There was a nice read by DANIEL GELERNTER in the Wall Street Journal on the 28th. It was called "Why I’m Not Looking to Hire Computer-Science Majors" with the drift of it being that all those degrees and certifications don't make good developers. I have to agree that there is the same situation in the IT Security field. Last week I talked to a guy who was going to work for DoD and they wanted him to have a cert for security and one for Java. He had been a Java developer for 27 years. He had to go back and sit for the CISSP and hadn't needed to do that for any job prior to this one. He had to prove to a bunch of kids that he had the skills to do Java development and be certified, when he could have been teaching the course for them (he didn't learn a lot in that one). In case you are wondering what is going on, the government no longer has the employees who know enough about the business to know whether a person knows anything or not, so they have decided to substitute certificate quals instead of real experience. Dan's remarks are to that point.
I used to have a simple test of a new architect: "Draw for me the last architecture that you were responsible for developing". It isn't hard, and they quibbled about the level of detail required for this drawing, but most of the ones I hired were able to do it to any level of detail I thought necessary. I saw Brian Miller pass this test at the House of Representatives when I worked down there, and he did it at a public meeting with very little preparation. That was one smart guy. He didn't have a lot of certs but he had experience doing the job and applying what he did know. I'm sick of CISSPs claiming they can be responsible for security of a network when all they know is what they got in preparation for the test. I can almost guess that all of those contractors at OPM had them. So while the people who can do the work won't do it because they are not going to go back and get a bunch of certs they don't need, the government does without qualified people. Somehow, I don't feel sorry for them.
No comments:
Post a Comment