Great questions Jeevan S.! I'll have to add these to my list :) For #6, I would alter it slightly to include what the internal career growth opportunities are. You may not want a place that is just looking to bring in outside talent. Like #5, you need both, to bring in new ideas and also to provide rewarding growth opportunity for those that demonstrate high performance. I also like to ask about what challenges they are facing wrt customer security reviews, questionnaires, and audits. I believe that Security Engineering has as much a responsibility to securing the company and providing an easier and more secure user experience as they do ensuring the company is meeting the regulatory, compliance, and the *reasonable/feasible* vendor security requirements of their customers. Additionally I like to ask about the learning and professional development commitment the organization has to maintain the knowledge and expertise of their security team in an ever changing threat landscape. That's probably one of the number one complaints I've heard amongst security professionals across many companies. #infosec #infoseccareers #interviewquestions #cybersecurity #leadership #leadingbyexample #interviewyourboss #interviewyourcompany
I have an open role for a Staff Product Security Engineer (https://lnkd.in/g_ymi3s4 ) and I wanted to give interview questions tips. Earlier in my career, I took a role at an organization that I later regretted. I don’t regret working there because I learned a lot, but I did regret that I didn’t do my due diligence to see if I would succeed at that company in the longer term. I had a great manager and a strong team, but I also had a lot of friction with one part of the business. Unfortunately my role had me team up with that part of the org 60% of the time. I felt ineffective and while I had support from my manager, I wasn’t satisfied with what I delivered and ultimately decided to move on. I learned a great life lesson, I need to interview the organization as much as they interview me. Here is my list of Top 7 questions that I typically ask during the interview process. Questions 1️⃣ What is the overall ratio between Security Engineering and Engineering? • While this doesn’t tell the whole story, I use this to understand the current investment into SecEng and understands how much the business cares 2️⃣ How does leadership demonstrate their commitment to security, and what role do they play in promoting a security culture? • If leadership does not promote security, it doesn’t matter how hard you try, you will not be effective 3️⃣ Every organization talks about the concept of "security is everyone's responsibility". Are there shared goals that highlight the collective responsibility for security? • Another question to figure out if the organization actually cares about security and if I can be effective 4️⃣ Do you mind sharing your overall 2 year vision for the Security Engineering program? • A lot of hiring managers don’t have a plan, see if they are YOLOing it 5️⃣ Does the Security team have a top-down or a bottom’s up approach to Security? • Trick question 😅, you need both, but I want to understand the hiring manager’s thoughts 6️⃣ How is the team currently structured and what is the plan for hiring in the future? • Good to know if there will be more investment into SecEng and how the manager will restructure the team if it grows 7️⃣ How is risk communicated to the engineering team in a way that resonates with their objectives? • I want to make sure that there is strong partnership between Engineering and Security I ask a lot more questions to make sure that I will be the best version of myself, but these questions help me understand if it is even worth going further with the interview process. Personally, I like to hire Security Engineers that are curious and not afraid of asking difficult and thought provoking questions. If they ask me good questions during the interview process, I know that they will ask great questions in the future and they will challenge me to be a better leader. What are some of your favorite interview questions?