.

Don't Blow Your Next IT Security Job Interview

<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Fri May 29, 2009 12:02 pm

Don't Blow Your Next IT Security Job Interview

I had a conversation recently with someone in the pen testing field that I had noticed had no problem getting job offers in this horrible economy. When talking to him, you can tell right away, he knows his stuff. And it's not just rote memorization of cert exam answers. Now he doesn't know everything, and he will readily admit it. He is also very willing to learn anything and everything. This kind of attitude and eventual knowledge gain has just kept him climbing the ladder to better and higher paying jobs. So I was wondering what it is that many out there are complaining about. This Eye-opening article by Roger Grimes tells me.

http://www.infoworld.com/d/security-cen ... erview-226

Hope it helps,
Don
CISSP, MCSE, CSTA, Security+ SME
<<

ants

Newbie
Newbie

Posts: 25

Joined: Sun Mar 15, 2009 8:51 am

Location: Ireland

Post Fri May 29, 2009 12:33 pm

Re: Don't Blow Your Next IT Security Job Interview

I find that article slightly depressing. I think that I wouldn't make it as far as the interview stage due to my lack of experience but I could answer all of those questions.
But I guess that I will just continue studying and learning because I find Security fascinating and challenging and I am sure that I will eventually succeed.
CEH, GPEN, GCFW
<<

impelse

Hero Member
Hero Member

Posts: 585

Joined: Mon Feb 16, 2009 3:40 pm

Post Fri May 29, 2009 1:23 pm

Re: Don't Blow Your Next IT Security Job Interview

I liked a lot the article, I prefer to read before begin to pursue a certification, but I always use the certification to get knowledge and go a little deep.

This is the information I am looking for, to tell you the true about the interviews.
CCNA, Security+, 70-290, 70-291
CCNA Security
Taking Hackingdojo training

Website: http://blog.thehost1.com/
<<

timmedin

User avatar

Sr. Member
Sr. Member

Posts: 469

Joined: Thu Feb 05, 2009 11:18 pm

Post Fri May 29, 2009 11:39 pm

Re: Don't Blow Your Next IT Security Job Interview

The most intelligent and outstanding people I know say "I don't know" more often than most of the other people I know. There is a lot to be said for saying "I don't know, but I know how to find out." There is something to be said about confidence, but if you are wrong you are going to look like an idiot.

Hal Pomeranz (Deer Run Associates and blog.commandlinekungfu.com contributor) wrote a blog post about one of his favorite questions to ask interviewees.
http://blog.commandlinekungfu.com/2009/ ... files.html
Most don't know the answer to his question, but knowing where to look for the answer is 90% of the solution.
twitter.com/timmedin | http://blog.securitywhole.com
<<

RoleReversal

User avatar

Hero Member
Hero Member

Posts: 928

Joined: Fri Jan 04, 2008 8:54 am

Location: UK

Post Sun May 31, 2009 6:17 am

Re: Don't Blow Your Next IT Security Job Interview

Don, thanks for linking to the article as it's a good read.

I'll second the suggestion of 'Don't know', one of the best bits of advice I was given when starting in the IT field is that one of the best answers to a question (obviously knowing the answer is prefered ;) ) is 'I don't know, but I'll find out and get back to you'. Unfortunately, this doesn't always transistion well in interview situations, I know of an interview were the candidate's answer to every technical question was 'I'd use Google to find out', as far as I know he is still looking for a job...

From an general perspective this could be depressing, but if you know your stuff then look on the brightside, you should be a prime candidate (if you can get your CV past HR....)
<<

dalepearson

Sr. Member
Sr. Member

Posts: 357

Joined: Thu Nov 09, 2006 10:03 am

Post Mon Jun 01, 2009 3:53 am

Re: Don't Blow Your Next IT Security Job Interview

Don,

this is a good article, and sadly I think it does reflect the situation alot of us are in when it comes to hiring, and getting hired.
I have said it many times, but a passion for security is one of the most important things, alot of the rest comes as a by product.

Seems so many of the candidates they speak of lacked this passion, didnt want to learn, etc.

So many people seem to think the job should be given to them as they believe they are super elite. I am a firm believer those that know it, dont need to continually advertise it.

Like Andrew says, the hardest thing is getting your CV past the recruiters and HR departments who dont know there Conflicker either :)
<<

sgt_mjc

Sr. Member
Sr. Member

Posts: 294

Joined: Tue Feb 05, 2008 8:34 am

Location: AL

Post Mon Jun 01, 2009 7:30 am

Re: Don't Blow Your Next IT Security Job Interview

You know, I agree that getting by the recruiter/hr can be a real pain. However, using your network doesn't hurt any. It does help to know some one where you are looking and that will often get you in the door for that crucial interview.

Take for example, the folks here. Between us, we all know a lot of people and most of would be willing to help some one get started. Look at all the advice available here in this thread alone. And chance are, if one of us doesn't work where you are looking, we might know a some one that does. So my advice, along with all of the above, is to keep plugging away at getting in the door, but also use your network of contacts.
Mike Conway
CISSP
CompTia Security +
C|EH
<<

dalepearson

Sr. Member
Sr. Member

Posts: 357

Joined: Thu Nov 09, 2006 10:03 am

Post Mon Jun 01, 2009 7:34 am

Re: Don't Blow Your Next IT Security Job Interview

I agree on using your networking.
However I have also been let down by putting a good work in for a friend of a guy who used to work for me.
He never showed up for the interview, then asked to have another one, and no show again. Its not the end of the world, but its your good name on the line.

Just be mindful.
<<

UNIX

User avatar

Hero Member
Hero Member

Posts: 1244

Joined: Mon Apr 28, 2008 9:20 am

Post Tue Jun 02, 2009 3:23 am

Re: Don't Blow Your Next IT Security Job Interview

I read the article now too. I guess it is very important to know at least the theoretical basics of possible attack vendors and some countermeasurse you can start. Often people won't be asked something very specialized as the interviewer wants first to see if the person has at least a general knowledge on the field he is applying for.
In my experience it also often helps to just talk and show that you are very interested and commited to security. When you can show some certificates or projects where you have worked in your spare free-time on it surely will help and will maybe even be the last thing needed to get employed.


Some things mentioned in the article are naturally though such as not bad talking about your former employ or display yourself as an leet hacker. As soon as the interviewer gets the feeling that you are not serious or doubt your legitimate actions you surely won't get the job.
<<

former33t

Full Member
Full Member

Posts: 226

Joined: Sat Feb 14, 2009 12:33 am

Post Wed Jun 03, 2009 4:20 pm

Re: Don't Blow Your Next IT Security Job Interview

Don, good article.  I've been there on the hiring side, not in security, but with system administration.  I ran into a supposed MCSE that didn't know Windows had default hidden shares for every volume.

timmedin, you are so on the money about the people who are willing to admit they don't know something.  Amazing how infrequently people fit this bill.  Thanks for linking to the article with the find command.  I haven't used xargs in some years.  I'd have used 'grep -l' if asked. 

I do remember having to use xargs in the old Solaris 6 and 7 days when the find that shipped with Solaris sucked so bad it wouldn't interpret some standard switches correctly.  Hadn't thought about it in at least two or three years though.
Certifications: CREA, MCSE: Security, CCNA, Security+, other junk

Return to Career Central

Who is online

Users browsing this forum: No registered users and 1 guest

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software