6 Damaging things entrly-level cybersecurity job-seekers do

in #technology8 years ago

We have all heard that the number of "Cyber Security" job-openings continues to outpace the number of job-seekers. While we do continue to see the number of infosec professionals growing, many are struggling to get their foot in the door because of simple mistakes. CSOOnline has done research and interviewed multiple professionals that are in charge of hiring Information Security Professionals. They have identified 6 common mistakes entry-level job seekers make while trying to create a good first impression.


1. Fail to show oneself as a team player

The days of a single tech-wiz running an entire project (let alone business) by themselves are gone. Being able to collaborate with other team members while simultaneously being able to interface with other departments/business units is a necessity. Technical skills can be taught much easier and quicker than soft-skills. “If you get hired right out of college, employers will send new hires to training on many aspects of the technology needed for their job. “ says Chris Blow, offensive security lead at Liberty Mutual.

2. Sell oneself as a jack-of-all-trades

Arrogance can be forgiven if it is backed by fully vetted experience. If that is you, then you probably do not need to be reading this. You very well may be a jack-of-all-trades when it comes to infosec, but if you know anything about the industry, you are aware of how broad of a statement that is. Because of the breadth of this industry, being a jack-of-all-trades is analogous to "not being very good at any of it." Instead, show your broad knowledge, but also show the few areas that you excel in and how they can meet the needs of the employer. 

3. Falling flat on job search and interviewing basics

It goes without saying, imo, that you do not want grammatical errors and misspellings scattered throughout your resume. It is easy to do, and easy to fix. Fix it. When it comes to InfoSec, you really do not want to misspell the acronym that you are claiming to be an expert of. It is spelled "HIPAA". Not "HIPPA" or "HIPPO". 

4. Believe certifications and degrees matter more than practical skills

"I see you have a Master's degree and two PhDs. Thanks for calling the helpdesk."

When it comes to IT, and especially InfoSec, certs and degress are great to have, but nothing beats having actual experience. Degrees and certifications both hold merit, but what most people fail to understand is that those credentials only help get you an interview. Answering questions on a Microsoft exam is a lot different than performing a task in the real world. According to Eric Cowperthwaite, “Too many think that the solution to most problems is a technology control, rather than people and processes.”

5. Stretch the truth

This is pretty common. At some point or another, everyone adds 'fluff' to their resume. If you have minimal experience to put on your resume, you might find yourself being tempted to stretch the truth. Don't. You are interviewing with InfoSec professionals. These people specialize in eliciting information; It will not take long for them to figure out the extent of your knowledge.

6. Don’t understand the highly interpersonal nature of infosec

This wraps back up to number 1. Being able to speak code is excellent, but it is even better if you can speak like a human. Working in InfoSec you will be communicating with people of all types of skill sets. You will be communicating with engineers (who might also speak code) in one meeting, but the Chief Financial Officer sitting in the next meeting will be clueless if you cannot communicate in a manner that he/she understands. Every environment/business/organization operates differently, and being able to quickly adapt and communicate with that environment is a skill that is much harder to teach than any technical skill.


The InfoSec feild is booming. The job demand is high, but the competition is growing. Maintaining a growth/learning mindset, critical thinking, and interpersonal communication skills are what will keep you ahead of the curve. Avoid these common mistakes and you will likely see an increase in job interviews! Read the whole article at http://www.csoonline.com/article/3207668/it-careers/six-entry-level-cybersecurity-job-seeker-failings.html