Infosec interview
Hi all,
What's it like sitting for an infosec interview requiring a CISSP? I realize there are many factors involved including company culture, the interviewers, etc... but generally what can I expect? By definition these are not entry level positions, but it has been over 5 years since I last sat in the interviewee chair so my answers are a bit rusty...
The CISSP is so conceptual and I haven't found any write up on what they'd ask during an interview. Many companies want you to be expert in at least a few CISSP domains, but the exam is so broad and passing it doesn't necessarily show a firm grasp on one, some, or all of them.
What's it like sitting for an infosec interview requiring a CISSP? I realize there are many factors involved including company culture, the interviewers, etc... but generally what can I expect? By definition these are not entry level positions, but it has been over 5 years since I last sat in the interviewee chair so my answers are a bit rusty...
The CISSP is so conceptual and I haven't found any write up on what they'd ask during an interview. Many companies want you to be expert in at least a few CISSP domains, but the exam is so broad and passing it doesn't necessarily show a firm grasp on one, some, or all of them.
Comments
-
dynamik Banned Posts: 12,312 ■■■■■■■■■□What's the job description? I'd focus a lot more on that than a specific certification.
-
JDMurray Admin Posts: 13,092 AdminMany InfoSec job will have the CISSP as a requirement, and even more will list it as "nice to have," which means that CISSP-certified job candidates will receive consideration over non-CISSP candidates. However, a prospective employer will ask you questions that allow you to demonstrate how well you fit the position that you are interviewing for, not how well you can answer CISSP quiz questions. Your actual InfoSec work experience and personal accomplishments will be the main focus of any interview. No employer hands out six-figure jobs just for passing a six-hour exam.
-
tpatt100 Member Posts: 2,991 ■■■■■■■■■□My last two jobs which are security positions were pretty easy. I was asked a bunch of entry level security stuff. And by entry I mean "entry" level Security+ and Network+ questions. I was asked basic CISSP domain stuff like "can you tell me administrative and technical access controls you implemented at your current position, have you written security policies before, etc.
I think they just wanted real world examples to show you have experience.
I think having some good hands on experience with tools that are required for the job is very helpful but also a varied skill set. Reason is, security is usually not the same for every company. The foundations are but the technology and method usually are not. So being able to adapt and the ability to let the company know you can easily adapt is a plus.