In this episode of Tech Talent Today, I’m delighted to be joined by Rob Diamond, VP of Security Architecture at Two Sigma. Before Two Sigma, Rob served as Chief Architect at SafeNet Assured Technologies through various incarnations of the company. He was the creator and lead product designer of the MDeX System, which was used extensively to protect the most sensitive and highly classified data of the U.S. government and other entities. Listen to learn how to be successful in the constantly evolving world of cybersecurity.
You will want to hear this episode if you are interested in…
- What is Two Sigma? [02:40]
- Two Sigma’s hiring process [08:33]
- Advice to those new in cybersecurity [14:29]
- Rob’s journey to cybersecurity [15:43]
- Similarities between hedge funds and government security [20:12]
The interconnection of finance and technology
People who want to be top-tier security professionals need to understand the technology they’re securing thoroughly. Even companies that do nothing but security consulting have customers in other industries, so becoming familiar with other businesses will help them be successful. Rob suggests that people should become familiar with a few business concepts in the areas they’ll be concentrating on to understand their needs. The needs drive the technology, which drives the security aspect.
Two Sigma uses machine learning and data science to discover value in the world’s data. The company then uses that information to invest its clients’ funds and make money for them. This fascinating intersection of computer science, data science, and finance means that Two Sigma is primarily a technology company. Around half of the employees are engineers, and many of the rest are data scientists.
Two Sigma’s hiring process
The rigorous hiring process at Two Sigma starts right after an applicant applies. Usually, there are at least two phone screens. Typically someone from recruiting and the hiring manager will conduct the initial phone screen. Then the applicant will move to the day-long interview process. The morning session tends to focus on technical skills. Altogether, the day consists of around eight interviews. This process is highly selective and has good results.
Because Rob is responsible for the security team, he typically begins an interview with questions about security fundamentals like cryptography, PKI, and authentication authorization. He presents a simple service architecture of an imaginary business process, then discusses a scenario based on that process with the applicant. Rob looks for a strong computing background in the people working in security. Still, he primarily looks for a good understanding of networking, from the Ethernet level to the application level, and the security aspects that come with each of those levels.
In addition to experience, Rob looks for people who would be a cultural fit in the company. Most importantly, the individual has to have the ability to learn. One of the ways Rob tests learning is by finding a security subject the candidate may be less familiar with, teaching a little about that topic, and seeing how quickly the candidate picks up the concept and integrates it with their existing knowledge. There are constant changes and new information in Two Sigma’s business, so people must be willing to learn new things, absorb them, and apply them. If someone can’t do that, that person is not the right fit for the company.
The value of data
Both governments and financial institutions have extremely valuable information that would cause a massive loss if it were to be disclosed. In the intelligence community, disclosure of information leads to people dying. In the financial world, disclosing information leads to substantial financial losses for investors, such as university endowments and retirement funds. Either scenario is devastating to people.
Another similarity is the data’s value, which can incentivize insiders to make money by disclosing the information. People want this data, so the threat exists in both the government and the financial environments. Data models can be worth millions of dollars, so institutions must protect them. Neither of these environments operates in vacuums. The IC intelligence community and financial science companies must ingest vast amounts of data from all different sources.
Resources & People Mentioned
Connect with Rob Diamond
Connect With Jodi Kulek Mayer
Audio Production and Show notes by
PODCAST FAST TRACK