15 tips for landing - and acing - a job interview

Talk about teamwork, be prepared to discuss your weaknesses, don't forget to interview the interviewer, and more advice

1. Write a great resume to open the door: Interviews are granted to those whose resumes demonstrate accomplishments, contributions and value. If you're not a great writer and you have trouble tooting your own horn, seek help from industry friends or consider a security-resume writer.

2. Keep phone interviews brief: Even if you're a local candidate, nowadays first interviews are frequently conducted over the phone. Listen very closely to the questions asked and answer them concisely. This is not the time to sell yourself because the caller is usually only trying to confirm what your resume suggests. Have a set of examples prepared in advance to back up any claims you made on your resume.

[5 more tough security questions and how to answer them]

3. Wow them face-to-face: Since companies have a variety of dress codes, it is important to find out how a prospective employer wants you to dress for an interview. A company that has a business-casual dress code may want you to interview in a suit and tie. Don't assume, ask.

4. Listen carefully: Interviews are won or lost in a matter of minutes based on whether a job candidate is listening and answering the interviewer's questions or whether they bring their own agenda to an interview. Focus on the interviewer's questions first.

5. Maintain personal integrity: Employers do care whether the claims on your resume match up to what you can actually do. Don't put information on your resume that you can't back up with experience and examples. If you've only read about new video surveillance systems or you've only been briefly exposed to a new firewall technology, be careful not to oversell your experience.

6. Know yourself: You can't know everything about a company before you interview, but you do have to be able to articulate your strengths. Don't be caught unprepared. Everyone has weaknesses and is not good at something. Know before you walk into an interview what you're not good at and how you're going to talk about that.

7. Rehearse selected interview topics: If you've been laid off or fired from previous jobs, don't wait until you step into an interview to decide how you're going to explain gaps in your employment. This is the kind of topic that's good to rehearse ahead of an interview so you know exactly what you're going to say when you're under pressure.

8. Articulate how you can contribute: Most businesses are doing more with fewer resources these days. Prepare examples of past contributions to give an employer an idea of how you might contribute to their organization. Often what will separate you from your competition is talking about the way you see yourself contributing to the team, as opposed to only focusing on your individual contribution. This means that you need to prepare examples of how you've identified risk, how you've mitigated risk, how you've made a company more secure or more aware of threats and vulnerabilities, and so on. Be able articulate what you've done to move a business forward.

9. Research corporate and risk culture: Do your homework before going in and avoid interviewing with companies where you won't appreciate the corporate culture. Researching a company beforehand allows both you and the potential employer to avoid investing time in an incompatible pairing --for example, if a company frowns on multiple piercings or visible tattoos but that is your chosen style.

[10 dos and don'ts for security job interviews]

Learn about a company's risk culture before you interview. If your experience is from a highly-regulated bank, for example, and you dont know how to build a business case without leaning on the Gramm-Leach-Bliley Act to make your case, you probably won't interview well at a company that is much less regulated and where you have to support your case with business value.

10. Use LinkedIn for research appropriately: LinkedIn is a handy research resource. Use the site to research people who will be part of your interview process, or to find people who used to work where you're about to interview. Don't, however, make the mistake of sending an unsolicited LinkedIn invitation to people you've researched. Some people will think this is creepy and it could adversely affect your interview process.

11. Prepare business and technical questions: If you've done your research on a prospective employer, one of the best ways to demonstrate that is by asking questions. Prepare a few questions for the employer based on your research. In many cases, you may wind up knowing more about the company than the person whos interviewing you. Some of your questions should be technical security-centric questions. Others should focus on business issues you learned about while conducting your research. Some questions should be specifically for the hiring manager. Get to know the person you're considering spending eight or more hours per day with.

12. Interview the interviewer: It is your job to interview a prospective employer as much as it is the employer's job to interview you. Build questions that will help you learn about a hiring manager's managerial style and expectations. Ask others you'll interview with who are not the hiring manager what it is like to work for the hiring manager. Do this homework before you accept an offer. Don't wait until you've already given up your current job to determine that you've gone to work for the wrong boss.

[5 tips to retain great security talent]

13. Don't put the interviewer on the spot: There is a fine line between showing interest in a position and backing an interviewer into a corner. Come up with a way to clearly demonstrate your interest in a position if you're truly interested, but don't press the interviewer for an immediate assessment of your interview performance. The goal of asking questions is not to put the interviewer on the spot but to gather information.

14. Stay sharp from beginning to end: You want to be yourself when you interview. Stay relaxed from start to finish, but resist the temptation to get too comfortable too soon by assuming that the job is yours and that you can let your guard down.

By the way, there is no excuse for being late to the interview. Always arrive early and if need be just relax in the parking lot and get a feel for the organization until 10 minutes before you are expected. When asked to deliver documents or complete an online application process, do so with diligence and deliver on or before the agreed-upon due date.

15. Follow up after the interview: Interviewers aren't thanked for their time as often as you might think. Have a follow-up plan in mind before you engage in an interview. If you're going to use email, make sure you get business cards from those you encounter. If you're going to use a handwritten thank-you note, make sure you have the correctly spelled names and titles of the interviewers, and make sure you have correct mailing address information.

Be sure you don't leave anyone out when you follow up. You never know who might be impressed by your follow-up or who might be offended if they've been left out.

Jeff Snyder is the president of SecuriyRecruiter.com, an executive search firm specializing in the recruitment of ­security, risk-management and compliance professionals.

Join the CSO newsletter!

Error: Please check your email address.

Tags careersIT management

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Jeff Snyder

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts