Work sample tests are a critical part of hiring well. But they're a minefield; so easy to build unfair tests.
My new article has the rules I follow to build fair tests. Check it out, or 🧵👇 for the short version: jacobian.org/2021/nov/17/ws…
1. Simulate real work as closely as possible: always use exercises that are close as possible to the real tasks candidates would perform if hired.
Don't ask candidates to do things in tests they'd never have to do in real life. Don't add bullshit requirements like "no googling".
2. Limit work sample tests to less than 3 hours. Be explicit about that time-box. Asking more than that is unfair.
3. But also allow candidates to find those three hours anywhere they can; be very flexible with scheduling, and avoid deadlines. Candidate's have many other responsibilities beyond interviewing with you; show some respect.
4. Provide as much choice to candidates as possible: give them the choice of several kinds of work sample tests, programming languages, environments, etc. Give candidates the opportunity to play to their strengths.
5. Use tests as the start of a discussion, not as a simple pass/fail. Resist the temptation to check submissions automatically.
Programming is a team sport; you need people who can code and _also_ talk about code. Check for both.
6. No surprises: tell candidates ahead of time about the work sample test, and give them clear instructions when assigning the test.
Surprise tests were bullshit in high school; in professional life, they're unforgivable.
7. Test your work sample tests internally before giving them to candidates. If people already working for you perform poorly on the exercise, it’s probably too hard for candidates (or you’ve made some terrible hiring decisions).
8. Offer exercises late in the hiring process. Don't make them the "gate" to the rest of the interviews! It’s incredibly rude to ask a candidate to spend hours writing code only to get to a hiring manager who rejects them after 15 minutes.
PSA: if you're in tech, know that comp is up A LOT (10% - 50%) over last year. This is most pronounced at FAANG and for Senior-plus level engineering roles, but is true to a lesser extent nearly everywhere I've looked. If you're looking, or thinking about a raise: ask for more.
If you'd like a gut check on your salary, or an offer you're looking at, or on what you might ask for: please reach out. I'm happy to share what I'm seeing, and any thoughts specific to you and your role.
To give one specific example: I know of a few people — staff-plus engineers; director-plus managers — making over $1M in total comp. These are outliers, but before 2021 I'd only heard of those much at those levels once or twice; now I know of at least a half-dozen.
So much this. A physical breach is a nightmare scenario for infosec.
On the off-chance that any of my followers are involved in this -- I do have some experience in scenarios like this and would be happy to help. If I can be of assistance hit me up.
Just to give folks who aren't in the field an idea what we're talking about:
- we must assume that foreign agents were among the rioters
- snooping devices can be implanted into anything with a power cord
- so every device in the capitol is now a potential foreign asset
So, just for starters:
- all computers need to be inventoried, inspected inside and out, and the OS paved/rebuilt
- keyboards, mice, &c might now have implants, they probably should be tossed (see eg keelog.com/forensic-keylo… which looks like a usb cable but is in fact a logger)
I'm not ashamed to admit that sometimes I miss PHP.
Over 20 years later, and still nobody's even come _close_ to PHP's ease of deployment.
This tweet brought to you by the 3 programming languages and 5 Docker images I need just to run one app.
Turns out having what I thought was a mild opinion about web app deployment was an invitation for people to yell at me, assume I'm stupid, or sell me thier Next Great Thing.
Ugh.
The thing that boggles my mind is how people just assume no nuance whatsoever. Most replies seem to think that I don't get that there are good reasons things got more complex, or that I don't know there are downsides to yolo editing in production, or etc.