Professional development

What cybersecurity hiring managers are really looking out for (or should be)

Introduction

For many job seekers, applying for a job often feels like taking a shot in the dark. Sure, the job description features a nice bullet-pointed list of your new day-to-day tasks, but it often gives little insight into what the hiring manager actually expects from applicants. When you have a clear understanding of the hiring manager’s expectations, it’s much easier to tailor the way you present yourself as the right person for the job. 

The good news is that if you want a job in cybersecurity, there are a ton of positions out there: 

What should you learn next?

From SOC Analyst to Secure Coder to Security Manager — our team of experts has 12 free training plans to help you hit your goals. Get your free copy now.

Get Your Plan

• By 2021, there will be 3.5 million open cybersecurity positions globally (Cybersecurity Jobs Report 2018-2021)
• Cybersecurity jobs sit unfilled for an average of six months (Dark Reading)
• As of this year (2019), there is a global shortage of 2 million cybersecurity professionals (Cybersecurity Jobs Report 2018-2021)

With the right training and experience, you’ll be well on your way to a rewarding career in information security. To help you put your best foot forward, we’ve put together a list of five things that cybersecurity hiring managers are looking out for. 

1. Sharp communication skills 

An infosec expert’s toolbox is filled with advanced tech skills, but “soft skills” like communication are just as essential. In fact, communication skills were rated the most in-demand skill among employers, according to LinkedIn’s 2018 U.S. Emerging Jobs Report. 

So what are some situations when strong communication skills are important? That depends on your specific role, but it happens more often than you might think in the cybersecurity field. After all, the core mission of your job is to protect sensitive information from falling into the wrong hands, and hiring managers need to be confident in your ability to do exactly that. During your interview, they may ask questions like, “tell me about a time when you had to be careful discussing sensitive information — how did you do it?” 

Some roles in cybersecurity require you to communicate pretty extensively with non-technical staff. In that case, you’ll need to break down complex concepts into everyday language so they understand how best to act on that information. Hiring managers want to know exactly how you would go about explaining a complicated technical problem to a colleague or client who doesn’t have your level of technical understanding. During your job search, this means you should discuss your commitment to clear, consistent communication and how you’ve gone about overcoming communication barriers in the past. 

2. Hands-on experience (aka can you do the job?) 

Do you have the experience and skills to successfully do what’s outlined in the job description? Can you demonstrate that you’ve succeeded in a similar role? This might sound like a given, but what it comes down to is how effectively you’re able to articulate the exact qualifications the employer is looking for. Employers can’t afford to jump to conclusions or make assumptions about your background. Instead, everything that makes you a good candidate for the job has to be spelled out in black and white, even things that may seem fairly obvious to you. 

Not only are strong candidates very thorough about their qualifications, but they’re also crystal-clear about how those qualifications will help them do the job at hand. In the context of applying for a job, this means you should focus on real-life examples and concrete achievements. Hypotheticals are never as strong as a real-life example. Never say “knowledgeable about cyberdefense” when you can instead say “used cyberdefense tools to continuously monitor and analyze company-wide system activity in order to identify threats and malicious activity.” See the difference? 

Before you send off your application, do a side-by-side comparison with the job description. This will give you one last chance to catch anything you may have missed so you can add it to your resume. Likewise, you can feel free to delete any resume bullet points that have zero relevance to the job description. Hiring managers are human and have human attention spans; packing your resume with too much information can be confusing and distracting. Instead, tailor your resume for the job at hand to keep it short, sweet and relevant. 

3. A knack for solving problems 

Cybersecurity is a big, complex puzzle where the pieces are always changing. Strong problem-solving skills are an absolute must. Before they make the decision to hire you, hiring managers will want to see your problem-solving skills in action. Your resume and interview are perfect opportunities to demonstrate your process for tackling complex problems with an analytical, methodical approach. This is why it’s so common for interviewers to ask you to work through a simulated problem during the interview’s technical stage. 

Be sure to talk through the problem out loud and what you plan to do at each step to solve it. Candidates sometimes stumble at this point because they mistakenly think the interviewer is only looking for the solution. In fact, they want to understand your step-by-step approach to solving complex problems. 

4. Life-long learners 

In the never-ending cat-and-mouse game between infosec experts and cybercriminals, the criminals are always trying to stay one step ahead. For the people working to stop them, this translates into staying on the cutting edge of new and emerging technology to best head off your adversaries. 

Cybersecurity professionals are lifelong learners, constantly fine-tuning their skills. Hiring managers want to see that you’re dedicated to keeping up with changes, developments, and emerging trends. 

The most popular way to demonstrate this is with certifications like CompTIA Security+ and Certified Ethical Hacker (CEH). Certifications teach you new skills in addition to updating your existing skills. National conferences are another great way to stay in touch with trends and changes in the industry. Either way, hiring managers will pay close attention to your continuing education activities. 

5. Plays well on a team 

Virtually no job requires you to work 100% on your own. Even cybersecurity positions that give you the leeway to work independently will, at some point, necessitate working with colleagues and communicating with higher-ups. This is especially true in highly collaborative fields like information security. As a result, hiring managers are constantly on the lookout for strong collaborators. 

Every day on the job, you’ll rely on your manager for valuable instructions, training and mentoring. You’ll have to work with your colleagues to tackle complex projects and initiatives. In some roles, you’ll liaise directly with non-IT staff. This is where crystal-clear communication skills (and, in some cases, a healthy dose of patience) come into play! 

Next steps 

If you’re just kicking off your job search, your first step should be to update your resume. Cybersecurity is a rapidly changing field and hiring managers will take notice if your resume isn’t up-to-date with recent changes and trends. Take a look at these top information security career resume tips. 

Ready to ace your next interview? Now that you have insight into what cybersecurity hiring managers are looking out for, you can feel confident that you’re showcasing yourself in the best possible light when you apply for your next job. 

FREE role-guided training plans

Get 12 cybersecurity training plans — one for each of the most common roles requested by employers.

Download Now

 

Sources

1. Cybersecurity Jobs Report 2018-2021, Cybersecurity Ventures
2. Cybersecurity's 'Broken' Hiring Process, Dark Reading
3. A New LinkedIn Study Just Revealed America's 10 Most In-Demand Skill Sets, Inc.
4. What do hiring managers look for?, Idealist Careers