THE CU
  • Home
  • Blogs
  • Offense
    • Pen Tester Training Program
    • Offensive Cheat Sheets >
      • Bash Commands
      • Network Enumeration
      • Web Enumeration
      • Windows Post Ex
      • Metasploit
      • Shells
      • PowerShell
    • Offensive Links
  • Defense
    • Junior SOC Analyst Roadmap
    • Intermediate SOC Analyst Training Program
    • Defense Links
  • Land A Job
    • Improve Resume
    • Find a Job
    • Interview Prep
    • Grow as a Practitioner
    • Get Experience
  • FAQS
  • Other
    • Finance Resources
    • CTFs and Cons
    • Training
    • Twitter People to Follow
    • Podcasts
    • Books
    • Twitch Streamers

 

Top things to know when going into your first tech interview

6/2/2019

0 Comments

 
Today, I want to talk a little bit about the interview process. It's a fundamental part of getting a new job in cyber security. So the topic definitely deserves some level of devotion here. Before we get started, these suggestions are based on my experiences being interviewed and conducting interviews, therefore your experiences may vary. With that being said, I believe that if you can understand the different mechanics of the interview process, you will feel more comfortable and perform better. The two primary areas I am going to touch on are understanding the process and techniques to help you standout with your interviewers.

Good Cop Bad Cop

The interview process can not only be time-consuming but very very frustrating and stressful. Much of this experience has to do with the personalities interviewing you. Some can be technical and ask a bunch of pointed question, possibly in rapid succession, poking and prodding every nook and cranny of your brain. Often they make you feel stupid and as if you don't know much. They can seem tough, unapproachable and direct. Other personalities seem to be more concerned with your hopes, dreams and ambitions. They as more personal questions to figure out what makes you who you are and what gets up out of bed everyday. Perhaps, they even give you a word of encouragement when you miss the mark on a question. When you look at these two polar opposites together, does the scenario sound familiar? Maybe you have seen it on Law and Order. This technique is called "bad cop good cop" and it is often used in interviews. Sometimes the method is unintentionally used and just comes about due to the personality types. If you think about it, having a panel full of just one personality type would cause the business to miss a trove of information about the candidate. In fact, sometimes the company puts these personalities together to ensure the interview is nicely balanced. But other times is a mischievous way to get the interviewee flustered and off balance. Be on the look out for this in your next interview.

Don't be confidently ignorant

Let's move on to something with more impact on your interview. One of the biggest mistakes I saw people make when interviewing is that they try to answer everything with full confidence. I know this doesn't sound bad at first glance but when you are wrong and the people that are interviewing you know that you're wrong, and you're really confident about the wrong answer, you look a bit silly. Think about how you would feel in their shoes. To me, I had one of two feelings, either the interviewee was not the brightest crayon in the box on that topic or they had no clue. And because they had no clue they were so afraid of being wrong, they just picked an answer that sounded good and vehemently backed it. In the real world,  this can lead to big, yes big issues. Why would you hire someone who lacked the self-awareness and didn't have enough confidence in themselves to ask for help? That sounds like a harsh assessment but with interviews you get one shot. Try this technique instead (but mind you, don't do this for every question or that is a different issue). Preface your answer with "I'm not completely sure, [insert reason why] but I will give it my best shot." The reason could be that you only touched on the topic in class or that you haven't even heard of what they are referencing. But, the big idea is that you are setting expectations that you will miss the question. This is a little social engineering trick because if you get it right, they will be even more impressed. The key takeaway is , it is ok to be wrong but communicate with your interviewers and give it your best shot. ​

Why Cyber Security?

Another little tip is to sit down and think about why you are going into the cyber security career field. This is a canned questioned I can almost guarantee they will be asking at every interview. So why not have a well thought out canned response? I mean don't be a robot with your answer because they can tell if its the truth but, work your thoughts out ahead of time. Let me tell you, one of the worst thing you can do is say you entered the field because of some variation to "the money is good". I actually had an intern interviewee say that and I couldn't believe it. His other answer were terrible too but needless to say he didn't get the position. For me, I am very cautious with who I collaborate and work with. People who are in it for money and fame have different motives and different goals than me, and therefore have a different vision for projects. Others perhaps lack passion all together an just coast through their work, maintaining a strictly 9 to 5 mindset. I stay away from these folks as well because you can't expect them to stay up to date in the industry or community players.  Where I am meandering to with this point is, be careful how you respond and figure it out ahead of time. Possible follow up questions you may see are:
  • how do you stay up to date on the news?,
  • do you have a lab?,
  • do you go to any conferences?,
  • do you do any meetups?,
  • are you studying for any certifications?,
  • etc... 
​All these questions are for the purpose of figuring out if your initial answer matches your actions. If you are passionate, you probably have great answers to all of the follow ups, alternatively, if you are not, these questions will give you a metaphorical black eye. Ponder about these questions, prepare an answer and if you have fallen in love with the industry, go out mingle into the community.
​

Find a real home

Next tip, make sure you research the companies you are interviewing for. Hopefully they are researching you too. The last thing you want to do is go work for a place that doesn't treat their employees well, value their education, or they have a high turnover rate. To put a definition to "high turnover rate", I would say where most people stay less than two years is a clear sign that you should look else where. If they can't keep other employees happy, you will be miserable there. I know you are hoping to just get a job but trust me, you don't want to be miserable. In fact, your on the job education can grow expeditiously in the right environment. I have worked at places with a well developed sense of community and others without. The collaboration, and the extra push from my coworkers allowed me to grow at and exponentially faster rate than the other environment, which almost made me feel like I was trapped in quicksand. To find this information, ask questions about projects, study groups, as well as lunch and learns. Also check out Glassdoor.com. Take the reviews with a grain of salt but if you see tons of negative reviews and everyone is saying the same thing, they most likely have a systemic problem. This position you are interviewing for will be a home you spend at least 40 hours per week at, so keep that in mind and find a good fit.

Conclusion

I hope these ideas will help you land a dream job at a company you can be happy at for years to come. Remember that interviews are a two way street and you are interviewing them as much as they are interviewing you. Let me know how your next interview goes and feel free to post any tips. I will add them here for others to use. If you would like for me to dig deeper into any subject let me know and I'll be happy to.

Author

Micheal Small
Cyber security enthusiast. Sharer of opinions. Conference goer. Kayaker. Star Wars lover.

0 Comments

Your comment will be posted after it is approved.


Leave a Reply.

    Author

    Silverbits
    - Infosec Enthusiast
    - Traveler
    - Future AT Thru-Hiker
    - CTFer
    - Red and Blue Teamer

      signup!

    Subscribe to Newsletter

    Categories

    All
    Book Review
    Certifications
    Coding
    Conferences
    Course Review
    Cracking
    Defense
    Finance
    Fire
    Forensics
    Hacking
    Hashes
    Incident Response
    Job Hunting
    Malware
    Mindset
    OSCP
    Pen Testing
    Tools
    Travel
    Updates
    Web Hacking

    Archives

    January 2023
    January 2022
    December 2021
    November 2021
    October 2021
    September 2021
    August 2021
    July 2021
    June 2021
    May 2021
    April 2021
    November 2020
    October 2020
    September 2020
    August 2020
    July 2020
    October 2019
    September 2019
    August 2019
    July 2019
    June 2019
    May 2019
    April 2019
    March 2019
    May 2018
    April 2018

    RSS Feed

Home      Blogs    Disclaimers    Copyright Notice   Cookie Policy ​
  • Home
  • Blogs
  • Offense
    • Pen Tester Training Program
    • Offensive Cheat Sheets >
      • Bash Commands
      • Network Enumeration
      • Web Enumeration
      • Windows Post Ex
      • Metasploit
      • Shells
      • PowerShell
    • Offensive Links
  • Defense
    • Junior SOC Analyst Roadmap
    • Intermediate SOC Analyst Training Program
    • Defense Links
  • Land A Job
    • Improve Resume
    • Find a Job
    • Interview Prep
    • Grow as a Practitioner
    • Get Experience
  • FAQS
  • Other
    • Finance Resources
    • CTFs and Cons
    • Training
    • Twitter People to Follow
    • Podcasts
    • Books
    • Twitch Streamers