What does an cybersecurity interview normally look like? What are some common ways of testing knowledge/assessing skills?
I work for IBM in a related field, endpoint management. Essentially, a large part of that job involves vulnerability management and patching. Cybersecurity (now usually called INFOSEC or information security) interviews are probably as varied in approach as the number of companies hiring for them. So, I would say that it's difficult to know for sure what any given interview could consist of.
Many companies are going to want to know what specific tools you may have knowledge of. They also recognize that their specific toolset is likely different from other companies, so training you on their tools would be expected.
The interview for cybersecurity would likely be partly "what you already know", plus "how you think". You would likely be given several scenarios so they can see your thought process. The main goal of this is really to see several things. Do you look at the problem as a whole? Are you considering historical issues such as what may have happened in the past? Are you willing to ask for help, or are you a lone-wolf? Do you have a methodical mindset where you gather as much information as possible, contemplate some theories, test those theories, hone-in on the source of the problem, etc.? Do you communicate with your colleagues and keep everyone, especially management informed, etc. Do you provide updates when new information is learned? All of that speaks volumes on your success in information security as well as how you would fit-in in a professional environment.
Probably the best thing you can do to prepare is to do some networking... especially for the main companies you are interested in. Don't be afraid to contact someone on LinkedIn who is already in the field, especially a manager, and ask if they would do a mock interview with you or answer questions specific to their company. You may gain insight into the work environment, and potentially what tools they use. You can then study those tools so that when they ask you about them in a real interview, you know the basic gist of what they do.
It honestly all depends on your discipline of cyber related activities. It really does, I do interview all around cyber, and sales engineering. For a sales engineering role, I focus more on your softskills. One of the first items I cover. Tell me about your favorite candy.
This does three things. I see if you're listening, to calm the nerves, if we cant hold a conversation about something you like, ( if we get technical you're at a disadvantage - I have answers in front of me, you wouldn't and being nervous adds more against you), there is no need to get technical. When interviews are face to face, I will ask for you to whiteboard a thought process, any process. (Make something up as a fake process dont care), I want to know if you can get an idea across, simplified and clean or if you have the penmanship of a doctor. I gauging to see if you understand process and can I understand your meaning.
If there is a product or technical aspect to some questioning, if you don't know something, I promise on the job (in classes) you would learn it. This is typical when it comes to sales engineering roles, by the time you engage with clients you will have an unspoken relationship with the chosen product.
For roles such as a reverse engineer, code warrior, or analyst, something that is hands on every day technical, you will more than likely be asked to prove those skills in hands on in a lab or provide examples of past works. You will be asked about protocols and there operation, even maybe some history of cyber related incidents. I can tell you from past experiences we used BlackHat and DefCon as entry-points to XFORCE.
Again it all depends on what role you are looking for.
Cybersecurity interviews will usually be a combination of personality/previous experience/tech questions/ and situation based questions that will be commensurate with the certs that you have and the position that you are applying for. I would look over the tech material before the interviews, explain what skills and abilities you have, answer the questions to the best of your abilities, and if you dont know an answer to a question then ask them to rephrase it or maybe you just dont know the answer and thats ok.
There are so many cybersecurity certifications out there! A common way of people on my team showcasing their expertise is by having a CISM or CISSP cert. As for interviews, I'm not much help on the technical side but cyber is so broad - so it seems like it depends which part youre going for (threat hunting, ethical hacking etc)
One place I'd think would be a good place to start is glassdoor. A lot of people will post their interview questions that they got asked in interviews at whichever company you are looking at. Obviously, it's not a for sure thing that you'll get asked the same thing but at least you have some idea of what they are asking. The next thing is reading and staying up to date on what current certs companies are looking for.
Hi Daniel, thanks for your question!
First, I must admit, I'm not a cybersecurity professional but I saw your question here and it reminded me of a blog post I saw recently (many of our veterans at ACP transition out and want to join this dynamic career field).
It's fairly basic, but it should get the gears turning a little bit.
(see story from a transitioning vet) https://www.springboard.com/blog/soldiers-path-to-ai/
Anyway, I hope this helps. I find it comforting to know that there are other vets in similar situations to learn from, like Jon in the blog post.
Please log in to answer this question.