I've had very similar experience hiring for information security roles.
The volume of "good" CVs that landed on my desk was consistently high, but when we spoke to the candidates on their first telephone interview it became immediately apparent that they were not nearly as skilled at security as they were at writing CVs.
In the end, we inserted a 10 minute quick-fire Q&A at the beginning of the telephone interview which was as basic as "Define: Confidentiality, Integrity, and Availability" and other such trivial security knowledge. It was terrifying the number of people applying for mid/senior level jobs, or contracts with high day-rates who couldn't get past this. What was most galling was when people were obviously googling the anwswers whilst we spoke - we countered this with simple "which is better, and why" type questions so that there was too many variables to google and you also needed to defend your answer.
There were only a very small number of candidates who, when confronted with the Q&A responded in a "are you serious?" kind of way and just rattled off the basic knowledge in a couple of minutes. With these we could get down to the detail of the real interview pretty quickly.
The volume of "good" CVs that landed on my desk was consistently high, but when we spoke to the candidates on their first telephone interview it became immediately apparent that they were not nearly as skilled at security as they were at writing CVs.
In the end, we inserted a 10 minute quick-fire Q&A at the beginning of the telephone interview which was as basic as "Define: Confidentiality, Integrity, and Availability" and other such trivial security knowledge. It was terrifying the number of people applying for mid/senior level jobs, or contracts with high day-rates who couldn't get past this. What was most galling was when people were obviously googling the anwswers whilst we spoke - we countered this with simple "which is better, and why" type questions so that there was too many variables to google and you also needed to defend your answer.
There were only a very small number of candidates who, when confronted with the Q&A responded in a "are you serious?" kind of way and just rattled off the basic knowledge in a couple of minutes. With these we could get down to the detail of the real interview pretty quickly.