented full-stack developers who are comfortable executing computational tasks on an abacus or several nearby sticks.
  - VB 2019 London Keynote address: The security products we deserve
    - Everybody decries the state of the industry. Everyone hates the over-hyped headlines, the obvious FUD and the shameless snake-oil. So why do we have so much of it? This talk aims to examine several of the dark-patterns that have become perfectly acceptable in infosec and then aims to drill down to their root causes. With any luck, we will also get to discuss some options to chart our way out of this mess.
  - How to Start in InfoSec - Mubix
  - "Firemen vs Safety Matches" - Amélie Koran(ShmooCon XV 2019)
  - So, you want to work in security? - Parisa Tabriz(2016)
- Educational/Informational
  - Navigating Career Choices in InfoSec - Fernando Montenegro - BSides Detroit2017
    - Making career choices can be intimidating and stressful. Perhaps this presentation can help. The tidal forces affecting technology impact our careers as well. If we're not actively managing them, we're leaving decisions to chance (or to others), and may not like the outcomes. This presentation describes a framework I've used over the past few years to evaluate both ongoing job satisfaction as well as new opportunities as they appear. I'm happy with the outcomes I've obtained with it, and have used this same framework when providing advice to others, and it has been well received. Hopefully it can help others as well.
  - Infosec Tools of the Trade: Getting Your Hands Dirty
    - In this presentation we'll will be going over introductions to the various focuses in information security and demoing the most common tools that are used in operational security, both offense and defense. You'll leave with an idea on how to freely obtain and use these tools so that you can have what you need for that first interview: experience and a passion for security. This is a green talk for people who don't have a clue on what offensive and defensive people do operationally, from a tool perspective.
  - So You Want To Be A H6x0r Getting Started in Cybersecurity Doug White and Russ Beauchemin
  - How to Get Any Job You Want (even if you’re unqualified) - Raghav Haran
  - Getting Hired: A Few Tips - Mubix
  - Day-1 Skills That Cybersecurity Hiring Managers Are Looking For - Daniel Messler
  - What is the difference amongst a TPM, PM, and EM in a technology company? How do they typically work together? - Quora
  - Hack Apart Your Career: How to Fund Doing What You Love - John Grigg(WWHF2019)
    - Our field is full of extremely creative people who have a lot to offer the industry. But often we lose focus because we are working for a company that has their own goals and competing priorities. This leads to long hours of work, a declining quality of life, and various other troubles. In this talk I focus on the tidal wave of DOD-related opportunities that exist to fund novel research and cutting edge technology, all while allowing autonomy of the individual. I've personally used these sources to transition to running my own company and have helped a lot of folks in the industry do the same. I'll discuss why people should consider this as a career path, where to find these resources, and walk through exactly how to apply.
  - From Barista to Cyber Security Pro - Alyssa Miller(DEF CON Safe Mode Career Hacking Village)
  - How to Social Engineer your way into your dream job - Jason Blanchard(Derbycon2016)
  - How to Hunt for Jobs like a Hacker - Jason Blanchard(2020)
    - Job hunting? Looking for a career change? Still in college and want to know how to get started now in your career? Have an hour free on a Thursday afternoon? If you answered yes to any of these questions, this might be the BHIS webcast for you. This webcast is an update to Jason's popular recorded DerbyCon 2016 talk -- How to Social Engineer Your Way Into Your Dream Job. If you don't want to wait, you can watch that now. https://youtu.be/__lvS2pjuSg What will be covered? * How to combine OSINT, marketing technology, and a hacker/social engineer mindset to job hunting; How to be a hunter of jobs... not just a seeker of jobs; How to write your resume during the job hunt; You might already have your dream job The hope of this webcast is that you'll look at job hunting differently and apply the skills and techniques in an effective way to help you get the career of your dreams... or at least a job for now that will help you get to the career of your dreams in the next 5 years.
- Interview Preparation
  - How to prepare for an infosec interview - Timothy DeBlock
- Relevant Standards
  - NICE Cybersecurity Workforce Framework
    - The NICE Framework, NIST Special Publication 800-181, establishes taxonomy and common lexicon that is to be used to describe all cybersecurity work and workers irrespective of where or for whom the work is performed. The NICE Framework is intended to be applied in the public, private, and academic sectors. (USA Focused)
- Switching Jobs
  - The Difficult Decision to Switch Jobs - Katie Nickels(2020)
- Application Security
  - Pushing Left, Like a Boss: Table of Contents - SheHacksPurple
    - The following is a table of contents for my modern-day book, based off of a talk I wrote in 2016 entitled “Pushing Left, Like a Boss”. It serves as a foundational lesson on what “Application Security” is, and how to get started. I hope you find the series helpful.
- Autonomous Vehicles
  - Want to become an autonomous vehicle engineer? - Kyle Martin
- Data Scientist
  - What Data Scientists Really Do, According to 35 Data Scientists - HBR
  - How to Become a Data Scientist - On your own - Zeeshan Usmani
- Penetration Tester
  - Articles & Writeups
  - On-The-Job Experiences
    - A Pentester’s Voyage – The First Few Hours - Jordan Drysdale(2020)
  - Talks & Presentations
    - So you think you want to be a penetration tester - Defcon24
      - So, you think you want to be a penetration tester, or you already are and don't understand what the difference between you and all the other "so called" penetration testers out there. Think you know the difference between a Red Team, Penetration Test and a Vulnerability assessment? Know how to write a report your clients will actually read and understand? Can you leverage the strengths of your team mates to get through tough roadblocks, migrate, pivot, pwn and pillage? No? well this talk is probably for you then! We will go through the fascinating, intense and often crazily boring on-site assessment process. Talk about planning and performing Red Teams, how they are different, and why they can be super effective and have some fun along the way. I'll tell you stories that will melt your face, brain and everything in between. Give you the answers to all of your questions you never knew you had, and probably make you question your life choices. By the end of this session you will be ready to take your next steps into the job you've always wanted, or know deep inside that you should probably look for something else. There will be no judgment or shame, only information, laughter and fun.
    - So you want to be a pentester? - Hans-Michael Varbaek
      - This presentation gives the viewer an idea of what it is to be a pentester full-time, what a pentester typically works with, how to learn ethical hacking, and improving your chances of getting a full-time job.
    - Certification? College?: How do you get into Cybersec really? - Doug White(WWHF2018)
      - Doug White talks about College options, Certifications, and what you need to do to break into the Cybersec field. How to start and move your career if you want to make a living, legally.
    - Hold my Red Bull Undergraduate Red Teaming Jonathan Gaines
    - What to Expect in an Ethical Hacking Interview - TheCyberMentor
- Reverse Engineering
  - Reversing w/o reversing – how to become Alex in practice - hexacorn
  - How to start RE/malware analysis? - hasherezade(2018)
- Security Analyst
  - Security Analyst Workshop - Florian Roth(2019/3)
- Security Engineer
  - So you want to be a security engineer? - Niru Ragupathy
  - How to Secure Anything - Veeral Patel
    - How to systematically secure anything: a repository about security engineering
- Security Researcher
  - So you want to be a web security researcher? - James Kettle(2020)
- SRE
  - Google SRE Book - HTML version
  - Do you have an SRE team yet? How to start and assess your journey - Google
- Threat Intel
  - A Top 10 Reading List if You’re Getting Started in Cyber Threat Intelligence - Katie Nickels(2019)
- (Technical) Product & Project Managers
  - Technical Program Managers vs Product Managers vs Product Managers – Technical vs Engineering Managers - Mario Gerard(2018)
CEOs
- What Only the CEO Can Do - A. G. Lafley
- How CEOs Manage Time - Michael E. Porter, Nitin Nohria
- The CEO’s most important operational responsibility - Gokul Rajaram
- Control fraud - Wikipedia
- How CEOs think - Robert Graham(2020)
Choosing a Job/Looking for Work
- How to Get Any Job You Want (even if you’re unqualified) - Raghav Haran
- 80+ Back Doors Into Cyber Careers - keirstenbrager
- Common Sense Career Transitions - Celeste Thayer[DC206]
  - Have you considered a tech career that was "above your pay grade"? What about a dream gig that you have few or - gasp - none of the basic qualifications for? Celeste will give you a few tips on how to identify skill gaps, then learn, network, and otherwise wrangle yourself into a job you wanted but never thought you could apply for, and have a better chance to pass the resume review stage.
- There Is No Shortage of Talent - There's a Shortage of Suckers - ResumeSkills.us
- Pushing Left, Like a Boss: Part 1 - SheHacksPurple
- The Secret Rules For Getting Hired - Terence Eden
- How To Land A Job In Infosec
- How to Get a Programming Job without a Degree - Erik Dietrich
- Startups
Communication
- SBAR - Wikipedia
  - SBAR is an acronym for Situation, Background, Assessment, Recommendation; a technique that can be used to facilitate prompt and appropriate communication.
Company/Org Culture
- 101
  - The Holloway Syllabus on Company Culture - Haley S. Anderson(2019)
  - American Cultural Assumption - wiki.c2.com
- Articles/Blogposts/Writeups
- Talks/Presentations/Videos
  - This is not fine - Surviving Cynicism and Building Happy Security Teams - Chris Deibler(BlueHat v18)
    - Slides
  - Engineering Empathy: Adapting Software Engineering Principles and Process to Security - Craig Ingram, Camille Mackinnon
    - Slides
  - "The Hard Parts of Open Source" by Evan Czaplicki(StrangeLoop2018)
    - As more people enter /r/elm and the Elm discourse, I have thought a lot about how "online communities" work. Patterns of conflict. Why those patterns exist. Structures that would diffuse that conflict in healthy ways. Initially I just wanted to get yelled at less, but I instead stumbled upon "a cultural history of open source" that may reveal a path to more civil and productive online communication in general. Attendees will leave with (1) an inside perspective on open source projects, (2) a historical and cultural framework that I think can improve online communities right now, and (3) some interesting references and ideas to explore further in their own projects and interactions.
Compensation/Equity
- See 'Salary Negotiations' under interviewing
- H1B Salary Database - h1bdata.info
- Compensation in 2019 New Grad Tech Offers - Jon Luca
- How to Calculate and Communicate Your Desired Total Compensation - Danile Miessler
- Equifax Could Be Selling Your Salary History. Here’s How To Protect It(2017 - Joel Winston)
Conflict Resolution
- Why We Can't Have Nice Things: Original Research on Conflict Resolution Styles in Information Security & Risk Management - Rachael Lininger(BSides LV2015)
  - Conflict can be a good thing, really. Without it, we get groupthink and dumbass decisions. But how we approach and resolve conflicts can make the difference between healthy conflict and an unproductive, frustrating fight. Why do we have so much of the latter? My graduate research on the conflict resolution style preferences of information security professionals sheds light on the “culture of no”: why infosec conflict so often results in fights, why we keep burning bridges to make a point, and why people can be unwilling to talk to us. More importantly, this research gives us ideas on how we can resolve conflicts without burning all the bridges" in other words, how we can begin to have nice things. (No hackers or statistics were harmed in this research.)
Consulting & Contracting(Independent Business)
- About
  - Not A Full Timer: Slight difference from Pro to cattle - Mohamed Hayibor
    - A quick litmus test: if you’re getting paid by the hour. You’re not a full time employee. You’re a contractor.
  - Entrepreneurial Adventures - Bryson Bort(DEF CON 28 Safe Mode Career Hacking Village )
    - So you’re not crazy, you just want to start your own company. Which kinda takes a level of crazy to pull it off. We’ll talk through what it takes to be an entrepreneur, ideation and the phases of startup, different kinds of companies (service, product, non-profit), how and why (or why not) to raise capital, types of investors, legal requirements, working (or not) with friends, challenges, building total/service addressable market size, back-office administration, employee benefits, equity, pricing, Intellectual Property Rights, economics, and resources for more information and networking. Will include anecdotes and insights of my experiences starting several companies and from multiple founders across the spectrum.
- Billing
- Building
- Consulting
  - Successful Infosec Consulting 101 - Ted Demopoulos
  - Successful Infosec Consulting: Lessons from Three Decades in The Field - Ted Demopoulos
  - Managing Client Relationships as an Investment Banker, Lawyer or Consultant - Jim Donovan(2015)
    - Goldman Sachs managing director and Law School adjunct professor Jim Donovan shares his insights on the skills necessary to manage and cultivate client relationships. Donovan is responsible for advising many of the largest corporate and individual clients of Goldman Sachs. (University of Virginia School of Law, Nov. 6, 2015)
- Contracts
  - Contract drafting for an engagement - Craig Wright(pen-test mailing list 2006)
- Engaging Clients
- Policies & Regulations
  - The SOC2 Starting Seven - Latacora Blog
    - Sage advice about SOC2 from Latacora.
- Scoping
  - Hacking Techniques & Intrusion Detection - Ali Al-Shemery
    - Guidance on preparing for an engagement.
Decision Making
- Square Defangs Difficult Decisions with this System — Here’s How - Gokul Rajaram
- $how Me the Money! (Getting Business Buy-in) - Carlota Sage(BSidesSLC 2020)
- Architecture decision record (ADR)
  - Architecture decision record (ADR) examples for software planning, IT leadership, and template documentation
Difficult Conversations
- Our 6 Must Reads for Cutting Through Conflict and Tough Conversations - firstround.com
- 7 Tips for Difficult Conversations - Daisy Wademan Dowling(HBR)
- How to Have Difficult Conversations When You Don’t Like Conflict - Joel Garfinkle(HBR)
- Civilized Discourse… But How? - Jeff Atwood
- Books
  - Difficult Conversations How to Discuss What Matters Most By Douglas Stone, Bruce Patton and Sheila Heen
Disagreement
- How to Disagree - Paul Graham(2008)
- My Twitter-Discussion-Deescalation Policy - Halvar Flake(2020)
- How to Fix the Co-Founder Fights You’re Sick of Having — Lessons from Couples Therapist Esther Perel
- Disagree and Commit: The Importance of disagreement in decision making - Simón Muñoz(2019)
- Imago therapy - Wikipedia
Employee Attrition
- How To Keep Your Best Programmers - Erik Dietrich
- The Wetware Crisis: TEPES - Bruce Webster(2008)
- The Wetware Crisis: the Dead Sea effect - Bruce Webster
- The Elves Leave Middle Earth – Sodas Are No Longer Free - Steve Blank
Employer References
- State Laws on References and Statements By Former Employers - Barbara Kate Repa(Nolo.com)
Finance
- Unit: Accounting and financial statements - Khan Academy
- Financial Statements: A Beginner's Guide - Tamiur Abdaal(2020)
General
- Mozilla Enterprise Information Security
- Rating Infosec Relevant Masters Programs - netsecfocus
- Career advice I wish I’d been given when I was young - 8000 Hours
- In Nobel Prize lecture, lessons for managing employee incentives - Kara Baskin(MIT Sloan)
- The worst morale boosting gesture I've experienced - Terence Eden
- How to Identify an Immoral Maze - thezvi
- How Software Groups Rot: Legacy of the Expert Beginner - Erik Dietrich
- Moral Mazes: Bureaucracy and Managerial Work - Robert Jackall
Hiring
- What I Learned Doing 250 Interviews at Google - Moishe Lettvin
- F*** You, I Quit — Hiring Is Broken - Sahat Yalkabov
- Hiring is Broken And Yours Is Too - RajivPrab.com
- In Head-Hunting, Big Data May Not Be Such a Big Deal - Adam Bryant
  - "This interview with Laszlo Bock, senior vice president of people operations at Google, was conducted and condensed by Adam Bryant."
- Here's Google's Secret To Hiring The Best People - Lazlo Bock(Wired - 2015)
- Hiring is Broken… And It Isn’t Worth Fixing - Erik Dietrich
- A Players Don’t Hire A Players — They Partner with A Players - Erik Dietrich
- The Hiring Post - sockpuppet.org
- On Secretly Terrible Engineers - Danny Crichton
- Hiring and the market for lemons - Dan Luu
- Our 6 Must Reads for Onboarding Tactics That Help New Hires Succeed (and Stay) - FirstRoundReview
- Engineering Hiring - obvious.in
Impostor Syndrome
- Would the real imposter please stand up? - Dr. Jessica Barker(SteelCon2016)
- Dark Matter Developers: The Unseen 99%(2012) - Scott Hanselman
Informal Laws & Principles(and other things)
- Akin's Laws of Spacecraft Design - David L. Akin
- The Fallacy Of Chesterton’s Fence - Keith Lee
  - If you think you can improve a policy or procedure in your office, first ask yourself: Are you falling victim to the fallacy of Chesterton's fence?
- Conway's Law - Wikipedia
- Dilbert Principle - Wikipedia
  - The Dilbert principle refers to a 1990s theory by Dilbert cartoonist Scott Adams stating that companies tend to systematically promote their least competent employees to management (generally middle management), to limit the amount of damage they are capable of doing.
- The Gervais Principle - RibbonFarm
- Gervais Principle questioned: MacLeod’s hierarchy, the Technocrat, and VC startups - Michael O Church(2013)
- Golden Hammer - wiki.c2.com
- Goodhart's law - Wikipedia
- Gresham’s Law: Why Bad Drives Out Good As Time Passes - Farnam Street
- HiPPO FAQ
  - Highest Paid Persons Opinion
- Induced demand - Wikipedia
- The Iron Law of Bureaucracy
  - Pournelle's Iron Law of Bureaucracy states that in any bureaucratic organization there will be two kinds of people":
    - First, there will be those who are devoted to the goals of the organization. Examples are dedicated classroom teachers in an educational bureaucracy, many of the engineers and launch technicians and scientists at NASA, even some agricultural scientists and advisors in the former Soviet Union collective farming administration.
    - Secondly, there will be those dedicated to the organization itself. Examples are many of the administrators in the education system, many professors of education, many teachers union officials, much of the NASA headquarters staff, etc.
  - The Iron Law states that in every case the second group will gain and keep control of the organization. It will write the rules, and control promotions within the organization.
- Law #8: The Law of Duality - ericsink.com
- No Silver Bullet - fmiljang.co.uk
- Parkinson's Law - Wikipedia
- Parkinson’s law: how constraints can create freedom - Anne-Laure
- Peter Principle - Wikipedia
  - The Peter principle is a concept in management developed by Laurence J. Peter, which observes that people in a hierarchy tend to rise to their "level of incompetence". In other words, employees are promoted based on their success in previous jobs until they reach a level at which they are no longer competent, as skills in one job do not necessarily translate to another. The concept was enunciated in the 1969 book The Peter Principle by Peter and Raymond Hull.
  - It was originally written as a satire.
- Robustness Principle - Wikipedia
- Simpson's paradox - Wikipedia
- The Shirky Principle - Technium
  - “Institutions will try to preserve the problem to which they are the solution.” — Clay Shirky
- hacker-laws
  - Laws, Theories, Principles and Patterns that developers will find useful.
Interview Prep
- Articles/Blogposts/Writeups
- Interview Questions
  - Ask Me This Instead - Kendra Haberkorn
  - test-your-admin-skills
    - A collection of *nix Sysadmin Test Questions with Answers for Interview/Exam (2018 Edition).
  - Linux System Administrator/DevOps Interview Questions - chassing
  - offensiveinterview - WebBreacher
    - Interview questions to screen offensive (red team/pentest) candidates
  - test-your-admin-skills
    - A collection of *nix Sysadmin Test Questions with Answers for Interview/Exam (2018 Edition).
  - Security_Engineer_Interview_Questions - Tad Whitaker
  - Application Security Engineer Interview Questions
  - Cyber Security and DFIR Interview Questions - kunwar-atul-hax0r.blogspot
  - web-sec-interview
    - Information Security (Web Security/Penetration Testing Direction) Interview Questions/Solutions 信息安全(Web安全/渗透测试方向)面试题/解题思路
  - Network Security Engineer Interview Questions - jobinterviewquestions.com
  - what-happens-when
    - An attempt to answer the age old interview question "What happens when you type google.com into your browser and press enter?"
  - Interview Tips (Information Security) - jigerjain
  - fuck-coding-interviews
- Interview Questions
  - Reverse interview
    - This is a list of questions which may be interesting to a tech job applicant. The points are not ordered and many may not apply to a given position, or work type. It was started as my personal list of questions, which grew over time to include both things I'd like to see more of and red flags which I'd like to avoid. I've also noticed how few questions were asked by people I interviewed and I think those were missed opportunities.
  - 4 categories of questions: Connect, Culture, Challenges, Close
    1. How did you come to work here?
    2. What do you love most about working here?
    3. Tell me about the most successful hire and why?
    4. Who didn't succeed as a new hire and why?
    5. Tell me about the company's biggest challenge this year and how will this job help to solve it?
    6. How will I measure my performance so I know I'm having a positive impact?
    7. If there were some skills or experience that you wish I had, what would they be?
    8. What are the next steps in the process?
Interviewing
- 101
  - STAR Method Technique Interview Questions & Answers - Christian Eilers
- Experiences/Lessons Learned
- 'Culture Fit'
  - Raising the Bar - The Unconventional Interview Method That Really Works - socialtalent
  - The Trouble With "Culture Fit" - Rich Moy
- Articles/Blogposts/Writeups
  - Guide to Guerilla Interviewing Discussion - C2
  - The Technical Interview is an Ego Trip - Kowsheek(2020)
  - The Horrifically Dystopian World of Software Engineering Interviews - jarednelsen.dev(2020)
  - The Joel Test: 12 Steps to Better Code - Joel Spolsky
  - The Rands Test - RandsinRepose
    - It’s hard to pick a single best work by Joel Spolsky, but if I was forced to, I’d pick The Joel Test. It’s his own, highly irresponsible, sloppy test to rate the quality of software, and when anyone asks me what is wrong with their team I usually start by pointing the questioner at the test. Start here. It’s a test with 12 points and as Joel says, “A score of 12 is perfect, 11 is tolerable, but a 10 or lower and you’ve got serious problems”. More important than the points, his test clearly documents what I consider to be healthy aspects of an engineering team, but there are other points to be made. So it is completely an homage to Joel that I offer The Rands Test.
- Salary Negeotiation
  - Salary Negotiation: Make More Money, Be More Valued - Patrick McKenzie
  - The Holloway Guide to Equity Compensation
    - Stock options, RSUs, job offers, and taxes—a detailed reference, including hundreds of resources, explained from the ground up and made to be improved over time.
  - Salary strategies everyone in tech already knows — but you don't - Candor
  - Ten Rules for Negotiating a Job Offer - Haseeb Qureshi
  - Negotiating Pattern Language - wiki.c2.com
  - Salary Negotiations: Win by Losing - Erik Dietrich
  - 10 essential negotiation tactics CISOs should know - Mary K Pratt
- Talks
  - Nose Breathing 101: A Guide to Infosec Interviewing - Wartortell, Aaron Bayles
    - The Information Security sector is a special place filled with special snowflakes. For a special snowflake, interviewing for a job can sometimes be a daunting or awkward task. There is a thin line when talking to humans between looking cocky and potato. On the other side, the interviewer must understand that there's a limited pool of special snowflakes. There's a sweet spot between auto-hiring someone and telling them you'll need three months to make a decision. Each snowflake must be nurtured into a beautiful snowerfly, or whatever their final form may be. For this talk I plan to start a conversation about how to interview and be interviewed in the information security space. Good interviews combine a mix of targeted questions, appropriate information sharing, and a goal of what you'd like to learn from a person and vice versa. Bad interviews... don't. This leads to bad hires, good snowflakes being pushed aside, stupid questions being asked, people being sad pandas, poor team cohesion, and a general overwhelming feeling of meh. Do not despair, this is a solvable situation. Come join me on the journey to being less meh at hiring!
Letter of Recommendation
- “Model of a Letter of Recommendation of a Person You Are Unacquainted with.” - Benjamin Franklin(1777)
Loyalty
- Loyalty and Layoffs - David Brady
Management
- 101
  - HN Comment by walterbell on understanding management
  - The Manager FAQ - Peter Seebach
    - The following list is an attempt to cover some of the issues that will invariably come up when hackers without previous experience of the business community first start working in it. Other workers may also find it informative.
  - Choosing the Management Track - blog.danielna.com
- Getting Better
  - ManagerTools
  - re:Work - Management@Google
- Metrics
- Things to know/be aware of
- Industry
  - Cybersecurity, The C-Suite, & The Boardroom: The Rising Specter Of Director & Officer Liability - Tom Kulik
  - About Cybersecurity Management and Expectations - Leslie Carhart(2020)
Management Skills
- Managers - rework.withgoogle.com
- Manager Tools
- 31 Core Competencies Explained - Edward J. Cripe
- Radical Candor — The Surprising Secret to Being a Good Boss - FirstRoundReview
- The Power of Performance Reviews: Use This System to Become a Better Manager - Lenny Rachitsky
- The Indispensable Document for the Modern Manager - FirstRoundReview
- The Eng Team Handbook (eng-handbook)
  - A developer's guide to management: an open-sourced handbook for leading engineering teams
Marketing
- Marketing-for-Engineers
  - A curated collection of marketing articles & tools to grow your product.
Meetings
- Reaching Peak Meeting Efficiency: Meetings are a critical tool for building a diverse, high-performance team with shared values - Steven Sinofsky
- Maker's Schedule, Manager's Schedule - Paul Graham(2009)
- How to Design an Agenda for an Effective Meeting - Roger Schwarz(HBR)
- How To Run EPIC Meetings - Julia Felton(2020)
Mental Health
- General
- Abusive Behaviour
  - Sick systems: How to keep someone with you forever - Issendai
  - 14 Thought-Control Tactics Narcissists Use to Confuse and Dominate You - Dan Neuharth(2017)
- Burnout
- Depression
  - Living with Depression in Tech - Jonathan Zdziarski
  - The Only Thing You Cant Fix Is Killing Yourself - notdan
- Suicide
  - Suicide Risk Assessment and Intervention Tactics - Amber Baldet(Defcon21)
    - Slides
- Stress
- Talks
  - Hackers, Hugs, & Drugs: Mental Health in Infosec - Amanda Berlin(Derbycon2018)
  - Playing Through Pain: The Impact of Secrets and Dark Knowledge - Richard Thieme(Defcon24)
    - Dismissing or laughing off concerns about what it does to a person to know critical secrets does not lessen the impact when those secrets build a different map of reality than "normals" use and one has to calibrate narratives to what another believes. The cognitive dissonance that inevitably causes is managed by some with denial who live as if refusing to feel the pain makes it disappear. But as Philip K. Dick said, reality is that which, when you no longer believe in it, refuses to go away. And when cognitive dissonance evolves into symptoms of traumatic stress, one ignores those symptoms at one's peril. But the constraints of one's work often make it impossible to speak aloud about those symptoms, because that might threaten one's clearances, work, and career. The real cost of security work and professional intelligence goes beyond dollars. It is measured in family life, relationships, and mental and physical well-being. The divorce rate is as high among intelligence professionals as it is among medical professionals, for good reason - how can relationships be based on openness and trust when one's primary commitments make truth-telling and disclosure impossible? Richard Thieme has been around that space for years. He has listened to people in pain because of the compelling necessities of their work, the consequences of their actions, the misfiring of imperfect plans, and the burdens of - for example - listening to terrorists slit someone's throat in real time, then having to act as if they had a normal day at the office. Thieme touched on some of this impact in his story, "Northward into the Night," published in the Ranfurly Review, Big City Lit, Wanderings and Bewildering Stories before collection in "Mind Games." The story illuminates the emotional toll of managing multiple personas and ultimately forgetting who you are in the first place. The bottom line is, trauma and secondary trauma have identifiable symptoms and they are everywhere in the "industry." The "hyper-real" space which the national security state creates by its very nature extends to normals, too, now, but it's more intense for professionals. Living as "social engineers," always trying to understand the other's POV so one can manipulate and exploit it, erodes the core self. The challenge is not abstract or philosophical, it's existential, fired into our faces every day at point blank range, and it constitutes an assault on authenticity and integrity. Sometimes sanity is at stake, too, and sometimes, life itself. In one week, two different people linked to the CIA told Thieme that going into that agency was like becoming a scientologist. Think about what that analogy means. For his own sake and sanity, Thieme has thought about it a lot and that's what this talk is about - the real facts of the matter and strategies for effective life-serving responses.
  - The Road to Resilience How Real Hacking Redeems a Damnable Profession - Richard Thieme(Defcon26)
    - Two years ago Richard Thieme spoke on “Playing Through the Pain: The Impact of Dark Knowledge on Security and Intelligence Professionals” for Def Con 24. He relied on dozens of experiences provided by colleagues over a quarter-century, colleagues from NSA, CIA, corporate, and military. Responses to the presentation have often been emotional and have corroborated his thesis. The real impact of this work on people over the long term has to be mitigated by counter-measures and strategies so scars can be endured or,even better,incorporated and put to use. In this presentation, Thieme elaborates those strategies and counter-measures. In what is likely his final speech at Def Con, he speaks directly to the “human in the machine” AS a human being. It’s not about leaving the profession: it’s about what we can do to thrive and transcend the challenges. It‘s about “saving this space,” this play space of hacking, work and life, and knowing the cost of being fully human while encountering dehumanizing impacts. It is easier to focus on exploits, cool tools, zero days, and the games we play in the space that “makes us smile.” It is not so easy to know how to play through the pain successfully. The damage to us does not show up in brain scans. It shows up in our families, our relationships, and our lives. Thieme is not preaching, he is sharing insights based on what he too has had to transcend in his own life. They call a lot of us “supernormals,” which means we discovered resilient responses to deprivation, abuse, profound loss … or the daily challenges of work that makes clear that evil is real. We are driven, we never quit, we fight through adversity, we create and recreate personas that work, we do what has to be done. It pays to know how we do that and know THAT we know so we can recreate resilience in the face of whatever comes our way. A contractor for NSA suggested that everyone inside the agency should see the video of “Playing Through the Pain.” A long-time Def Con attendee asks all new hires to watch “Staring into the Abyss,” a talk Thieme did a few years before. This subject matter is seldom discussed aloud “out here” and by all accounts is not taken seriously “inside,” which is perhaps why there have been half a dozen suicides lately at NSA and a CIA veteran said, “I have 23 suicides on my mind, the most recent senior people who could not live with what they knew.” The assumption baked into this talk: real hacking, its ethos and its execution, provides the tools we need to do this damn thing right.
Mentoring
- How to get coaching, mentoring, and attention - Jake Seliger
- How to Be a Career-Changing Mentor — 25 Tips From The Best Mentors We Know - FirstRoundReview
- How to Initiate Contact With a Mentor - Daniel Miessler(2020)
- Learning through Mentorship - Michael Ortega, Magen Wu(Derbycon2015)
  - 'Try Harder', 'Lurk Moar', 'You're doing it wrong'. In the InfoSec community, we pride ourselves on being able to learn on our own and believe going through a 'trial by fire' is necessary in order to be a respected and established in the community. What we don't realize is, we have many opportunities to better guide each other and learn from one another in order to improve...but are we making the best use of those opportunities? In this talk, we will explore the benefits of mentoring based on research we gathered and using data collected from within our industry. We will also discuss what makes a good mentor/mentee and how to get the most out of the relationship to help one another-and the community-grow.
- How to Give the Gift That Keeps on Giving - Your Knowledge - Jason Blanchard(Derbycon 2019)
  - Do you attend InfoSec talks, watch InfoSec webcasts, read InfoSec blogs, and follow your favorite InfoSec knowledge-sharers on Twitter? Do you want to learn how to share the knowledge in your brain in ways people want to hear it? Yes! Then this is the talk for you. Jason will give you the knowledge to confidently share what you know with people who don't know it. This talk will inspire you to create your own blog, give your own webcasts and presentations, or launch a podcast so that the next generation will be prepare for the what's to come. There will be demos and actionable content, so you'll know what to do to get started.
Metrics
- Be Careful What You Measure - Mark Graham Brown
- How to Use Metrics - George K. Campbell(2006)
- Security metric techniques: How to answer the 'so what?' - Bill Brenner
- Security Value Made Visible: How American Water's Bruce Larson uses a simple metric to build bridges with business partners and justify security spending at the same time - Scott Berinato
- A key performance indicator for infosec organizations: Using probabilistic risk KPIs to direct complex risk engineering efforts - Ryan McGeehan(2019)
- Security Metrics: Critical Issues - Derek Slater(2012)
Networking
- That’s still not my RJ 45 Jack - IRL Networking for Humans Pt 2 - Johnny Xmas
  - We're smart. We're incredibly tech savvy. We can rock some mad OSINT with our Google-Fu. We're 85% +-10% sure which part of the body a hat goes on. We think you can never have enough beard. WE THINK THAT'S ACCEPTABLE. The second in his multi-part series on building social prowess, this talk will focus on the inconvenient truth of your book always, always, always being judged by its cover, and how to deal with that with minimal effort so you can get back to sewing more pockets on your utilikilt. This talk covers both male and female situations, though it is primarily unisex. We'll get you set up with a core wardrobe and hygenic skillset so you'll be able to roll out of bed, spend minimal time "getting ready," rock the dreaded client-facing meeting or industry meetup, and get you back home where you can safely take your pants off.
Non-Competes
- Why I Turned Down an AWS Job Offer - Corey Quinn
Normalization of Deviance
- The normalization of deviance in healthcare delivery - John Banja
- Bedford and the Normalization of Deviance - Ron Rapp
- Resilience In Complex Adaptive Systems - Richard Cook(Velocity NY 2013)
- Normalization of deviance - Dan Luu
- Resilience Engineering: Part I - Kitchen Soap
Non-Technical Skills
- Relearning the Art of Asking Questions - HBR
- How To Ask Questions The Smart Way - Eric Raymond
Offices
- The History of Office Design - k2space
Organizational Theory/Stuff about Organizations
- Organizational Theory - Wikipedia
- Bureaucratic drift - Wikipedia
- Why are large companies so difficult to rescue (regarding bad internal technology) - Lawrence Krubner
- Leverage Points: Places to Intervene in a System - Donella Meadows
- How Software Companies Die - Orson Scott Card
- Accountability Theatre - Harry Stottle
- Images of Organization - Wikipedia
- Theory of the firm: Managerial behavior, agency costs and ownership structure - Michael C.Jensen, William H.Meckling
- The Tyranny of Structurelessness - Jo Freeman
- The Eight Metaphors of Organization - Venkatesh Rao(2010)
  - "Gareth Morgan’s Images of Organization is a must-read for those who want to develop a deeper understanding of a lot of the stuff I talk about here. Though I’ve cited the book lots of times, it is one of those dense, complex books that I am never going to attempt to review or summarize. You’ll just have to read it. But I figured since I refer to it so much, I need at least a simple anchor post about it. So I thought I’d summarize the main idea with a picture, and point out some quick connections to things I have written/plan to write."
- Inverse Conway Maneuver - thoughtworks.com
  - The 'Inverse Conway Maneuver' recommends evolving your team and organizational structure to promote your desired architecture. Ideally your technology architecture will display isomorphism with your business architecture.
Performance Reviews
- A Beginner’s Guide to Giving Performance Reviews - Advice for new managers on the most effective way to deliver feedback(Rebecca Fishbein)
Personal Safety
- Top Warning Signs of Domestic Abuse - Buddy-T(2020)
- Signs of a Stalker: Are You Being Followed? - Brianne Sandorf(2019)
Presenting
- Presentation and Social Media tips with SheHacksPurple
- More Tips for Social Media and Presenting - SheHacksPurple
- How to Look and Sound Confident During a Presentation - Carmine Gallo
- Make your PowerPoint presentations accessible to people with disabilities - support.office.com
  - This topic gives you step-by-step instructions to make your PowerPoint presentations accessible to people with disabilities.
Post-Mortems
- A List of Post-mortems! - Dan Luu
Product Managemnt
- Product Management 101: The Product Lifecycle - Anand Subramani, Jiaona Zhang(Stanford)
Project Management
- Anatomy of a runaway IT project - Bruce F. Webster
- Why “Agile” and especially Scrum are terrible - Michael O. Church
  - Article Comments
- Minimal Project Management - Hilton Lipschitz
- Multiply by Pi - David Strom
- Project Management Tips and Tricks - Quang Truong(2020)
- 5 Ways to Manage Scope Creep - marketingmatters.net(2013)
- Shape Up: Stop Running in Circles and Ship Work that Matters - Basecamp
  - Shape Up is for product development teams who struggle to ship. Full of eye-opening insights, Shape Up will help you break free of "best practices" that aren't working, think deeper about the right problems, and start shipping meaningful projects.
Remote Work
- awesome-remote-job
  - A curated list of awesome remote jobs and resources.
- All Remote - Gitlab
- Gitlab Team Handbook
- A Decade of Remote Work - Viktor Petersson
- Remote Work Guides - Twist
- Tips from 16 years of working from home - a.wholelottanothing.org
- A Year of Working Remotely - mikeindustries.com
- Why Working from Home is Good for Business - Mat Mullenweg
  - As the popularity of remote working continues to spread, workers today can collaborate across cities, countries and even multiple time zones. How does this change office dynamics? And how can we make sure that all employees, both at headquarters and at home, feel connected? Matt Mullenweg, cofounder of Wordpress and CEO of Automattic (which has a 100 percent distributed workforce), shares his secrets.
- Remote Work - Zapier
  - Beginning as a series of posts on the Zapier blog, this book is an ongoing work about our experiences as a remote team, with much of the book written by Zapier CEO Wade Foster along with chapters from our team members and other remote employees. We'll update it periodically so you can learn how our thinking and processes change as we've grown from three to 200+ people and beyond, and we'll keep the older versions of each chapter archived so you can learn with us over time.
- How Remote Workers Make Work Friends - Beth SchinoffBlake E. AshforthKevin Corley(HBR)
- The tools and tricks that let Ars Technica function without a physical office - Lee Hutchinson(2020)
Resume
- 17 things that make this the perfect résumé - Áine Cain and Shayanne Gal(BusinessInsider)
- résumés - PracticalTypography
- Become a Software Specialist with the Help of Your Resume - Erik Dietrich
- How to Prepare Your Resume (Your Resume Stinks!) (Hall Of Fame Guidance) - ManagerTools
- Resume Update 2019 - Part 1 - ManagerTools
- Impossible is Nothing - Resume
- How to document your knowledge (in a CV/resume) - Gynvael Coldwind(20202)
- JSON Resume
  - A community driven open source initiative to create a JSON based standard for resumes
- Cybersecurity engineer resume tips - Frank Siemons
Skill Development
- Expiring vs. Permanent Skills - Morgan Housel(2020)
Social Skills
- Basic Guide to Social Skills
Sr/Staff Engineers
- What senior engineers do: fix knowledge holes - Dan Moore
  - Worthwhile for the first comment in response to the article: "I don’t see anything “senior” about it, or even “engineer”. Seeing problems and solving them is what everyone does. Documenting the solution is one part of solving a problem. An apprentice carpenter does these things, too, and so does a farmer, and a waiter. Unfortunately, it’s not what most software companies reward, or how they operate. Whenever I did this, my manager, at every software company I’ve worked for, would say: “That’s cool, but you’re supposed to add the FooBar feature, and it needs to be done this Friday. Don’t waste time with reverse-engineering, or documentation. Just add one new field to the protocol somewhere. We can clean it up Later(TM).” This is Conway’s Law at work. What sort of company encourages the creation of two critical components which are completely undocumented? The sort of company which doesn’t reward documentation of critical components. That’s not likely to change because the engineer that created them happened to leave. (It took more time to reverse-engineer the protocol than it would have to document it when the knowledge was fresh.) The PM and QA who allowed this to happen are still there, right? What “Senior Engineer” really means is someone who’s spent enough time in the trenches to have earned a job title that allows them the latitude to make these sorts of improvements, and not have a PM question why they aren’t, instead, doing exactly what they were assigned. Look back at the story. Did the “senior engineer” go through proper channels to schedule a “reverse-engineer and document network protocol” task? No, he clearly didn’t trust that it would happen. Or maybe it was already there, but lowest priority (way below “fix CSS on IE”, of course). What was his actual responsibility that week? The story doesn’t say, but I don’t see any remarks about a PM breathing down his neck asking about the CSS fix he asked for (because that PM is the only user of the system, anywhere, of course, who uses IE and sees that particular bug). Documentation is not on this week’s “Sprint”! The process is fundamentally broken. We hear fables like this about how life would be better if we all did something one way (you’ll get promoted to Senior Engineer!), while in practice we’re punished for doing so."
- StaffEng
  - Folks who have shared their stories of reaching Staff-plus engineer roles:
- Being Glue - Tanya Reilly
- What's it like as a Senior Engineer at Google? - Zain Rizvi
Strategy
- 101
- Books
  - The Art of War - Internet Archive
  - Good Strategy/Bad Strategy
  - Playing to Win
- Articles/Blogposts/Writeups
  - Playing to Win: How Strategy Really Works - farnamstreet
- Talks/Presentations/Videos
  - Good Strategy/Bad Strategy: the difference and why it matters - Prof. Richard Rumelt(LSE Events)(2011)
    - Developing and implementing a strategy is the central task of any leader. Richard Rumelt shows that there has been a growing and unfortunate tendency to equate motherhood and apple-pie values and fluffy packages of buzzwords with "strategy."
Teams
- Building a Team
  - How to Size and Assess Teams From an Eng Lead at Stripe, Uber and Digg - FirstRoundReview
  - Scaling engineering organizations - Raylene Yung(Stripe)
    - Lessons learned from scaling Stripe's engineering team.
- Leading a Team
- Operating in a Team
- Understanding Teams
  - Books
    - Five Dysfunctions of a Team
    - The Goal
      - The Phoenix Project & The Unicorn Project
    - I think should b read anyways despite whatever personal opinions on them(Better to know than not)
      - 48 Laws of Power
      - The Prince - Machiavelli
- Articles/Blogposts/Writeups
Testing(Certifications/Exams)
- Better GIAC Testing with Pancakes - H4cks4panckakes
- Self-Study SANS SEC503 GCIA - Gary Hoffman
Training
- Employee Training: Paid or Unpaid? - Epstein Becker & Green, P.C.
- Does My Employer Have to Pay Me for Training? - Lisa Guerin
- Are Employers Required to Pay Employees for Training Courses? - Jules Halpern Associates
Other
- Revisiting L0pht testimony – 20yrs later -Space Rogue
- My Canons on (ISC)² Ethics - Such as They Are(2011)
- Apple’s Software “Problem” and “Fixing” It (via twitter)
- Job Hunting Experiences
  - Farewell, App Academy. Hello, Airbnb. (Part I) - Haseeb Qureshi
Industry
- Android
  - Google’s iron grip on Android: Controlling open source by any means necessary - Ron Amadeo(2018)
  - Internal Google Program Taps Data on Rival Android Apps - Alex Heath, Nick Bastone, Amir Efrati(2020)
- Ageism in Tech
  - REID v. GOOGLE INC - findlaw
  - The Apple engineer who moved Mac to Intel applied to work at the Genius Bar in an Apple store and was rejected - BuisinessInsider
  - Lawsuit klaxon: HP, HPE accused of coordinated plan to oust older staff in favor of cheaper, compliant youngsters - Thomas Claburn(2020)
  - Cutting ‘Old Heads’ at IBM - Peter Gosselin, Ariana Tobin(2018)
    - As it scrambled to compete in the internet world, the once-dominant tech company cut tens of thousands of U.S. workers, hitting its most senior employees hardest and flouting rules against age bias.
- Anti-Union
  - Amazon's Aggressive Anti-Union Tactics Revealed in Leaked 45-Minute Video - Bryan Menegus(2018)
  - [Leaked Amazon Memo Details Plan to Smear Fired Warehouse Organizer: ‘He’s Not Smart or Articulate’ - Paul Blest(2020)]
  - Google Urged the U.S. to Limit Protection For Activist Workers - Josh Eidelson, Hassan Kanu, Mark Bergen
    - While Google publicly supported employees who protested company policies, it quietly asked the government to narrow the right to organize over work email
- Bribes
  - Former Uber Executive Charged With Paying 'Hush Money' To Conceal Massive Breach - Shannon Bond(2020)
- Censorship/Propaganda
  - A Genocide Incited on Facebook, With Posts From Myanmar’s Military - Paul Mozur(2018)
  - Invisible Censorship: TikTok Told Moderators to Suppress Posts by “Ugly” People and the Poor to Attract New Users - Sam Biddle, Paulo Victor Ribeiro, Tatiana Dias(2020)
  - China-Based Executive at U.S. Telecommunications Company Charged with Disrupting Video Meetings Commemorating Tiananmen Square Massacre - Department of Justice(USA - 2020)
  - Facebook Fired An Employee Who Collected Evidence Of Right-Wing Pages Getting Preferential Treatment - Craig Silverman, Ryan Mac(2020)
- Content Moderators
  - Facebook will pay $52 million in settlement with moderators who developed PTSD on the job - Casey Newton(2020)
- Dissapearing Messages
  - Uber Criminal Probe Shines Light on Vanishing Message System - Joel Rosenblatt
    - I have this listed here as a thought piece rather than commentary; i.e. Is it better to archive all messages or to have them deleted after so long? If the latter, how long? etc.
- Google Searches
  - An Interview With A Google Search Quality Rater - Matt McGee(2012)
    - Since at least 2005, Google has been using a large, worldwide focus group to help review its search results and the quality of the web pages that rank well in its algorithm. The people in this program are called Quality Raters and, as you can imagine, the work they do is important to search marketers […]
- History
  - If I Told You I’d Have to Kill You: The Story Behind “The Secret History of Silicon Valley” - Steve Blank
- Monopolies/Trusts
  - United States v. Microsoft Corp.(2001) - Wikipedia
  - Halloween documents - Wikipedia
    - The Halloween documents comprise a series of confidential Microsoft memoranda on potential strategies relating to free software, open-source software, and to Linux in particular, and a series of media responses to these memoranda. Both the leaked documents and the responses were published by Eric S. Raymond in 1998.
  - Amazon Scooped Up Data From Its Own Sellers to Launch Competing Products - Angela Owens(2020)
  - Amazon Met With Startups About Investing, Then Launched Competing Products - Dana Mattioloi, Cara Lombardo(2020)
  - Former App Store exec testifies Apple's rules are "a weapon against competitors" - Cal Jeffery(2020)
  - What Does It Mean When Apple “Sherlocks” an App? - Justin Pot(2017)
- Palantir
  - Inside Palantir, Silicon Valley's Most Secretive Company - William Alden(2016)
- Patent Trolling
  - How much is Microsoft earning from its Android taxes again? - Andrew Orlowski(2014)
  - Report: Microsoft making patents royalty-free for Android OEMs - Ryne Hager(201)
- Pharmacy Sales
  - Google Forfeits $500 Million Generated by Online Ads & Prescription Drug Sales by Canadian Online Pharmacies - US Department of Justice(2011)
- Privacy Violations/Spying on the Customer
  - Facebook will pay $550 million to settle class action lawsuit over privacy violations - Devin Coldewey(2020)
  - ‘Crush This Lady.’ Inside eBay’s Bizarre Campaign Against a Blog Critic. - Kirsten Grind, Sebastian Herrera(2020)
- Public Monitoring
  - Police Surveilled George Floyd Protests With Help From Twitter-Affiliated Startup Dataminr - Sam Biddle(2020)
- Racism
  - ‘Tokenized’: Inside Black Workers’ Struggles at the King of Crypto Start-Ups - Nathaniel Popper(2020)
- Sex-related
  - Google reportedly paid Andy Rubin $90 million after he allegedly coerced sex from employee - Chris Welch(2018)
    - How Google Protected Andy Rubin, the ‘Father of Android’ - Daisuke Wakabayashi and Katie Benner(NYT)(2018)
  - Alphabet Settles Shareholder Suits Over Sexual Harassment Claims - Daisuke Wakabayashi(2020)
  - Inside The Culture Of Sexism At Riot Games - Cecilia D'Anastasio
- Surveillance of Workers
  - Secret Amazon Reports Expose the Company’s Surveillance of Labor and Environmental Groups - Lauren Kaori Gurley(2020)
  - Amazon Is Hiring an Intelligence Analyst to Track 'Labor Organizing Threats' - Lorenzo Franceschi-Bicchierai(2020)
  - Inside Amazon’s Secret Program to Spy On Workers’ Private Facebook Groups - Lauren Kaori Gurley, Joseph Cox(2020)
  - Google illegally spied on workers before firing them, US labor board alleges - Zoe Schiffer(2020) Tax Avoidance/Fraud
  - Google Agrees to Pay Italy $334 Million in Back Taxes - New York Times(2017)
  - Google shifted $23 billion to tax haven Bermuda in 2017: filing - Reuters
  - Google will finally stop using controversial Irish and Dutch tax loopholes - Zoe Schiffer(2019)
  - Google to pay $1 billion in France to settle fiscal fraud probe - Reuters
  - The IRS Decided to Get Tough Against Microsoft. Microsoft Got Tougher. - ProPublica(2020) Tesla
  - When Elon Musk Tried to Destroy a Tesla Whistleblower - Matt Robinson, Zeke Faux(2019)
  - Musk Misses: The Stories You Don’t Hear About Tesla Anymore - Niya Tishan White(2019)
  - Tesla says its factory is safer. But it left injuries off the books - Will Evans, Alyssa Jeong Perry(2018)
  - Tesla Had 3 Times as Many OSHA Violations as the 10 Largest US Plants Combined - Rob Stumpf(2019)
  - The Big Tesla Hack: A hacker gained control over the entire fleet, but fortunately he’s a good guy - Fred Lambert(2020)
- Stack Ranking
  - Vitality curve - Wikipedia
  - How stack ranking corrupts culture, at Uber and Beyond - Rob Davies(Perdoo)
  - Stack-ranking is appealing, and it should die - Girard Dorney(HRMOnline)
  - Inside Facebook’s ‘cult-like’ workplace, where dissent is discouraged and employees pretend to be happy all the time - Salvador Rodriguez(CNBC)
  - Microsoft's Lost Decade - Kurt Eichenwald(Vanitfair)
  - Microsoft Abandons 'Stack Ranking' of Employees - Shira Ovide, Rachel Feintzeig(WallStreetJournal)
  - Amazon to drop dreaded stack-ranking performance reviews - Ángel González, Matt Day(SeattleTimes)
- Unions/Labor Organization
  - Workers can be barred from using company email for union organizing - NLRB - Daniel Wiessner()
  - Amazon Is Hiring an Intelligence Analyst to Track 'Labor Organizing Threats' - Lorenzo Franceschi-Bicchierai(2020)
- Wages
  - Techtopus - Pando
  - Newly unsealed documents show Steve Jobs' brutal response after getting a Google employee fired - Mark Ames
  - Revealed: Apple and Google's wage-fixing cartel involved dozens more companies, over one million employees - Mark Ames(Pando)
  - Is Your Employer Stealing From You? - Luke Darby(GQ2019)
- Other
  - Attrition.org
    - Attrition.org (http://attrition.org/) is a computer security web site dedicated to the collection, dissemination and distribution of information about the security industry for anyone interested in the subject. They maintain one of the only open and honest grim look at the industry, reminding everyone that we must strive to be better than we have been historically. The crusade to expose industry frauds and inform the public about incorrect information in computer security articles is a primary goal of the site. Previously, Attrition.org maintained the largest catalogs of security advisories, text files, and humorous image galleries. They are also known for maintaining the largest mirror of Web site defacements and the creation of the Data Loss Database (Open Source), which eventually became DatalossDB (http://datalossdb.org/).
Other
- Microservices - KRAZAM
- The Expert
- Elon Musk Today
  - Like Donald Trump, But For Nerds

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Career.md

Career.md

Career/Job Related Stuff

Table of Contents

Career Information

Files

Career.md

Latest commit

History

Career.md

File metadata and controls

Career/Job Related Stuff

Table of Contents

Career Information