Very few of us relish the prospect of a job interview, even though it is often a crucial and exciting part of our career path. Yet, with the right mindset and preparation, an hour’s conversation (and that’s how we should all approach interviews) could make all the difference to you landing your next position.
When you’re applying for an entry-level role – whether that’s for a a junior analyst, security engineer, systems admin role - it’s understood that your experience is limited. How you present yourself is of course critical – some of the feedback we hear from employers is the more junior candidate feels the need to prove themselves and often comes across as overzealous in the process.
Your interviewer doesn’t expect you to have all the answers but they will want a clear demonstration of how any experience you’ve gleaned through practical work experience can be applied to similar tools and processes. Make sure you come prepared with examples.
Also try to avoid focusing on money and or the job title in the first interview – this could put an employer off straight away. A prospective employer will want to see your genuine interest for the day to day role. If you’re successful at the first interview, the second and third interview (depending on the process of the company) will allow you to ask about the salary, benefits and other job specifications.
In addition, do take time to research around the company – one of the most common criticisms of candidates is around those who have seemingly have done little or no reading around the organisation and as a result come across as apathetic about the position. Invest time to read articles online, look at the company’s website, press coverage and social media – this will spell out a clear message that you are keen and interested.
Moving up the ladder to managerial status, candidates wrongly assume that their prospective employers are awaiting a laundry list of accomplishments. According to Ross Riddleston, of IT headhunter Anson McCade “Be enthusiastic, be willing to learn and show that you’re not worried about the job, but that you’re looking for a long term career. Trust the people interviewing you are doing so because they think you’re right for the job,”
The primary objective of mid-level cyber security job interviews is to assess a candidate’s competency. Be prepared to talk about the challenges you’ve faced and how you overcame them.
Interviews for second and third line of support roles such as Security Architect or Senior IT Security Consultant are rife with open-ended questions that look to unearth your strength with teamwork, time management, stakeholder management and navigating conflict. Problematic examples in your career enable you to show your experience and demonstrate your capability to do your job.
From competency to case studies, the most senior cyber security roles, namely CISO and similar, subject candidates to a far more complex interview process. Senior security professionals are expected to give a presentation around their work.
As Ross adds, “These case study interviews are where we see a lot people fall down and the most common point is at the start because they haven’t read the question properly. Put simply, if you don’t understand the deliverables you won’t pass the interview.”
Also be confident in demonstrating your style and how you work. For example, you may be more comfortable presenting in front of a white board – so don’t be afraid to ask your interviewer if they are happy for you to do that – this in turn allows an extra level of engagement.
A presentation offers an opportunity for your interviewer to get to know you. Many candidates tend to overlook this aspect. Be prepared to talk about your thought process. Think about having one or two extra slides or notes on the ‘how’ behind your presentation. You may not necessarily present them but when you get asked the tough questions you’ll be ready with an answer.
A big assumption that a lot of people in the Infosec space make, at all levels, is that your audience are experts in everything. They’re not, so avoid talking in tech lingo and instead ensure it’s in language that your interviewer will understand. At the same time you may want to go into more technical detail. If you feel they will understand and it helps your cause – it’s fine to ask whether they need more technical insight at this stage and this way you will come across confident and managing all possible expectations.
Finally, take your time. Don’t feel compelled to make knee-jerk comments or respond too quickly. Or respond with a half-baked answer if you are unsure. A considered and honest approach to questions is always the best way to approach interviews.
You may also be interested in the below articles:
- What to include on your CV to land that perfect job in Cyber Security
- Cyber Security Job Interview Questions
- The How to of Cyber Security Interviews for Recruiters