Interviewing is such a crucial part of the job-hunting process. Some companies do several rounds of interviews as well. In order to succeed, you need to know three basic principles. This article is a complete breakdown of how to prepare for cybersecurity interviews. If you are looking for work, about to go to an interview, or even just thinking about the field, this article is a must-read.
A Little Background On Cybersecurity Interviews
A lot of the tips that I’m going to discuss are not requirements to get a job in cybersecurity. There are constantly news stories about how there is a cybersecurity skills gap. Despite how many jobs are open in this career field, it is still highly competitive. The tips that I offer will help you stand out amongst the crowd. The little things that you can do before the interview, during, and after can be the difference between you or the next candidate getting hired.
You will deal with gatekeepers, people who aren’t willing to train, and companies that don’t understand what they actually need. Don’t let that discourage you. The field of information security is very large, with many different cybersecurity roles. If you love the idea of working in tech, but don’t like your job then exploring a different role might be the right thing for you.
What You Need to Know to Succeed
So many candidates focus on the cybersecurity interview questions and answers for the interview. While these are important, they are really only one-third of what you need. The three areas that you need to work on are how to handle:
- Presentation – How you look, feel, speak.
- Non-technical interview questions – Personality and background are important.
- Technical Questions – A base set of knowledge and skills.
You only get one chance at a first impression. Cybersecurity interviews are just like any other job interview. If a hiring manager doesn’t like what they see, hear, feel, they won’t hire you. You can be the smartest candidate in the room, it still won’t happen. You have to be prepared by wearing the right clothes and talking the right way.
Tip # 1: Dress For Success
In the world of information security, there aren’t too many jobs that require you to wear business formal. Most jobs aren’t at that level though. I still recommend having at least one outfit for interviews. I’ve been told several times that business formal attire impressed the hiring manager. When I finished school, I got a 2 for 1 deal at Men’s Warehouse for like 300 bucks. There are exceptions though. If a company’s dress code is a t-shirt and shorts, you’ll want to stick to business casual. I once got told by a hiring manager that for my final interview, if I wore pants I wouldn’t get hired.
Tip # 2: Research The Company’s Website
It is the 21st century, every company should have a website. Go to the site and explore as much as you can. Most companies post their company motto and a brief history. Being able to roll this information into your elevator pitch is impressive. It makes you seem like you fit the culture from the start.
Tip # 3: Research The Role Within That Company
There a lot of sites you can find other information from. I use Indeed and Glassdoor to find this data. I search for things like salary, interview questions, reviews, and benefits. Typically you will have the name of your interviewer. Find them on Linkedin and see if you have common interests, who they follow, comments they’ve made. The more you structure your pitch directly to that person, the better.
Tip # 4: Practice Makes Perfect
If you are like me, you don’t feel comfortable dressing up. In order to get comfortable, you need to put your attire on at home. Practice your elevator pitch facing the mirror. Work through the message you want the interviewer to walk away with. Write down key points or answers to questions. Have the route from your home to the company mapped out. Mock interviews are crucial if you are in the early stages of your career.
Tip # 5: Prepare Your Mind
Ensure that you get a restful night prior to the big day. If you are tired, you won’t project your best self. Arrive as early as you. Frantically rushing through traffic wreaks havoc on your mind. Before walking in, close your eyes at your wheel. Envision yourself walking out with the job offer.
When preparing for cybersecurity interviews, this category often gets overlooked. Us technical people tend to forget things like personality and company culture matter too. Knowing the questions that might be asked is crucial to be prepared to answer them.
Tip # 6: Who Is The Company’s Ideal Fit
When researching a company’s culture, it is vital to see what fits. I highly discourage you from changing who you are to get a job. You have to decide if you feel comfortable in that environment. If you do, figure out what the perfect candidate within that office looks and acts like.
- Is it a pro-fitness environment?
- Do employees enjoy sporting events?
- Are politics openly discussed?
- Is it a friendly, helpful environment?
- Are families accepted/encouraged, or is it full of single people?
Tip # 7: Know How to Answer Personality Questions
These are the types of questions where it’s hard to know the right or wrong answer. Here are examples of the types of questions you might face:
- Do you work better with a team or independently?
- Do you work well under pressure?
- Do you prefer to work at home, or in the office with the team?
- Do you enjoy working at the same office every day, or going to multiple sites?
- Do you work better at night or during the day?
Tip # 8: Have A Career Plan
One of my favorite question series to ask people that I am interviewing revolves around their goals. What are your career goals, and how would this position help you with them? So many candidates don’t know how to answer this. I coach people not to look for just another job, but to find your career path, and align the jobs to that path.
Tip # 9: Be Able To Tell Real Stories
There are lots of questions that require you to speak about your experiences. These can be drawn from anything you’ve done in the past. One hiring manager told me how a candidate he hired impressed them with a story about gaming. He compared being a team lead to being a guild leader for his video game. Some examples of these questions are:
- Tell me about a time where you had to face an impossible deadline, and what you did about it.
- Have you had to face adversity in the past? How did you deal with it?
- How would you handle being over-tasked?
- Did you ever work for or with someone you did NOT get along with, how did that play out?
- Were you ever assigned a task that you absolutely did NOT want to do?
Tip # 10: Answer The Questions
So many candidates get into a job interview and they are so worked up. When answering questions, they can rattle on and on, going off-topic. If you bore a hiring manager, they aren’t going to hire you. Don’t avoid answering the question, but get to the point. I advise keeping answers to a paragraph, a few sentences, at most.
Tip # 11: Don’t Get Intimidated
In a typical interview, you could be facing one or multiple people. It can feel like you are being surrounded sometimes. You will face people with no sense of humor, without emotion, who might even come off as mean. Focus instead on answering questions, engaging in conversation, and doing your best.
To work a cybersecurity job, you usually need to have some basic level of knowledge about information technology. I call it a higher tier level of job, because, in order to secure something, you have to understand how it works. Some of these questions will be technical, and others job-related.
Tip # 12: Understand The Position
This may seem straightforward, but it is not. Make sure you have a clear understanding of what the position requires. You will be asked technical questions regarding specifics to the position. Most positions require knowledge of ports/protocols, troubleshooting systems, and basic scripting. Here are some more specific examples:
- Security Builder: study operating systems, security appliances(try to find out what they run on-site)
- Security Attacker: study hacker methodology, step by step
- Security Defender: study what you can learn from which log, and where to find them
- Security Auditor: study different compliance legislation
- Security Writer: study regulation within the company’s field
Tip # 13: Be Able To Communicate Answers In Words
At some point during the interview, you will be asked to walk through a scenario. You need to be able to wrap your head around the topic, explain it to the interviewers. No notes, no pictures, just be able to speak the answers out.
Tip # 14: Know How to Draw On a Board
In technical cybersecurity interviews, you’ll be required to write on a dry-erase board or similar. Drawing out a network diagram, or drawing a path that TCP/IP traffic follows. Practice working on drawing on a big board because it’s a useful skill on the job too.
Tip # 15: Don’t Lie, Or Avoid Questions
There will be questions on your interview that you either can’t remember the answer to or you just don’t know. That is O.K. Professionals in this industry use books, notes, or google search because it is hard to memorize it all. If an interviewer is asking a question, they know the right answer. Don’t try to trick them. Here are examples of how to handle those questions:
- I have not worked with that before, is it like (similar technology you HAVE worked with)?
- I’ve been scripting for (time) and I still need to google that command syntax, but the result would be__
- I have seen that before, but do not have experience working with it.
There Is A Place For You
This industry has so many different areas for you to explore. There is a fit for you if you are interested. Don’t get too intimidated by cybersecurity interviews that you get discouraged. These 15 tips will help you succeed. If you are unsure of what the options are, go read this article about the different cybersecurity roles. Then, check out this article about the cybersecurity skills you already have.