Published in


Don’t Hire By Whiteboarding and Coding Tests Unless You Are Google, or The Likes

  • Hiring by skill-set is for short-term, while hiring by mindset is for long-term
  • It is easier to learn a skill-set than to change a mindset
  • The basis of the 2 beliefs advocating hiring by mindset
  • If you are hiring by mindset, what mindset should you look for?
  • How do you look for signs of this mindset?
  • By sacrificing skill-set for mindset, how do you gauge if the candidate possesses intelligence to pick up a required skill-set?

‘Hire by Mindset’ Argument

Short-term vs. Long-term

Learning Skill-set vs. Changing Mindset

  • Changing mindset requires fighting against how humans are wired (more on this later), so it is a long-term process
  • Our surroundings does not provide a feedback loop that is short, nor objective, i.e., we are do not have enough signals to tell us if what we are doing will lead to success, and when we do get those signals, it is often too late.

What Mindset Should You Look For?

  • Be perfectly scrappy not be perfect
  • Align with cross-company goals

Be Perfectly Scrappy Not Be Perfect

Align With Cross-Company Goals

Looking For Signs of Required Mindset

  • Look for a variation of achievements in the resume? Does it include engineering with marketing/sales tilt? For example, does it include evangelizing a product on social media, or does it include integrating the product with various sales tools?
  • Ask about what she thinks are the most important attributes of an engineer? Is there any mention of soft-skills, such as learning to work in an agile team? Is there any expression of delight when talking how engineering and business work in tandem?

How to gauge the ability to learn?

Power of Observation

  • Each OAuth2 flow type can be categorized based on implementation difficulty, security, and use cases
  • Authorization Code flow has the highest security because it has a Guard, and the Key is never handed to the App (unlike all other cases)
  • Resource Owner Password Credential flow has the lowest security because it is the only flow where the User gives her username/password to the App

Ability to Infer

  • Goal: What we want to match or not match
  • Regex: The engineer should formulate or tweak this to achieve specified ‘Goal’ for given ‘String’ as input
  • String: The input used to test regex
  • Outcome: match, if the string and regex resulted in a match, otherwise no-match. This should correspond to ‘Goal’
Goal: Match only valid google URLs 
String: www.google.com
Regex: /google/
Outcome: match <===== 'Outcome' satisfies 'Goal'
Goal: Match only valid google URLs
String: www.abc.com
Regex: /google/
Outcome: no-match <===== 'Outcome' satisfies 'Goal'
Goal: Match all valid google URLs
String: google.evil.com
Regex: /google/ <===== Incorrect 'Regex' to achieve 'Goal'
Outcome: match <===== Should be no-match
Goal: Match all valid google URLs
String: fake-google.com
Regex: /google\.com/ <===== Incorrect 'Regex' to achieve 'Goal'
Outcome: match <===== Should be no-match

Code Comprehension

  • Is self-contained, e.g., batch scripts that perform specific tasks, to minimize distraction of peripheral code
  • Contains basic programming constructs such as variables, constants, expressions, functions, data flow controls
  • Contains object-oriented concepts such as class/instance variables/methods, inheritance, polymorphism/interface
  • Contains some well-used patterns, e.g., abstract static factory, decorator, builder, etc.
  • Contains error handling, which covers hierarchical try/catch error blocks
  • Contains functional programming, which can be simple functions that focus on what the program does instead of how, e.g., map, reduce, and/or complex patterns that include passing/returning functions into/from other functions
  • Contains asynchronous code, which covers code flow to test understanding of callbacks, and newer paradigms that avoids ‘pyramid of doom’ callbacks, and hides the details of asynchronous programming
  • Contains parallel programming, which covers memory sharing, inter-process communication, paradigms that hides the need understand parallelism, and common parallel programming pitfalls in certain languages that will not happen in other languages

Root Cause Determination

  • An explanation of how things are expected to work
  • Symptoms of issue
  • Program B does not work
  • Port 2222 does not work
  • Install program A on port 2222 or
  • Install the simplest possible program on port 2222
  • Install program B on port 1111

Final Thoughts



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Soon Hin Khor, Ph.D.

Use tech to make the world more caring, and responsible. Nat. Univ. Singapore, Carnegie Mellon Univ, Univ. of Tokyo. IBM, 500Startups & Y-Combinator companies