Why We Are Working on an AI-assisted Resume Screen

I have a problem with conventional resume screening; I have mentioned it before. Especially automated resume screening. In my experience too many of the people behind the screens are relying on two dimensions in setting up the bots: small chunks of text and keywords given to them by hiring managers.

My problem is that I strain to see the link between how a resume is formatted (which chunks of text in which order) or worded (which words are in the chunks of text) or coded (which keywords are floating around) and hardcore technical talent. In fact, in my experience, the correlation is negative by which I mean that I have seen topnotch technologists standing behind very ugly and badly worded resumes.

I can see how one might hire a writer or a graphic designer based on how aesthetically pleasing a resume is. But I need convincing, with data, that this same methodology can spot  the kind of talent needed to succeed in cybersecurity.

I have a particular distrust of keyword-based screening, along the lines of "exclude resumes that don't mention {some acronym} and {some other acronym} and {some industry} and {some job title}." They may work in aggregate; I have seen many examples of them failing pretty badly at the individual level.

The deconstruction of the resume, by which I mean requiring people to enter the data you want into a form so that formatting isn't a distraction, is an improvement but its adoption is spotty.

Often when I express this view to HR or recruiting people I am accused of being ignorant or cynical. That may be, but today's post was triggered by a very cynical observation: a company that is more or less explicit in its playing both sides of the game. They offer services to hiring organizations to process resumes and services to candidates to "beat" the resume scanning. Except that forcing the match-making between application and job description into a game is very odd because it makes "winning" filling the seat instead of choosing the best candidate. It sets the bar very low for both sides and risks encouraging candidates to take jobs for which they are barely suited jobs and employers to hire barely-suited candidates. This is a great way to build a mediocre organization but a mediocre way to build a great one. And there is, sadly, little point in a mediocre cybersecurity program. Getting hacked a bit less isn't the goal, or shouldn't be.

In an ideal world, the pre-interview process started with a pile of resumes and creates a pool of minimally competent candidates from which the interview process will select the most appropriate to the specific current and future needs of the hiring organization. Just two steps from resume to candidate interview. But, as the paratrooper joke goes, that first step is doozy.

To make that first step less of a doozy, Pythia Cyber provides you with a talent assessment. To determine talent Pythia Cyber has partnered with Conchie Associates to develop a talent assessment which requires candidates to answer a number of questions which probe along a number of dimensions. The idea is to have a valid, neutral talent profile which will round out your picture of the candidate and lower your risk of not hiring the candidate best suited to your particular needs.

But the screens cost time and money, so how do you decide which candidates rate an assessment? Especially if you only have a pile of resumes as your starting point?

Given my antipathy it might seem odd that Pythia Cyber is considering adopting an AI-assisted resume screen. But we are. What makes our version different is its goal, its endpoint. The endpoint is not to match some filtered, boiled down set of criteria from the hiring manager. The endpoint is the job description written by the hiring manager. This is where the AI comes in: we are not doing fancy patter-matching here, we are training an AI to match up resumes of cybersecurity candidates with job descriptions of cybersecurity roles. We aren't hoping that the hiring manager and the candidate chose the same keywords for the bigger-than-keywords technical domain. We are hoping that the hiring manager and the candidate, within broad parameters, described the same tasks in recognizably similar ways.

We understand that before the hiring manager can do their thing an expert should run the front end of the job applicant process. We hear you that these days there are too many resumes chasing too few cybersecurity jobs. We get that you can't interview everyone so there has to be some kind of winnowing process between resume and interview. But having people who know nothing about cybersecurity filter resumes based on what they think you want is not the best way to do this.

We can help turn the pile of resumes with an intelligent, cybersecurity-specific screen into a pool of interviewees and we can help turn the interview into more than a chemistry test by letting you know the domain-specific strengths and weaknesses of the person you are interviewing. Ask us how.