The introduction of new technologies such as cryptocurrency, coupled with a social-media driven society, has greatly increased the demand for OSINT-related jobs. Today, we are going to discuss some “Do’s and Don’ts” when it comes to creating OSINT job postings.
DO… include the area of expertise if it applies.
Be Specific. Indicate the area of expertise. Should the candidate have experience in brand protection, corporate security, cryptocurrency, the dark web, fraud, risk management, and so on?
DO… identify the OSINT skills you are looking for.
Clarify the skillset. Does your ideal candidate have experience monitoring current persistent threats, and/ or conducting social media sentiment analysis? Do they need to have experience in research methodology, and be well versed in specific information databases, etc.?
DON’T… be too general or too specific when identifying the required OSINT skills
Find the balance. It’s important to let the candidate know what specific skills you are looking for without being too technical or general. Let’s look at a quick example taken from an anonymous job posting: “Candidate is familiar with various OSINT tools and intelligence platforms.” In this case, by adding in an example or two of OSINT tools and/or platforms the candidate would direct the candidate to the type of resources they will be using. For instance, should the candidate have experience with GIS and mapping, or should they have more experience with tools that capture social media content?
Also, you may want to clarify between skills or tools that are required, versus ones that aren’t mandatory but would be considered an asset.
DO… specify the application of the OSINT research
Identify the general mandate. Is your organization most concerned with threat management, and situational awareness? If so, you may want to look for a candidate with experience in the tactical application of OSINT. Perhaps your organization’s primary concern is to create policies and plans at a national or international level. In this case, you would likely want to hire a candidate with expertise in the strategic application of OSINT. Professionals from genealogists to cyber threat hunters use OSINT in their work, so being a little specific about the professional experience you are interested in would be helpful.
DON’T… close your minds to alternative backgrounds
Don’t hesitate to broaden your view. You may think you require someone with law enforcement experience; however, someone with experience in a corporate environment such as anti-money laundering may meet your needs. So long as the individual has the ability to learn your processes and adopt your organizational culture, they might be a good fit.
DO…Ensure that the description of the role, the compensation and the classification are appropriate for the professional you are trying to hire
OSINT may be a trending topic but the practice has been in existence since at least mid-part of the last century. OSINT professionals are like any other, some individuals will have extensive education and experience in the practice and others will be relatively new to it, or they do it, but it is not a significant part of their job. Your job description, salary offer, classification level and responsibilities should reflect the caliber of the candidate you are trying to attract.
This list of “Do’s and Don’ts” is by no means exhaustive; however, by following these general guidelines you will be closer to attracting the right candidates for your specific organization.
Are you looking to improve your current OSINT operations, but aren’t sure where to start? Contact us to learn how we can assist you with the creation, development and management of your OSINT function.