Job Interview tomorrow...IT security..help

[richardycc]

checkpoint is hot.

 

[IceBergSLiM]

checkpoint is hot.

yeah I helped the PM here with some things for that project.

 

[SSSnail]

I may or may not know what I'm taking about, but I know for a fact that information security is vastly different than security for, say, a strip club.

I suggest watching the movie Hackers and rehash a few CSI episodes to brush up on the subject should help with the overview. If you know how to script a Visual Basic GUI to back trace IP, you're golden.

 

[IceBergSLiM]

I may or may not know what I'm taking about, but I know for a fact that information security is vastly different than security for, say, a strip club.

Ah yes my part time job many years ago is my only exposure to security lol.

Though I think it would be a hilarious analysis to take the 10 security realms for CISSP and draw parallels to a strip club.

The club = the server
the strippers = the data
Doorman = the firewall

etc etc

 

[FoBoT]

I suggest watching the movie Hackers...

why did angelina jolie look like a Vulcan in that movie

 

[IceBergSLiM]

I may or may not know what I'm taking about, but I know for a fact that information security is vastly different than security for, say, a strip club.

I suggest watching the movie Hackers and rehash a few CSI episodes to brush up on the subject should help with the overview. If you know how to script a Visual Basic GUI to back trace IP, you're golden.

If there is one thing I know, IT security is all about the slickest wizbang GUI....without it your not going to backtrace your way out of a paper bag.

 

[KB]

I may or may not know what I'm taking about, but I know for a fact that information security is vastly different than security for, say, a strip club.

I suggest watching the movie Hackers and rehash a few CSI episodes to brush up on the subject should help with the overview. If you know how to script a Visual Basic GUI to back trace IP, you're golden.

Yes I came in here expecting this response and I got it. Thanks for not disappointing!

God I love that episode:

http://www.youtube.com/watch?v=hkDD03yeLnU


I would read up on DMZs and Firewalls for some high-level security topics.

 

[alkemyst]

http://en.wikipedia.org/wiki/Certified_Information_Systems_Security_Professional

Study for the CISSP

May be hard for him to pull down the 5 years experience in such short notice

Candidates for the CISSP must meet several requirements:
Possess a minimum of five years of direct full-time security work experience in two or more of the ten (ISC)² information security domains (CBK). One year may be waived for having either a four-year college degree, a Master's degree in Information Security, or for possessing one of a number of other certifications from other organizations.[9] A candidate not possessing the necessary five years of experience may earn the Associate of (ISC)² designation by passing the required CISSP examination. The Associate of (ISC)² for CISSP designation is valid for a maximum of six years from the date (ISC)² notifies the candidate of having passed the exam. During those six years a candidate will need to obtain the required experience and submit the required endorsement form for certification as a CISSP. Upon completion of the professional experience requirements the certification will be converted to CISSP status.[10]
Attest to the truth of their assertions regarding professional experience and accept the CISSP Code of Ethics.[11]
Answer four questions regarding criminal history and related background.[12]
Pass the CISSP exam with a scaled score of 700 points or greater out of 1000 possible points. The exam is multiple choice, consisting of 250 questions with four options each, to be answered over a period of six hours. 25 of the questions are experimental questions which are not graded.[12]
Have their qualifications endorsed by another CISSP in good standing. The endorser attests that the candidate's assertions regarding professional experience are true to the best of their knowledge, and that the candidate is in good standing within the information security industry.[13]

 

[SSSnail]

Lol, I suggest taking some SANS security courses. I heard the shell is a pretty slick GUI.

 

[freegeeks]

most security people I talk with have no clue anyway, the concept of a dynamic routing protocol is totally lost on them. They want to talk security and they have no idea about the basic network stuff (arp for example)

The majority of security people have no f$$$g clue about IP routing

 

[IceBergSLiM]

most security people I talk with have no clue anyway, the concept of a dynamic routing protocol is totally lost on them. They want to talk security and they have no idea about the basic network stuff (arp for example)

The majority of security people have no f$$$g clue about IP routing

This has nothing to do with network security really. We have separate organization that handles WAN/LAN/Firewall and remote access.

 

[freegeeks]

This has nothing to do with network security really. We have separate organization that handles WAN/LAN/Firewall and remote access.

doesn't matter, the peeps that handle the firewalls have no clue either

Just toss around some acronyms and you will be fine, that's what IT and network security has become in reality

 

[ichy]

Just toss around some acronyms and you will be fine, that's what IT and network security has become in reality

Unfortunately you are completely correct. If you're talking about government agencies then massive amounts of paperwork are also required. The more trees we kill the more secure we will be!

 

[IceBergSLiM]

Unfortunately you are completely correct. If you're talking about government agencies then massive amounts of paperwork are also required. The more trees we kill the more secure we will be!

stuff sheets of paper into every open network port. That will barricade the packets from entering.

 

[rasczak]

So how did the interview go?

 

[IceBergSLiM]

So how did the interview go?

its not till later you all will be the first to know.

 

[IceBergSLiM]

Well just got back....it was a very odd interview....interviewer did alot of the talking. Didn't ask me many questions in fact, I asked more questions than him. Was a very positive experience though from what I could tell I have a very strong chance of getting it.

 

[MichaelD]

Good luck and thanks for the lulz! Oftentimes, internal candidates are ideal candidates b/c they are already familiar with your skill level, ability to learn and work ethic. :thumbsup:

 

[FoBoT]

Well just got back....it was a very odd interview....interviewer did alot of the talking. Didn't ask me many questions in fact, I asked more questions than him.

that is what i am talking about, classic 'internal candidate' interview

 

[IceBergSLiM]

Security is not something you can just "come up to speed" in any short amount of time. Your company data is resting with you. Have the decency to decline the offer and don't treat it like a next move up.

Thats funny because he actually pulled a book out of his bookshelf and said if/when you start we would get you the latest edition of this book to help bring you up to speed on xyz. :biggrin:

 

[Sentrosi2121]

Look into your Security+ certification if security is where you want to go the next few years. Get some experience, attend SANS 401 and perhaps the SANS Certified Ethical Hacker course. You'll get a nicely rounded overview on security that way.

I was in your shoes a couple of years ago. Good luck and enjoy the ride.

 

[rasczak]

nice. good luck man.

 

[IceBergSLiM]

I didn't get the job.

Thank you for taking the time to participate in an interview with the hiring team for the position. We sincerely enjoyed speaking with you about your background and hope you found the discussion with us interesting and informative.

While we found your professional background, education and skills sets competitive, we have concluded that you are not the best match with the requirements for this particular position.

Standard rejection. I followed up with the hiring manager and thanked him for the feedback and ask for particular skills/certifications I can add to my resume to become a better candidate for a security role.

 

[rasczak]

I didn't get the job.

Thank you for taking the time to participate in an interview with the hiring team for the position. We sincerely enjoyed speaking with you about your background and hope you found the discussion with us interesting and informative.

While we found your professional background, education and skills sets competitive, we have concluded that you are not the best match with the requirements for this particular position.

Standard rejection. I followed up with the hiring manager and thanked him for the feedback and ask for particular skills/certifications I can add to my resume to become a better candidate for a security role.

Sucks man.

 

[IceBergSLiM]

Sucks man.

I'm pretty sure I make more than they were offering(over qualified) and that was a factor. aka they can hire someone outside the company for less.