Andrew Kirch on Hacker Mindset, Insider Threats, and AI’s Impact on Cybersecurity

In this Cyber Security Recruiter podcast episode, Thomas chats with Andrew Kirch, Director of Technical Operations at Stoic Cybersecurity, who describes his wide-ranging background across IT, red and blue team work, tabletop exercises, and early experience running a major DNS blacklist that helped him understand how attackers think.

Andrew argues hacker mindset is learnable through experience, stresses reputational and insider threats, and explains prioritizing vulnerabilities based on real exploitability. He shares stories involving Anonymous, Occupy Wall Street amplification, and law-enforcement work culminating in Operation Cyber Slam. The discussion covers increasing criminal organization, AI-driven risks (voice cloning, fake candidates, faster exploit development, and corporate secrets leaking via public AI), the need for continuous learning, and sources he follows such as YouTube, Ground News, CISA updates, and The Register.

00:00 Podcast Welcome

00:55 Andrew’s Background

04:55 Hacker Mindset Tips

06:51 Prioritizing Real Threats

08:56 Anonymous Storytime

12:00 Operation Cyber Slam

15:24 Cybercrime As Business

17:25 How To Level Up

21:01 AI And IP Risks

24:04 Generalist Security Skills

24:41 AI Voice Fraud Threat

26:17 Fake Candidates Remote Hiring

27:39 AI Widens Attack Surface

29:28 Breach Costs and Insurance

31:01 Writing Reports With AI

34:10 Tone and Social Engineering

36:10 Cyber News Sources

39:22 Geopolitics and Ransomware

41:18 Utilities and SCADA Risks

42:53 Zero Trust and Passkeys

45:32 AI for SOC Defense

47:25 Wrap Up and Farewell

Wiley Bayes on Red Teaming, Networking Fundamentals, and Breaking into Cybersecurity

Thomas hosts Wiley Bayes on the Cybersecurity Recruiter Podcast to discuss Wiley’s career path from early Linux curiosity and the US Navy into networking, systems/cloud engineering, penetration testing, and his current role as Senior Principal Red Team Operator at Dark Wolf Solutions.

Wiley explains day-to-day red teaming on DoD contracts, emphasizing long preparation cycles, payload testing against major security tools, patience, and tailoring phishing to the audience. He advises career changers to keep learning, focus on fundamentals (especially networking), troubleshooting, and scripting/programming, and to break into IT first rather than fixating on a dream cybersecurity role unless you’re exceptionally advanced.

They discuss Dark Wolf’s custom CTF-based hiring, communication skills gained from executive briefings, concerns about shortcuts and AI, and Wiley recommends OpenBSD and Peter N.M. Hansteen’s book “The Book of PF,” plus home lab tinkering.

00:00 Welcome and Golf Talk

01:27 Career Journey Intro

02:26 Early Curiosity and Navy Roots

03:17 Why Networking Matters

04:04 Red Team Day to Day

06:35 Phishing and Security Hygiene

08:09 Transitioning to Civilian Life

09:50 Hiring with Custom CTFs

11:31 Breaking In Is Harder Now

14:45 Finding Your Path in Security

17:55 Staying Relevant and Next Steps

20:39 Pentest To Architect Shift

21:25 Communication Under Pressure

23:17 Fundamentals And Hiring Quality

25:43 Stop Chasing Dream Roles

27:57 Learning Resources And Practice

28:57 Troubleshooting War Story

32:31 AI Shortcuts Vs Real Skills

34:36 Code And Scripting Matters

36:04 Books And Home Labbing

38:37 Wrap Up And Thanks

Barak Engel on Fractional CISO Life, Resilience, and Relationship-Driven Security Consulting Thomas chats with Barak Engel, founder/CEO of EAmmune and an advisor/board member across several security organizations, about his 23-year consulting journey, including creating the virtual/fractional CISO concept in 2003 and the realities of “feast or famine” work.

Barak discusses rapid context switching (and hitting his limit while serving six CISOs at once), resilience through setbacks such as the 2008 crash and Chapter 7 bankruptcy, and how reputation and long-term relationships drive EAmmune’s referral-only growth through “concentric circles” as clients change jobs.

He emphasizes transparency, accountability, avoiding short-term exploitation, delegating to strengths (including hiring a people manager), and focusing on minimizing damage rather than preventing all mistakes. Book recommendations include Anthony de Mello’s "Awareness," Malcolm Gladwell’s "Blink," and "The Hitchhiker’s Guide to the Galaxy," plus Barak’s book "The Crack in the Crystal"

00:00 Welcome and Guest Intro

01:31 Origin of EAmmune Name

02:39 Resilience and Career Overview

04:51 Fractional CISO and Context Switching

06:38 Jessica Burnout Story

08:39 Lightning Angel Name Meaning

09:10 Relationships Over Everything

11:58 Bankruptcy and Customer Lifeline

15:15 Bootstrapping and Early Hustle

17:38 Strengths Focus and Delegation

19:33 Leaving Corporate and Forced Independence

22:34 Referral Growth Philosophy

23:58 Radical Transparency

24:59 Accidental Career Path

25:56 Reputation Compounds

28:12 Resilience Over Perfection

30:53 Trust Beats Skill

32:43 Owning Mistakes

34:39 Pretty Little Princess

36:04 Practice Context Switching

39:11 Humility and Humanity

43:00 Books and Farewell

From Bartending to COO: Hospitality Skills, Remote Work, and Critical Thinking in Cybersecurity

The host welcomes Alise Barron to the Cybersecurity Recruiter podcast and introduces her career path from hospitality and internet marketing into recruiting leadership roles at Experis Finance, Cylance, and Blackberry, and then multiple promotions at Cyvatar to COO.

Elise describes a typical remote-work day balancing family routines, early email catch-up due to time zones, constant meetings, and handling unexpected escalations in cybersecurity operations. They discuss why hospitality backgrounds can drive rapid advancement: strong work ethic, quick critical thinking, customer and stakeholder management, resilience, and learning to set boundaries without adopting a victim mindset. Elise connects these skills to project management, noting she later recognized she had been applying PMP-style practices.

They also discuss productivity tradeoffs between remote and office work, the value of networking, and how incident response requires structure, patience, and calm communication.

00:00 Welcome and Catch Up

00:42 Small World in Security

01:47 Elise Career Intro

02:59 COO Daily Routine

04:58 Remote Work Realities

08:44 From Bartender to COO

13:39 Hospitality Skills in Corporate

18:02 Boundaries and Ownership

19:24 Project Management Mindset

25:12 Hiring Through Networking

26:59 AI and Recruiting Filters

29:20 Closing Thoughts and Wrap

Ray DeMeo on Cybersecurity Investing, AI Risk, and Building Resilient Teams

Thomas chats with Ray, managing director at Pulse Drive Group with a background in senior roles across tech and venture advising, about current cybersecurity market dynamics and investing.

Ray notes recent acquisitions focused on cyber AI and protecting AI applications and data, highlighting the need to reduce risk and address SOC alert overload. They discuss the Gartner Hype Cycle moving faster, hiring shifts toward broader, architecture-aware talent, and the possibility that top security individual contributors will become highly compensated as AI increases productivity.

Ray contrasts slow government procurement with urgent geopolitical pressures, citing Ukraine’s drone-driven innovation. He shares career lessons from early customer-facing work, startup discipline, mentorship in large companies, and the responsibility of layoffs. Ray argues most security spending is post-deployment, urging stronger pre-deployment secure coding.

Book recommendations include Nicole Perlroth’s “This Is How the World Ends,” plus “Team of Teams,” and Steve Martin’s “Born Standing Up.”

00:00 Welcome and Guest Intro

01:52 Ray’s Mission in Cybersecurity

04:03 Market Pulse and Investor Sentiment

04:25 AI Security and M&A Trends

07:09 Hype Cycle and Skills Shift

10:16 Government Pace and Ukraine Lessons

12:34 Career Lessons and Early Hustle

14:16 Startup Discipline and Customer Focus

16:56 Founder High and Building Momentum

18:23 Why Startups Hook You

19:41 Client Facing Skills

20:39 Caddying Lessons

21:47 Building People Skills

23:10 Big Company Mentors

25:48 Hard Leadership Calls

27:33 Secure Code Gap

32:36 AI and Code Quality

34:24 Books and Mindset

36:28 Advisory Work Network

37:51 Closing Thanks

CMMC Readiness, Compliance Consulting, and Career Lessons with Joe Schofield

In this episode of the Cybersecurity Recruiter Podcast, Tom speaks with Joe Scholefield, a former sysadmin/network engineer and ex-Dell cybersecurity manager, now serving as Director of Compliance at Deafcert, about helping defense contractors meet CMMC (based on NIST requirements) and preparing for DoD third-party assessments. Joe explains CMMC readiness commonly takes 12–18 months, with faster progress driven by aligned stakeholders, minimal internal resistance, and strong cross-department project management.

They discuss CMMC as both a cost and revenue differentiator, increasing supply-chain pressure from primes like Lockheed and RTX, and a looming assessor bottleneck given the number of companies needing certification versus C3PAOs. Joe shares career advice on knowing when to move roles, the impact of earning a bachelor’s degree over 17 years to avoid HR filtering, the importance of soft skills in consulting, and recommends the “CUI Center of Excellence” Discord community.

00:00 Welcome and Guest Intro

01:03 What Joe Does Now

02:52 Helping Clients Succeed

03:36 Racing Through CMMC

05:24 CMMC as Revenue Driver

06:36 Supply Chain Pressure

07:46 Bottleneck and Assessors

08:50 Rollout Timeline Debate

11:39 Why CMMC Exists

13:08 Career Growth Lessons

16:27 Hiring and Soft Skills

19:19 Restaurant Skills for Consulting

20:29 Career Growth and Timing Moves

20:43 Finishing a Degree Late

22:37 Degrees and HR Filters

23:51 Certs and Hiring Signals

24:34 Job Search Fatigue Tips

26:31 Small Teams Hiring Stakes

27:17 Finding Community Resources

29:01 Mentors and Giving Back

31:26 Making Time for Growth

32:31 Work Life Balance Advice

33:08 Golf and Disconnecting

33:55 Wrap Up and Thanks

Jim Miller on Talent Acquisition: Career Growth, Remote Hiring, and Today’s Employer Market

On the Cyber Security Recruiter podcast, Thomas chats with Jim Miller, a talent acquisition leader with 25 years’ experience, including early recruitment at Allegis, a decade at Google (rising to global head of inbound talent), VP of Talent Acquisition at FullStory, and now VP of People and Talent at Ashby, where the company is fully remote across 27 countries.

Jim shares career lessons: teach and share expertise, explicitly ask for roles you want, and prioritize quality over quantity. They discuss today’s market dynamics: layoffs, heavy competition for remote roles, niche hard-to-fill roles, and intentional application “friction”,plus concerns about overusing AI in applications.

Jim advises tailoring CVs to show what you did, how, and the impact and magnitude of your actions, and recommends Ashby’s “Offer Accepted” podcast.

00:00 Welcome and Guest Intro

01:51 Life and Remote Work

03:04 Team Retreats and Remote Culture

04:07 Career Growth Lessons

08:13 Quality Over Quantity

10:06 Intentional Applications

12:19 Hiring Market Imbalance

16:47 AI Use and Integrity

19:33 Resume Impact and Magnitude

22:40 Resume Bullet Formula

22:53 ATS Myths And Evidence

24:05 AI Criteria Matching

25:26 Speed And Transparency

25:41 High Volume Review Hacks

26:37 Accent Banter Break

27:08 Handling Setbacks Adaptably

29:23 Inbound Versus Sourcing

32:33 Early Google Scaling Story

34:41 Choosing Product Market Fit

36:28 Building Google's ATS

39:50 Offer Accepted Podcast

41:03 Learning From Coworkers

43:03 Closing Thoughts

Andrew Wildrix on Transitioning from the Army, Building Networks, and Standing Out in Cybersecurity Hiring

On the Cyber Security Recruiter podcast, Tom interviews Andrew Wildrix, a former US Army major and current VP of Business Development at Intrusion, about his career path from military service into cybersecurity and sales/technical leadership.

Andrew describes his day-to-day work spanning emails and sales calls, product and engineering feedback loops, budgeting for a public company, and raising Intrusion’s profile as it expands from long-term US government work into commercial markets. He contrasts government vs MSP messaging, emphasizes planning before leaving the military, and advises building networks through local professional groups and optimizing LinkedIn while avoiding divisive topics.

They discuss ATS-driven hiring challenges, the value of soft skills and translating technical concepts without condescension, creative job-search tactics to “not be a number,” and interview red flags like victim mentality. Andrew recommends reading The Phoenix Project and a Star Wars “Book of the Sith” on power and leadership.

00:00 Welcome and Guest Intro

01:11 Day in the Life at Intrusion

02:38 Branding vs Cold Outreach

03:20 Customer Feedback to Product

04:06 Army Background and Influence Ops

04:48 Transitioning Out of Military

06:28 ATS and Hiring Reality Check

08:14 Building a Network and LinkedIn

11:19 Staying Professional Online

13:51 Sales and Technical Career Loop

14:56 Communication and Culture Lessons

21:06 Toxicity and SMB Team Fit

22:09 Standing Out in Job Hunting

26:17 Resilience and Victim Mindset

30:58 Books That Shaped Andrew

32:57 Wrap Up and Thanks