First interview about InfoSec field

Hello,
tomorrow I'll ve my first interview about infosec field and I would have some general tips.

Position: SOC Junior Analyst
His task will be to monitor the instruments of NIDS and the management of security incidents on the SOC, such as violations of business systems, employee misconduct, and propagation of malware attacks.
It requires knowledge of TCP / IP, and threats of computer systems and networks (xss, sqli, remote code execution, etc.)

Today I had a first telephone contact with company and the recruter said me that the interview will be technique about pentest in general. I've never worked into infosec industry.
My "references" in the CV are: (1) certifications below my nickname, (2) i'm doing OSCP course (I've wrote it into my CV) and (3) I'm a software developer for 2 years (document management, C#, sharepoint, js, sql). (4) of course, I've basic/middle knowledge about snort, linux etc.

Thanks

Find more posts tagged with

Comments

yzT

I have only had an interview for an infosec position, and basically I needed to explain what I knew answering a couple of questions about common vulnerabilities and networking, they wanted to knew why I was interested in the field and so... I wasn't chosen because my level of English wasn't high enough for them, though..

According to the description, I would expect a "mini" OSCP test.

xax

Thanks for your fast response. "mini" OSCP test?

yzT

I meant that probably you will be provided of a virtual network and they are going to tell you to compromise a machine, find a flag, etc.

xax

But is not a bit excessive for a junior position?
Thanks again for your replies.

xax

no NIDS questions. CSRF, SQLi, PHP code review, linux /proc partition, dns tunneling, tftp exploitation and a web pentest scenario. a lot

yzT

and what was the outcome? Job or no job? xD

xax

I've passed first step. Next week I'm having second interview.

lsud00d

In the SOC as a junior analyst you'll probably be monitoring the NIDS/HIDS/SIEM systems, investigating alerts, classifying, working tickets...probably working through false positives, etc.

Congrats on passing the first step! Did they say what's in store for the next?

xax

lsud00d wrote: »

In the SOC as a junior analyst you'll probably be monitoring the NIDS/HIDS/SIEM systems, investigating alerts, classifying, working tickets...probably working through false positives, etc.