Looking for a new job? HackerOne CEO Mårten Mickos offers tips on how he has evaluated job opportunities, and how you should, too.
HackerOne CEO Mårten Mickos has seen no shortage of success in his business career. Mickos was CEO of MySQL when the company sold to Sun for $1 billion, and later was CEO of Eucalyptus when HP came calling. When looking to leave HP for a new challenge, Mickos evaluated 46 different opportunities, ultimately landing at HackerOne. That decision, as Mickos told TechRepublic, was a combination of several factors, including the opportunity "to learn something new" and to work on "something with a huge business potential and an intellectually intriguing model."
But that's Mickos, and he's not you (or me). I asked him to comment on how he advises others in their search for work—how they, too, can find their "HackerOne." His answer was interesting and potentially quite helpful.
SEE: 10 websites that can help you find your next job (free PDF) (TechRepublic)
Inspiration is a product of information
The first rule of thumb, Mickos said, is to, "Always look at many alternatives, even if you think you know what you want to do." Why? Because "Without several opportunities to assess, you will not be able to figure out what's best for you." This means, unfortunately, that you should take your time when looking for work as "It is rare that you find the best opportunity quickly."
This may be easier said than done, given financial obligations, but the principle seems wise as a general principle.
The next step is to ensure you're getting good counsel along the way: "Have friends and mentors weigh in on opportunities you are considering. Also have them weigh in on your assessment of those opportunities. They may know things about you that you are yourself blind to."
At the same time, he continued, whether through outside counsel or our own experiences, we need to be willing to follow that insight: "Be ready to change your preferences. When I was contacted by Bill Gurley about HackerOne, I said, 'I don't want to work in cybersecurity because people seem cynical, negative, and nitpicky. They focus on problems and not opportunities.' I was a little right, but mostly wrong. HackerOne stood out as a constructive, positive, dynamic company that focuses on opportunities, not problems. I am thankful I didn't let my prejudice rule."
SEE: 19 words that don't belong in your resume (PDF download) (TechRepublic)
Once you've found what feels like the right opportunity, he suggested, it's time to really go for it:
Even if you are perhaps the one who is getting wooed by a company and even if you are playing hard to get in the beginning, if you really want the job, make sure to do a turnaround at some point and show them that there is nothing you want more than that job. Write a job application and put your energy into showing that you are the best candidate. Even better, write a plan for what you will do when you get hired. This sets you up for success in your new role.
One would think that Mickos, so successful in his career, wouldn't need to sell anyone on the idea of hiring him to run their company. I love that he does so both to demonstrate his commitment, but also to prepare for success in the role. In some ways, his process makes it unlikely that anyone would not hire him for a given role, since he has already started doing it. It becomes easier to just keep him moving along the track he has already started.
SEE: Hiring kit: Technical writer (Tech Pro Research)
What made HackerOne right for Mickos
Mickos is constantly asked why he chose to work at HackerOne (and why, of course, they chose him to lead it). So much so, in fact, that he authored an FAQ of sorts to give to prospective employees and others. Mickos shared this document with TechRepublic, which we republish (with his permission) below. It offers insight into the opportunity Mickos sees in HackerOne, of course, but goes further and gives deeper insight into how he thinks about work.
When you have been blessed in your professional career with business success, you will have choice when you need to decide what to do next. In 2015 I was looking around for the next full-time job to put my passion, energy and skill into. Out of 46 opportunities I looked at, I found myself most drawn to HackerOne. Why?
The world desperately needs hacker-powered security. It is imperative that we fix our connected online civilization. Software systems are buggy and vulnerable. Even the smallest criminal gang can cause major harm to companies, governments and citizens. We must figure out how to find the holes and fix them. We owe this to our children and to all future generations. Traditional security solutions don't even begin to solve this problem. But hacker-powered security does. When you invite the external world of security experts to check out your live software system, you get highly useful input. Here is something that must be done. We must all come together to solve the problems of cybersecurity. This is a calling that I get excited about.
HackerOne is a once-in-a-lifetime business opportunity. If hacker-powered security truly takes off (as every piece of evidence indicates), HackerOne stands to serve a significant role in that market. This is not a mere feature, it is a business. This is not ephemeral, it has lasting value. This is not incremental, it is a quantum leap improvement. The business model of HackerOne is uniquely powerful, bringing unprecedented value to customers and to hackers. Upon success, it will be financially rewarding for all involved. The business sensors in my mind go off the charts when I think of what hacker-powered security can accomplish in the world. HackerOne is a place for enormous value creation.
Work with people you respect. At my first meeting with them, the founders of HackerOne came across as unusually level-headed about this opportunity. They are calm and passionate at the same time, which is a sign of mastery. Each one of them said that openness and transparency is a core value of the company. I was blown away. I also looked at the investors. No matter how great the business opportunity and how wonderful the founders, it is not possible to build an amazing company with the wrong investors. HackerOne has the best of the best—investors who will always look to the best of the company and its key people, knowing that this is what enables a company to flourish.
Learn something new. I may have several unique skills that the CEO of HackerOne needs. But I am not from the security industry. This energizes me. I want to learn new things. When in 2001 I joined MySQL as CEO, I knew databases but I did not know open source. Today I do. When in 2010 I joined Eucalyptus, I knew open source but I did not know cloud. Today I do. I am committed to becoming a master of the profession I am in. I also think that building a disruptive security company requires a certain amount of outsidership. Someone not from the industry will see opportunities that insiders might not.
Community. I get huge kicks out of working with and within a community. Although as a pretty typical CEO I am a lone wolf in many ways, I don't want to work in isolation. I don't want to lead a company that isn't part of some sort of ecosystem that has meaning. In HackerOne I found a company that is built on the notion that there are passionate security hackers out there whose contributions can be channeled to business enterprises, to the benefit of all involved. That's so cool. Also, HackerOne is a perfect role model in the sharing economy. It is a company that democratizes opportunity, allowing people from anywhere in the world and any walk of life to be valued and appreciated for their knowledge and ingenuity. HackerOne and its community of hackers is showing how our modern digital society should work.
Strategy. Some companies get their strategy wrong, and they fail. Many other companies don't need much of a strategy. They are just chugging along in a well-defined business with little surprise. But at HackerOne, it's all strategy every day. Because the market category and the business model are entirely new, there are strategic decisions to make all the time. To make a strategic decision, you need a lot of data, a lot of discussion, a lot of thinking, and a good dose of creativity. That's highly inspiring. It puts our brains to test every day, and brains love to be put to test.
A team that builds a business. I want to accomplish things in a team. I love the high-fives when the team succeeds. My role in the industry is to build teams that build businesses. At HackerOne I get to do exactly that. We are building the strongest team this industry has seen. By strong I mean dedicated, learning, collaborative and productive. We have a company culture that we explain in this blog posting.
We are here for a simple reason: to act as the match-makers between the world's hackers and the world's software-powered organizations. That's what our team is focused on, and that is what is resulting in a phenomenal business.
Job application. Back in the fall of 2015 when I realized what HackerOne represents, I wrote a 3-page letter to the board of directors, begging to get the job. This is how that letter began:
To the board of HackerOne,
I would love to be CEO of HackerOne. The company is addressing one of the most significant challenges of the digital civilization. I am stoked by the opportunity and know I can do a great job. The company has a wonderful team and an excellent start. With the right strategy and strong execution, HackerOne can win in its category and become a major force in the software security space.
I want to empower the world to build a safer internet.
They gave me the job. I have not looked back.
In summary, this is an opportunity to build a significant new category leader—a sizeable company for the long term—while providing young and old hackers something useful to do and making the world a better place.
- How to become a cybersecurity pro: A cheat sheet (TechRepublic)
- Dark Web: A cheat sheet for professionals (TechRepublic)
- Interviewing tips: How to land your next tech job (free PDF) (TechRepublic)
- IT leader's guide to achieving workplace diversity (free PDF) (TechRepublic)
- IT Training Policy (Tech Pro Research)
- Remote working 101: Professional's guide to the tools of the trade (ZDNet)
- The best password managers of 2019 (CNET)
Cybersecurity and cyberwar: More must-read coverage (TechRepublic on Flipboard)