Tips for Security Engineer interview...

labscloudlabscloud Member Posts: 137 ■■□□□□□□□□
Hey guys/gals, I spoke with a talent acquisition agent for a security company based out of Tampa, my role will be based out of the Las Vegas office SOC as a Security Engineer Level 1. We spoke briefly last week when I told her I wanted to think about it a little bit and I have a raise coming at my current job that I want to consider.

Well, after doing some research, this is an incredible company with unheard of benefits where I'm from. At first I was a little worried because I'm coming from a Desktop Support role with a CCNA R/S, I assumed I was a few years out from being considered for my 1st security role. She said they've hired several other people for this role that have now progressed to new/better roles, but they all had similar backgrounds as mine.

I've been reading up on some of the popular SIEMS, I have 0 experience with security tools so I want to sound somewhat familiar with the popular tools in the market right now. She said the job will be site-to-site vpn into clients networks to trouble shoot incidents and events using SIEM tools.

Apparently they are very big on culture and hiring the right person to fit in at the company. I'm a great people person so I feel like that will help. Any tips/help on what to expect will be appreciated. She said it's a rigorous 4 separate interviews: Phone & Skype(her), Phone(Tech Staff), Skype(Exec/Upper Mgmt), Phone(Would-be Manager)

Comments

  • NetworkNewbNetworkNewb Member Posts: 3,298 ■■■■■■■■■□
    labscloud wrote: »
    Las Vegas office SOC as a Security Engineer Level 1

    Hate when they put "level 1" and stuff like that along with engineer positions. Makes me thing it could mean absolutely anything... I wouldn't be too worried about your past not stacking up.

    But maybe look into log analysis, what errors/warnings you can look for or find doing it, and what you should do about them.
  • Danielm7Danielm7 Member Posts: 2,310 ■■■■■■■■□□
    I'm familiar with the SOC you're referring to and their internal training program. You sure you're not applying for an analyst role? I'd be very surprised if they were hiring someone without security experience into an engineer role.
  • labscloudlabscloud Member Posts: 137 ■■□□□□□□□□
    Danielm7 wrote: »
    I'm familiar with the SOC you're referring to and their internal training program. You sure you're not applying for an analyst role? I'd be very surprised if they were hiring someone without security experience into an engineer role.

    This is the job description they sent me:

    Security Engineer- Tier 1


    Daily Responsibilities:

    * Complete Performance and Availability Reviews (PARs)- ensure the SIEM’s are up and functional and expected log sources are coming in.
    * ServiceNow First Response- ensure health tickets are picked up and actioned.
    o Responsible for the initial pickup of tickets within ServiceNow based on criticality and SLA.
    * Work with team members to meet deadlines for the SWOT continuous improvement projects within the organization.
    * Interact with vendor support- calling SIEM vendors and performing WebEx to resolve issues.
    * Basic log source integration and basic troubleshooting as the expertise grows.
    * Train in the CyberRange – performing new SIEM installs, basic troubleshooting, and advanced troubleshooting in a simulation range for training.
    * Maintain, upgrade, and test in our internal sandbox lab environments.
    * Ensure individual KPI’s are being met.


    Requirements:

    * Foundational knowledge in Systems Administration/ Engineering
    * Functional knowledge of Linux (various flavors acceptable- RedHat, Kali, Ubuntu, Debian, etc.)
    * Foundational knowledge of and passion for Cyber Security concepts and topics
    * Strong problem solving and abstract reasoning abilities
    * Bachelor’s degree in a technical discipline
    * Clean background and US Citizenship
  • ksijurksijur Member Posts: 89 ■■■□□□□□□□
    Can you disclose / do you know the salary range? This sounds interesting and I wouldn't mind giving it a shot if they have more openings and the salary is right. Thanks.
  • labscloudlabscloud Member Posts: 137 ■■□□□□□□□□
    ksijur wrote: »
    Can you disclose / do you know the salary range? This sounds interesting and I wouldn't mind giving it a shot if they have more openings and the salary is right. Thanks.

    It's 60K/salary a year with 10% performance based raise every 6mo. I'll see if they have more openings and let you know.
  • dstock7337dstock7337 Member Posts: 95 ■■■□□□□□□□
    labscloud wrote: »
    It's 60K/salary a year with 10% performance based raise every 6mo. I'll see if they have more openings and let you know.

    Hi Labscloud,

    If you don't mind, I'd be interested if they have any mid/entry level positions available as well.

    Thank you for sharing.
    "The only true wisdom is in knowing you know nothing." - Socrates
  • dstock7337dstock7337 Member Posts: 95 ■■■□□□□□□□
    labscloud wrote: »
    I've been reading up on some of the popular SIEMS, I have 0 experience with security tools so I want to sound somewhat familiar with the popular tools in the market right now. She said the job will be site-to-site vpn into clients networks to trouble shoot incidents and events using SIEM tools.

    Apparently they are very big on culture and hiring the right person to fit in at the company. I'm a great people person so I feel like that will help. Any tips/help on what to expect will be appreciated. She said it's a rigorous 4 separate interviews: Phone & Skype(her), Phone(Tech Staff), Skype(Exec/Upper Mgmt), Phone(Would-be Manager)


    I've gone through a multi board interview process before, including with a CIO both remote and in person. I recommend taking notes while doing it remotely, including the names of the people you're interviewing with and some of the questions they are asking. This came into play when the CIO started asking me about who I had talked to and what we discussed for each person. Your experience may vary but at least it'll show how much you care by paying attention.

    Also, find ways to translate your current skillset/experience into what the position is. I'd also pick up a trial copy of Splunk and read up on anything you can about log monitoring and review tools. At the very least you can talk about having it set up in a home lab.
    "The only true wisdom is in knowing you know nothing." - Socrates
  • labscloudlabscloud Member Posts: 137 ■■□□□□□□□□
    dstock7337 wrote: »
    I've gone through a multi board interview process before, including with a CIO both remote and in person. I recommend taking notes while doing it remotely, including the names of the people you're interviewing with and some of the questions they are asking. This came into play when the CIO started asking me about who I had talked to and what we discussed for each person. Your experience may vary but at least it'll show how much you care by paying attention.

    Also, find ways to translate your current skillset/experience into what the position is. I'd also pick up a trial copy of Splunk and read up on anything you can about log monitoring and review tools. At the very least you can talk about having it set up in a home lab.

    I planned on having my notebook next to me, along with my resume. I'll get a copy of Splunk installed and try and get familiar with it before the technical interview. If they have any other positions, I'll let you know! Thanks
Sign In or Register to comment.