infosec interview

fredmoofredmoo Posts: 10Member ■□□□□□□□□□

hi all -  I have an upcoming in-person interview with 2 persons (CIO & COO) with a small federal agency for a GS-11 infosec position.

here's duties summary:


As an IT Specialist, you will be responsible for:

  • Identifying and mitigating IT system vulnerabilities through testing, audits, and network assessments;
  • Evaluating new IT systems and products to determine their supportability and impact on IT security and the network;
  • Creating system security contingency plans and data recovery procedures;
  • Developing a variety of system compliance documentation and similar reports on network security compliance for delivery to management;
  • Collaborating with end users to understand their technical needs and identifying areas where there may be security vulnerabilities; and
  • Preparing and delivering training to end users on information security requirements

What kind of questions can I expect them to ask?  thanks in advance for your help.


  • MeggoMeggo Administrator Posts: 183Admin Admin
    I am not an IT hiring manager by any stretch, but this article on our Resources website is one of our top performing pieces. Hopefully this helps you prepare for your interview. Good luck!
    Director of Product Marketing at Infosec
    Who we are | What we do 
  • soccarplayer29soccarplayer29 CISSP, CISA, PMP Posts: 229Member ■■■□□□□□□□
    I'd suggest you prepare for the following topics:
    1) FISMA
    2) NIST 800-53
    3) POA&Ms
    4) Contingency best practices (backups, failover, etc.)
    5) Vulnerability scanning processes
    6) Patch management
    7) How do you evaluate/procure new products
    Certs: CISSP, CISA, PMP
  • beadsbeads Posts: 1,439Member ■■■■■■■■□□
    Be prepared to discuss what packages you have used for say vulnerability scanning like Qualys. How have you handled patching Microsoft systems: WSUS, individual machines, everyone for themselves? What are the pros and cons of each and why? No one is asking you to build Rome but how you have worked and interacted with the tools at hand.

    Most of what you have listed are normal day to day questions requiring answers that show how comfortable you are with the material at hand as well as you actual interest in working with these technologies in general. Its easy for an experienced hiring manager to tell if your really interested in the position when you follow through with answers that go beyond just answering the question but by making the answer better than asked. Be honest about your abilities and willing to learn both on your own as well as on job. Enthusiasm while being professional scores big points. Geeking out too much and you sound like a tech-zealot or something.

    Good board to ask these questions, though. Please follow up.
Sign In or Register to comment.