Interview comment - Passion for IT

sj4088

Since I've been in IT, over 15 years one thing that always get mentioned in the interview is how they are looking for someone with a passion for IT.

I'm sure most people on here hear this all the time. How do y'all respond?

hiddenknight821

I believe it's easy to convey your passion in IT if you have been maintaining your IT skills upward, obtaining certifications and knowledge. However if you've been complacent at work, not keeping up to date with technology, then you'd have trouble delivering the response they'd want to hear. I'm also complacent at work for my family's sake, which is not good for me as I'm seeing this affecting me on my job search lately when interviewing people despite being very enthusiastic about my Linux homelab, pursuing Red Hat certs.

sj4088

hiddenknight821 you hit on some of the major points I talk about whenever this subject come up(homelab, certs, certificate of completions, etc). Another thing I always point out is unlike some IT folks I've been doing this my entire life(I was always in IT). That's the only field I've ever worked in post high school.

hiddenknight821

Well in your case, I think it's best to pick out an example of how you're passionate about IT rather than being all over the place. Bad response would be "I love IT so much, I managed to pick up A+, Network+, Security+, and MCSA in a year" in your case since I'd expect more from someone with 15 years in IT.

When you said you're in IT for 15 years, do you actually mean you have 15 years of working IT experience? 15 years of being an IT hobbyist or amateur, dabbling the latest mobile phones, OSes, gaming rigs, and so forth doesn't cut it. You have to show that you know stuff that people actually use in the enterprise setting. Do some enterprise stuff at home to blow your interviewers' minds away.

sj4088

I have 15+ years of REAL working experience. That's why I said IT is the only field I've ever worked in.

koz24

If I got asked that question I would say the truth. IT is too damn big of a field to have a passion for the whole thing. I only care about networking, I have a passion for Cisco. I couldn't give 2 hoots about the other areas of IT and I'd be lying if I said otherwise. If they are looking for a network engineer then that's me, if they are looking for a Generalist, well... the conversation ends there.

cyberguypr

I'll give you an idea how I evaluate this from an Infosec standpoint. We are filling an entry level security position and are willing to train. Passion is what we are NOT seeing.

Ridiculous stuff we are seeing
- Guy with 10 years IT experience, Infosec Masters, had no idea what an 169.254.x IP was. When asked about a home lab said "KALI". When we asked what cool stuff he did with Kali he answered "NMAP" followed by silence. He could not mention any other tool. I numbed it down and asked about the CIA triad; he couldn't remember what the A was for. We asked about one current security issue that's been on the news; we got NOTHING.
- Another guy was a "network engineer". When we dug deep he confessed all he did was rack firewalls, switches and routers and absolutely NOTHING else related to the CLI or troubleshooting.
- Other guy was working for a 3 letter agency. Impressive resume. It was all fluff. He was a non-technical person trying to pass himself as a security engineer.
- One lady claimed she ran phishing campaigns. Her involvement was receiving an automated report and forwarding it to management. I kid you not.

How can you show me passion?
- If you don't currently work security you better have a damn lab! Be prepared to say anything about the lab that shows you've actually played with it. I can tell in a nanosecond if you are just listing tools/technologies with no actual experience. Even if you spent a full week and tried doing something that didn't work, tell me everything you did. I will respect you.
- If I list some stuff that you are not proficient in, acknowledge it and tell me how you will work to fix it.
- Be current. There's no shortage of security issues out there. Tell me about something you've seen lately that caught your eye. It doesn't have to be super technical. The Mirai attacks, The Yahoo compromise, ExtraBacon, etc. Heck, anything that Krebs covered in plain non-geek language is fair game.
- Commitment to personal development. Certs, any form for training. I understand not everyone can afford certs and courses. But there's no excuse since there's MOOCs, YouTube, etc. Continuous learning is a a must.
- Talk about anything IT that you really love. I want to see your eyes light up.

The above can easily be adjusted for any other IT specialty. In an nutshell, you just gotta show that you really care about whatever branch of IT rocks your boat.

Danielm7

++ to everything cyberguypr said! There has never been an easier time to access material for learning. Back in the day you needed hardware, extra systems, heat, noise, power bills, etc. Now you setup a VM in a cloud service and start working. Even locally, you don't need a powerhouse system to drop virtualbox on there and brush up on things. I saw most of the same issues as cyberguypr mentioned above when hiring for the same role, it was very surprising to me.

alias454

When asked that question, it should be an easy A if you have been in the industry awhile. For me, it's simple. I found the thing I was put on this earth to do. However badly I might do it . I would do it for free during all my waking hours if I won the lottery or found some rich person who wanted to sponsor my interest. When this question comes up, I talk about things that interest me from networking, to my home lab, to the latest off the beaten path software I tried to install, to the latest random article I read about anything. I get this way about automation, large scale clustering technology, Linux, security, Raspberry PIs, hardware, etc. etc. I love the promise of technology and think about how some day we will see an entire datacenter fit in a shoebox. I also wonder what things will be like when quantum computers are mainstream and https everywhere takes off. I try to contextualize any one of my numerous interests to fit the conversation so I don't come off as some crazy person.

sj4088

cyberguypr I've seen the same issues when I've interviewed people in the past. I had a hiring manager in the past ask me did I know what I was interviewing for. I was H-I-G-H-L-Y offended and said as much. Who interview for a position and don't know what it is?? Doesn't even make sense. Having said that seeing some of the people who claim to be linux "admins" and don't know basic commands like ls it's "almost" forgivable that hiring manager would ask you that.

tmtex

I would think if anyone who is applying for a NW, Sec, Sr Desktop position and didn't know what 169.254.x.x was, then the interview would end there even if it was the first question. *

* = unless its a on the job training position LOL

Now I will admit , I have blanked out on basic questions

CIO

cyberguypr wrote: »

I'll give you an idea how I evaluate this from an Infosec standpoint. We are filling an entry level security position and are willing to train. Passion is what we are NOT seeing.

That's unreal. These candidates are wasting your time whereas I can't even get an interview for any IT Security Analyst role. Apparently, luck is not on my side.

alias454

Here is an interesting take on passion from Mike Rowe https://www.youtube.com/watch?v=CVEuPmVAb8o&list=LLtga_inJ03xmTKcnJsTHDCQ&index=551

EANx

When I say I want someone who has a passion for IT, I want them to have a curiosity about IT related topics that transcend the office and it doesn't need to be related to the area they're applying in. Maybe they write their own code at home. Maybe they have a home lab and try out different things. Maybe they like reading about all the new tech because they have three young kids and can't get the time along to do anything else (be prepared to mention 3-4 good sites you get info from and examples why certain articles were informative). Show me how you engage an interest in IT outside the workplace on a consistent basis.

Mitechniq

From am IT Security perspective, I see passion as 'what are you contributions doing to better enhance IT Security?'

Are you involved in Local ISC2, ISSA, or other similar Chapters?
Do you participate in community work such as Safe and Secure Online, Seniors Online or Small Business Secure?
Have you contributed to the learning and awareness of Security - Cyber Patriot for example?

I like to see individuals who will grow, strengthen and drive the next generation IT Security practitioners.

mbarrett

Honestly though, it gets exhausting dealing with all the layers of HR bullcrap. One recruiter once told me the people are looking for someone so eager, they are on the edge of their seat during the interview. Excuse me? A job is a job, and passion is passion. The best candidate is not always the passionate person in the interview. I'm the judge of whether the job stirs my passions, and if I don't appear "passionate" in the interview situation it's because I"m not phony or fake.

NavyMooseCCNA

Mitechniq wrote: »

From am IT Security perspective, I see passion as 'what are you contributions doing to better enhance IT Security?'

Are you involved in Local ISC2, ISSA, or other similar Chapters?
Do you participate in community work such as Safe and Secure Online, Seniors Online or Small Business Secure?
Have you contributed to the learning and awareness of Security - Cyber Patriot for example?

I like to see individuals who will grow, strengthen and drive the next generation IT Security practitioners.

I had no idea that there were groups like those. I just found my local ISC2 group and sent them an email asking for more information.
In the past I had checked Meetup and found a generic IT Security group, but it meets on a night that I am unable to attend.


Thank for the awesome idea!

E Double U

When I think of passionate IT guys, I think of the people that are technology enthusiasts that would still play with the latest tech even if they didn't work in the field (I know plenty of people like that). I happen to be a person that is hardworking and studious plus enjoys challenges and continuous learning so I've been a good fit for this field. I got into IT by chance and have been having lots of fun so I never considered changing fields. I have fun learning the tools, but I basically use my employer's equipment as my lab instead of having one at home (thank the tech gods for DR environments lol). I do use my free time to continuously study for certifications which helps sharpen my skills in each role and makes me more marketable for future opportunities, but that personal development commitment doesn't come from a passion of IT. Outside of studying for certs and looking into vulnerabilities that would impact my employer, I leave the nerd stuff for normal business hours.

Danielm7

mbarrett wrote: »

Honestly though, it gets exhausting dealing with all the layers of HR bullcrap. One recruiter once told me the people are looking for someone so eager, they are on the edge of their seat during the interview. Excuse me? A job is a job, and passion is passion. The best candidate is not always the passionate person in the interview. I'm the judge of whether the job stirs my passions, and if I don't appear "passionate" in the interview situation it's because I"m not phony or fake.

Maybe we're all biased, but is IT the only area where they look for this passion in their work? Do they hire a marketing analyst and ask them if they spend every waking moment reading about marketing trends and building their own mock campaigns at home?

mbarrett

alias454 wrote: »

Here is an interesting take on passion from Mike Rowe https://www.youtube.com/watch?v=CVEuPmVAb8o&list=LLtga_inJ03xmTKcnJsTHDCQ&index=551

He breaks it down pretty well. Passion =/= opportunity, and just because you are passionate about something doesn't mean you don't suck at it. A lot of companies use the "passion" angle to keep selling you more stuff. If you are fixated on finding the passionate person, you will overlook other people who might be better at whatever tasks the job demands.

MrAgent

I actually try and address this before its even asked.
I'll try and steer the conversation that way and then let know how passionate I am. Talk about my home lab, certifications, and things I have accomplished.

beads

I had to stop at "KALI" and Nmap because of no longer being able to see the monitor. Laughing so hard the tears were obstructing my vision.

Do you have a Twitter account? Who do you follow? Do you realize Twitter is a InfoSec analysts best friend? Everything worthwhile or about to hit you like this mornings Dyn DDoS attack was first reported on Twitter. That explained why my Eastern Seaboard links were acting so oddly when I came in this morning. At least I knew where to look without blaming something internally or worse the LAN/WAN people who were completely clueless as to what was happening until Network Security told them.

Yes, good people are truly passionate about their part of the field. Its also easy for me to read so much that by the end of the day I still run out of time and dry eyeballs that I cannot read or process any more information before bed.

I start reading this stuff shortly after rising from bed and continue on all day and into the night. I never get tired of it.

- b/eads

Russell77

sj4088 wrote: »

I have 15+ years of REAL working experience. That's why I said IT is the only field I've ever worked in.

Truth be told just because a person has worked in a certain field for a long time does not say why they have. Some people follow a path and stay in it no matter what. The good thing is you are preparing for the next time you are asked this question. What most interviewers want to hear is why you like the job you are in. In my case I love to trouble shoot problems and like the instant gratification you get when you have solved a problem for someone. I like to be the person someone comes to for answers and in order to do that I have keep up with the latest technologies. Then I might give an example of something I was currently studying.

In the real world I have a dislike for BS but in an interview I am going to do everything I can to tell them what they want to hear. I don't care if I have no interest in the job. I just want the offer. I can always choose not to accept it.

PC509

Is it a job or is it something you love?

I was scared to get into IT when I was younger because I loved it so much. I didn't want it to become "a job" and suffer from burnout. It was something I loved. I grew up with computers. I enjoyed programming, networking, gaming, just messing around. It was FUN. I didn't want it to be a JOB. I did it anyway. 22 years. I still love going home and playing with the home lab. I love loading up a new VM just to play with something I read about recently. I write articles, how-to's, etc. and share them with others. When we get new servers in at work, or are testing something out, there are a few of us that are just digging right in. Checking things out, ooo'ing and aaah'ing. We share new industry news during meetings from things we read throughout the week.

I got to sit in on some interviews for a recent position we had. We hired the guy with very little formal IT experience (help desk). He loves IT, and you could tell. He came from the warehouse, but he'd be the first to volunteer and be the liaison between the warehouse and the IT department. He wanted in IT, and you could tell. Definitely one of the best decisions ever. The guy is good. But, one of the other candidates would get a certification "if the job requires it" or study other technologies (server, etc.), again - "if the job requires it". There's a reason he's still help desk after 15 years....

Also, the questions after the interview - are they benefits related and pay related or are they questions about the infrastructure? Are they asking what brands of networking equipment you use (to put that CCNA to good use, or should you look into Extreme?), what virtual machine software do they use, etc.. Make your questions good, relevant, and have some interest in the field and not only the paycheck.

markulous

cyberguypr wrote: »

Ridiculous stuff we are seeing
- Guy with 10 years IT experience, Infosec Masters, had no idea what an 169.254.x IP was. When asked about a home lab said "KALI". When we asked what cool stuff he did with Kali he answered "NMAP" followed by silence. He could not mention any other tool. I numbed it down and asked about the CIA triad; he couldn't remember what the A was for. We asked about one current security issue that's been on the news; we got NOTHING.
- Another guy was a "network engineer". When we dug deep he confessed all he did was rack firewalls, switches and routers and absolutely NOTHING else related to the CLI or troubleshooting.
- Other guy was working for a 3 letter agency. Impressive resume. It was all fluff. He was a non-technical person trying to pass himself as a security engineer.
- One lady claimed she ran phishing campaigns. Her involvement was receiving an automated report and forwarding it to management. I kid you not.

This is absolute gold. I'd have a hard time not laughing if someone tried pulling that stuff.

Mike7

cyberguypr wrote: »

Ridiculous stuff we are seeing

Had my fair share.

-Guy claimed that he had been polishing his hacking skills on Kali for months. When asked for details, he confessed he was successful in cracking WEP keys.
-Another person claimed to follow infosec news daily so we asked for a recent event. He quoted "Ashley Madison"

cyberguypr wrote: »

How can you show me passion?

Passion may be too strong a word. Guess we are looking for that eagerness or curiosity to learn, to improve and be current. I call it a "growth mindset".

koz24

People apply to jobs they are not qualified for all the time. Usually some sucker ends up giving them the job anyway due to bad processes. This is why it's important to have a good vetting process. And if you are qualified for the job you should want to be technically grilled or you could end up as the sucker who works with a bunch of idiots.

Mitechniq

This discussion has gone from 'passion' to how crappy potential employees are at answering technical questions. I 4 minutes ago just became the crappy potential employee. Had an interview where the interviewer just went fast fire on me and 2 questions I blanked out on. He asked about ALSR just gave me the acronym, and I went 'dead silent,' with a snob tone, he proceeded to explain 'address space layout randomization' to me. The next question he asked was 'How many bits are in IPv6' easy one for me, he told me he had to look it up to confirm. Really! You almighty interviewer had to look up your own question! At the end of the interview, he asked if I had any other questions. I said 'in reference to virtualization and cloud environments, what are the concerns about entropy and name me some ways to mitigate this issue.' Let us say he did not know the answer to the question, and I don't care to work with someone like that. Might not be completely related but I am quite sure 'he might be saying the same thing about me' - this guy said he knew security and didn't know ASLR. Oh to keep this in perspective this was an AWS Security Engineer position, I was prepared to talk about VPC, IAM, SIEM, CloudTrail, EC2 etc.... I happy to not receive a second interview.

TechGromit

cyberguypr wrote: »

- Guy with 10 years IT experience, Infosec Masters, had no idea what an 169.254.x IP was.

Can you enlighten me, I don't know what that is either. Can't say I ever saw an IP address with 3 octets before.

cyberguypr

APIPA. Of course there are no 3 octect IPs. I present it to candidates as "169 dot 254 dot whatever number you choose" because the valid range is 169.254.0.1 through 169.254.255.254. I love this question because it was a very common issue in my desktop support days and for some reason a LOT of "IT" people I cross paths with have no idea what it is.

dhay13

At my last job a few days after i started my manager (his title was Sr. Systems Admin) told me there was a computer downstairs that wouldn't connect to the network so he asked me to go with him to get to meet others, etc. So he does an IP config and up comes 169.254.*.*. He looks at me and says 'i don't know whose network that is'. i told him that was an APIPA number. he asked me what that was. This is the same person that after i asked why they only had one domain controller he responded by saying he didn't think you could have more than one on a network. oh, and when i asked him why we had no A/V on our servers he said we didn't need it because we don't surf the internet with our servers. i couldn't wait to get out of that place