Revealed:
The top skills to showcase in a cyber security job interview
by Christine Wright, Senior Vice President, Hays US
If you have an interview coming up for a cyber security role, preparation is everything. And there are two hot topics most employers want to know about now: the zero trust model and ransomware.
The pandemic has permanently changed our outlook on remote work – with 82 per cent of company leaders planning to allow staff to work remotely, at least some of the time. But this shift also makes businesses more vulnerable to ransomware attacks.
A recent survey found that 96 per cent of companies were concerned about being hit by a ransomware attack during the pandemic. Further research from Garter reveals 27 per cent of malware incidents in 2020 were attributed to ransomware. Email phishing and compromised remote desktop protocol (RDP) are reportedly the top entry points for such attacks, which is bad news for the world of remote work. If the right measures are not put into place, remote working can introduce RDP vulnerabilities.
When workforces are based remotely rather than in the office, employees are also more susceptible to phishing scams, with 60 per cent of firms expecting to fall victim to an email based attack in the next year.
The pandemic has permanently changed our outlook on remote work – with 82 per cent of company leaders planning to allow staff to work remotely, at least some of the time. But this shift also makes businesses more vulnerable to ransomware attacks.
A recent survey found that 96 per cent of companies were concerned about being hit by a ransomware attack during the pandemic. Further research from Garter reveals 27 per cent of malware incidents in 2020 were attributed to ransomware. Email phishing and compromised remote desktop protocol (RDP) are reportedly the top entry points for such attacks, which is bad news for the world of remote work. If the right measures are not put into place, remote working can introduce RDP vulnerabilities.
When workforces are based remotely rather than in the office, employees are also more susceptible to phishing scams, with 60 per cent of firms expecting to fall victim to an email based attack in the next year.
Whether you are applying for Microsoft security jobs or cloud cyber security jobs, the world of cyber security is now increasing in scale and complexity. You must be prepared to answer some standard questions during a job interview. These are a great opportunity to help you stand out in today’s cyber security jobs market.
For example, an interviewer may ask you what security measures are required for your home network. Or they could ask how you can improve user authentication for an online application, or why DNS monitoring is important. It can be difficult to predict what an interviewer will ask. But one way you can make a good impression is to make connections between your own cyber security expertise, the enterprise and the world of remote work.
It is also important to demonstrate your wider knowledge outside of your technical skillset. With more than half of companies lacking an effective cyber incident response plan, you need to demonstrate how you could help an organisation up its cyber security game. A key area to consider is the human element of cyber security, where employees are often shirking their cyber security responsibilities. How could you build buy-in with a remote team, for example?
Whether you are applying for Microsoft security jobs or cloud cyber security jobs, the world of cyber security is now increasing in scale and complexity. You must be prepared to answer some standard questions during a job interview. These are a great opportunity to help you stand out in today’s cyber security jobs market.
For example, an interviewer may ask you what security measures are required for your home network. Or they could ask how you can improve user authentication for an online application, or why DNS monitoring is important. It can be difficult to predict what an interviewer will ask. But one way you can make a good impression is to make connections between your own cyber security expertise, the enterprise and the world of remote work.
It is also important to demonstrate your wider knowledge outside of your technical skillset. With more than half of companies lacking an effective cyber incident response plan, you need to demonstrate how you could help an organisation up its cyber security game. A key area to consider is the human element of cyber security, where employees are often shirking their cyber security responsibilities. How could you build buy-in with a remote team, for example?
Prepare some key points, explaining how your cyber security experience to date can help an organisation adapt to the new world of remote work.
A key topic to consider is the emerging “zero trust” model, which is replacing the “castle and moat” approach. This shift is happening because enterprises are now losing control over the networks. In the pre-COVID world, everyone worked in the office and on dedicated devices, where firewalls gave a layer of protection. But remote work completely undermines this model.
Instead, businesses are turning to a “zero trust” model. Here, the identity of every individual entering the network is verified and authenticated, across multiple checkpoints.
Prepare some key points, explaining how your cyber security experience to date can help an organisation adapt to the new world of remote work.
A key topic to consider is the emerging “zero trust” model, which is replacing the “castle and moat” approach. This shift is happening because enterprises are now losing control over the networks. In the pre-COVID world, everyone worked in the office and on dedicated devices, where firewalls gave a layer of protection. But remote work completely undermines this model.
Instead, businesses are turning to a “zero trust” model. Here, the identity of every individual entering the network is verified and authenticated, across multiple checkpoints.
Five questions to ask your interviewer to demonstrate your cyber security expertise
If a specific question arises on the role of cyber security within the world of remote work, then that is the perfect chance to show off your knowledge. But if it hasn’t come up during your interview, don’t forget to mention it at the end, when you have the opportunity to ask some questions.
Depending on what has already been discussed in the interview, you may want to ask:
|
1. |
What cyber security plans do you currently have in place? Are they implemented across your organisation? If so, do you use a zero trust model? If not, are you developing one? |
|
2. |
How does your organisation promote its cyber security measures and what sort of culture exists? |
|
3. |
Do you conduct regular cyber security audits? When was the last one you carried out? |
|
4. |
How is your cyber security function composed and managed? Do you use an in-house team or do some of the responsibilities go to contract staff? |
|
5. |
When it comes to your cyber security management, what is your greatest challenge? Is it prioritising different cyber risks, inadequate governance, or maybe a lack of management buy-in? |
Your interviewer may not answer these questions due to their own security protocols. That’s fine. The point of asking these questions is to clearly demonstrate your ability to think about cyber security at an organisational level. It shows you are not just thinking within your niche but are aware of the wider implications of cyber security for the current world of work.
If you can demonstrate your competence across the business world and within the world of cyber security, you are clearly showing your interviewer how you would be a valuable addition to their organisation.
Author
Christine Wright
Senior Vice President, Hays US
- Christine Wright is responsible for the growth and expansion of the Central and West US Region and leading national strategic projects. This is the latest function in her extensive 25-year career with Hays where she has lead the establishment, turnaround and management of high performing businesses across 4 continents. Prior to her current role Christine was the Managing Director of the Asia region where she was responsible for the day to day operational management and significant growth of Hays in Japan, China, Singapore, Malaysia, Hong Kong and India. Christine has also played key roles in the management of Hays’ business in Australia and in the United Kingdom. She holds a Bachelor of Science (Honours) in Statistics and Computing, has attended business programs at IMD, Ashridge, De Ruwenburg business schools and is a member of the Director Institute of Australia. Christine lives in Denver with her husband and is an executive mentor in her spare time.
Open LinkedIn profile