Would You Hire A Convicted Felon For Pen-Testing?

Interesting post in Security Focus’  Penteration Testing mailing list .  Would you hire a convicted felon to do Pen-Test work for your company?


” I have a personal friend who has recently asked for my advice. He was convicted of a felony for grand theft auto when he was 21 or so back in the early 1990’s and a separate misdemeanor charge for fraud. He served his time, less than 1 year, paid restitution and completed  probation successfully in the mid ’90s.  Since then he has not had any run-ins with the law with the exception of a misdemeanor drunk in public charge 4 years ago… [He] is definitely a reformed individual…

  • Would you hire this person to work for your company providing internal security and pentest services?
  • Would you (as a consulting firm) hire this person to perform consulting and pentest services on behalf of your firm?
  • Would he ever be able to receive a security clearance (even a low level secret clearance) and employment from the Federal government?
  • Why or why not?”

Got an opinion?