Interview Pentester. Unsure how it went.

So a friend of mine said an organization had a opening for a red team penetration tester. I said what the hell, and applied. After all, that’s my end goal in this part of life. I love my current job and what I do, but being part of a red team or threat hunter is what I want to do. About month and half later I received a call to interview. It had to be in person which meant it was out of town. Again, I said what the hell. Either I was going to bomb it (having never applied for a pentester position) or do well (which I put odds at 1/10 having never worked as a pentester. )

Woke up at 4am and drove 3 hours.

The interview was supposed to be 30 minutes.

Walked in and there were 5 members. The CISO was one of them.

They start off by asking me to tell them about myself, which is did.

Then it was a series of 20 questions. Right off the bat, I felt like I was doing pretty good. About 5-10 questions in they started getting really technical (specifics on certain exploits/vulnerabilities). What sucks is I knew the answers for the most part but for the life of me as soon as I fumbled on one, it’s like my mind just went 100% blank. All I kept thinking about was the one question I wasn’t able to answer with confidence but knew I knew it. Then I just kept thinking about everyone looking at me. It was so frustrating because it was like my brain was completely shut off. I started to sense a bit of panic brewing but did my best to hold it together.

I literally answered the question about ms17-10 that I would just google it (which surprisingly got a little bit of a chuckle from the group.) I was saying I was aware of it (even mumbling SMB vulnerability) but kept thinking DOS, but then thinking RDP.

Anyway one of the questions was a trick question about bitlocker, which I managed to dissect and understand the trick in the question. They all acknowledged that I was able to discover the flaw.

Well the interview actually lasted an hour. After the questions, the CISO was telling me about what they do, talking to me about the team members and their roles, all the additional duties they participate in (incident response, education, conferences.)
It really started becoming pleasant but I just couldn’t stop thinking about the few questions I was unable to answer.

Anyway, the CISO asked if or when I was given the job, would I be willing to move, which I said yes, and he even went into the benefits of the organization. But then brought up other positions that would open up in the future, since the initiative was relatively young.

Well at the end, I shook everyone’s hand, walked out with the CISO following, still thinking about the failure of my prefrontal cortex, I turned around, shook his hand again and he waved his hand and while smiling said “you did good.”

As I walked around the corner with the receptionist, I just bent over like Michael Scott in the episode where he’s trying to keep a secret and started grunting lol. The receptionist said “I’m sure you did good. You were in there for awhile so that’s a good sign.”

Anyway, as soon as I got to my car, it was like my brain rebooted and at least 3 out of the 5 questions I know I didn’t answer just came to me. Pissed me off. Almost wanted to run in there but obviously no way to know if I “googled it.”

Anyway, just venting. I’d love to have the job, and I applied prematurely as I wanted to stay with my current job for at least a couple of years, but man would it be cool to reach my goal early.
Current: OSCP

Next: CCNP (R&S and Sec)

Follow my OSCP Thread!

Comments

  • scaredoftestsscaredoftests Mod Posts: 2,780 Mod
    It is 3 hours away??? Wow.
    Never let your fear decide your fate....
  • Moldygr33nb3anMoldygr33nb3an Member Posts: 241
    Yup. I’d sell the home and move if offered. Just remodeled so it’s perfect timing.
    Current: OSCP

    Next: CCNP (R&S and Sec)

    Follow my OSCP Thread!
  • scaredoftestsscaredoftests Mod Posts: 2,780 Mod
    Wow, good luck!
    Never let your fear decide your fate....
  • cyberguyprcyberguypr Mod Posts: 6,928 Mod
  • slinuxuzerslinuxuzer Member Posts: 665 ■■■■□□□□□□
    I think you did very well, especially if the CISO said you did, doesn't mean you'll get the offer, but it does mean you're a contender, IMO. Keep in mind that no one who walks into the room will be able to answer all of their questions and when you get to a question you don't know in an interview its usually best to be honest and say you don't know and try to describe how you would solve the problem or find the answer. No one can be expected to know everything, and no company could afford someone who did actually know everything.
  • Mike7Mike7 Member Posts: 1,107 ■■■■□□□□□□
    I would chuckle at your MS17-010 response too; this vulnerability is associated with EternalBlue, NSA, Wannacry and lots of other malware. I remembered it very well cos this is a very serious vulnerability with a fully working metasploit exploit, and gets flagged as critical in VA reports. I am not a pentester, but I would imagine that a red teamer will be overjoyed to find a system with this vulnerability, it allows him full system access to the target.

    The fact that they spent so much time with you indicates that they are thorough in their vetting process. I think you are a contender. Best of luck!
  • UnixGuyUnixGuy Mod Posts: 4,570 Mod
    I would never ever remember what MS17-010, sure I know the SMB vulnerability tho lol...anyway

    I think you did well from the sound of it..Good luck!
    Certs: GSTRT, GPEN, GCFA, CISM, CRISC, RHCE

    Learn GRC! GRC Mastery : https://grcmastery.com 

  • Moldygr33nb3anMoldygr33nb3an Member Posts: 241
    slinuxuzer wrote: »
    I think you did very well, especially if the CISO said you did, doesn't mean you'll get the offer, but it does mean you're a contender, IMO. Keep in mind that no one who walks into the room will be able to answer all of their questions and when you get to a question you don't know in an interview its usually best to be honest and say you don't know and try to describe how you would solve the problem or find the answer. No one can be expected to know everything, and no company could afford someone who did actually know everything.

    Thanks.. Yea on my way home, I started thinking about it; I was honest in my application. Specifically stated I didn't have any experience pentesting large organizations. Also my resume reflected my skill set accurately. So hopefully they didn't think I was some wizard prior to that interview.

    Mike7 wrote: »
    I would chuckle at your MS17-010 response too; this vulnerability is associated with EternalBlue, NSA, Wannacry and lots of other malware. I remembered it very well cos this is a very serious vulnerability with a fully working metasploit exploit, and gets flagged as critical in VA reports. I am not a pentester, but I would imagine that a red teamer will be overjoyed to find a system with this vulnerability, it allows him full system access to the target.

    The fact that they spent so much time with you indicates that they are thorough in their vetting process. I think you are a contender. Best of luck!

    Thanks. And yea, I will forever remember this one now. lol




    Thanks everyone for the words of encouragement. If anything, this was a learning experience for the next time.
    Current: OSCP

    Next: CCNP (R&S and Sec)

    Follow my OSCP Thread!
  • josephandrejosephandre Member Posts: 315 ■■■■□□□□□□
    personally, if I have a job I enjoy and don't particulary care to leave I don't want to be in an interview I'm wholly comfortable with.

    This is what you want to do moving forward, so jump in both feet and get uncomfortable. Either you do well enough, while being truthful about your experience and knowledge and they give you a chance, or you use this experience as growth towards the next opportunity.

    It sounds like it went well though.

    Good luck
Sign In or Register to comment.