Advice from Adam Brenden, the IPC Cyberdomes’ Lead Analyst:
To me, a good candidate joining the Cybersecurity field requires three cornerstone behavior: integrity, curiosity, and tenacity. The “real world” cybersecurity is complicated. Potential candidates for security positions need to show that they want to keep learning. Simple interview questions I love are “What projects have you worked on?” or “how much learning have you done outside of class or work?” Candidates that can best show their desire to learn usually have some sort of personal project that they are working through. Depending on the quality of the project, there is potential to fold new security controls or procedures into real world Incident Response plans. In this field you have the ability to directly impact the world at large with your ideas.
Having quality integrity skills is important. By the nature of the job, we are held to a higher degree of scrutiny with having access to the customer assets. It is important that a candidate is comfortable with making a mistake, owning up to it, and then asking for help to fix it. This industry is not very forgiving to those who are dishonest. Mistakes are only good when they can be used as learning exercises. Having quality tenacity skills is the simple tendency to not give up. There will be a good amount of boring research, repetitive tasks that might not make sense, and getting lost within the tools of the trade. The advice for anyone looking to grow tenacity skills is simple: DON’T GIVE UP!
Many seem to paint Cybersecurity careers into a very specific box. For much of the time, we are assumed to be Coders, hackers, and software engineers. However, this is a small piece of the entire picture. The industry needs writers, researchers, responders, project managers, graphic artists, and an endless sea of other professions that keep the boat moving. We are constantly looking at a diverse set of candidates to see how each individual might be able to contribute. It is a joy to be able to add new skills to my bag of tricks which help me be a better security analyst.