Security interview on Thursday

qwertyiop

I currently work as a Junior Network Admin.

I had 2 phone interviews last week for a IT Security Professional position for a company that does IT security audits and pen testing and was asked to come in for a 3rd interview on Thursday. After speaking with them they seem to be looking for some "young blood" to join the team and develop as a security professional. They said that this person would start out by doing the scanning.

What kinds of things should I be prepared for?

tpatt100

I would just focus on really basic stuff like common port numbers, importance of following/writing policies, how you keep up to date on IT vulnerabilities etc.

Sounds like a good entry level position and I would jump at the chance. Sounds like they want a excuse my language a "scan b*tch" to free them up to do other tasks but its good for you to get your foot in the door and develop rather than get a job where your stressing yourself out trying to catch up/learn.

qwertyiop

Job Description:
Participate in and perform Information Technology control assessments primarily with regard to financial institution clients throughout the New England area. Project review scopes include:
• Internal network scanning,
• IT infrastructure controls,
• Application processing systems,
• External network penetration testing, and
• Social engineering.

Ideal candidate would have academic exposure to IT/MIS/Computer Science. Demonstrated ability to communicate orally and in writing is required. Accounting/Auditing experience is a plus.

Direct experience with and/or understanding of Windows Active Directory and electronic tools such as nessus would be very useful.

Our expectation is that a successful job applicant is self-motivated and pursuing or planning to pursue ongoing training/education leading to professional certifications.

CISSP certification is required within two years.

Hyper-Me

How can they require a CISSP in 2 years when it takes 5 years of experience to get it?

qwertyiop

Hyper-Me wrote: »

How can they require a CISSP in 2 years when it takes 5 years of experience to get it?

They did mention that I would be fine if I got my Associate of (ISC)² and since my MSCA knocks 1 year out of that so I only need a total of 4 years of experience.

tpatt100

qwertyiop wrote: »

They did mention that I would be fine if I got my Associate of (ISC)² and since my MSCA knocks 1 year out of that so I only need a total of 4 years of experience.

Or its just there to emphasize they want you to eventually get it. If they dont put it down you can claim they never required it when they hired you and you want them to pay for training since its a "new" requirement.

qwertyiop

tpatt100 wrote: »

Or its just there to emphasize they want you to eventually get it. If they dont put it down you can claim they never required it when they hired you and you want them to pay for training since its a "new" requirement.

I forgot to mention that they will pay for the exam

chrisone

lol @ scan b**ch, i guess its the same thing as a port scan hoe hahaha j/k

This job opportunity seems like a very good chance that you should not pass up. 3 interviews usually means you got the job IMO. It seems like you will be taught a lot and at the same time they see you as a valuable asset to help free up time for other higher level security engineers. At the same time training someone that can help the company out in the long run.

I tell you its true, IT jobs are on the rise late in 2009 and from what i hear is getting stronger in 2010. Be on the look out IT troopers! and be on your toes IT Generals, keep your troopers happy or you will realize they will be gone soon!

qwertyiop

I just got a confirmation email today for Thursday's interview. I really dont know what to expect.

All that the email said was that id be meeting with them and others at the firm.

qwertyiop

My interviews tomorrow, any last minute suggestions?

the_Grinch

Brush up on Nmap...

qwertyiop

I had my interview today and I think it went well. I met with 3 people, I feel good about the 2 with the technical backround. The 3rd person had me write a small paragraph on any subject in order to show that I can wright. I wont know if they want to continue with me until next week.

Bl8ckr0uter

qwertyiop wrote: »

The 3rd person had me right a small paragraph on any subject in order to show that I can wright.

Yo can right, write? JK JK JK

Anyhow did they say when you should expect a call or anything?

qwertyiop

knwminus wrote: »

Yo can right, write? JK JK JK

Anyhow did they say when you should expect a call or anything?

haha, well they said that I should be hearing from them sometime next week.

I'm glad I made it there on time cause my car died on my way home.

veritas_libertas

I hope it works out for you! Good luck!

qwertyiop

I just got this email about this position:

It was a pleasure to meet you as well.
I wanted to let you know that we are very seriously considering your
candidacy.
We are now going through our candidate selection and due-diligence process which under normal circumstances would take about a week.
But with the Holidays, it will likely extend into the New Year.
Sorry for the delay. And - please let me know if this causes a serious
problem for you.