Monday, November 17, 2008

infosec interview questions part III

I've had two other posts relating to questions to ask a candidate during an interview (here and here). It's a tough economy out there, lets reverse roles and ask questions to the interviewer. I'll still sort by Bloom's Taxonomy, however most questions are focused on understanding your potential environment and it's priorities.

Remember/Knowledge


  • What tools do you or your team rely on?
  • How big is the team, what are the hours expected?
Understand/Comprehension
  • What is the goal of infosec within a company such as this?
  • What kind of constraints does your department have?
  • What regulations or mandates are you with-held to?
 Apply
  • What's the largest threat to your business? What countermeasures did you apply to mitigate?
 Analyze
  • Do you put more emphasis on protecting, responding, or staying in compliance?
Evaluate
  • What is the biggest concern, security or otherwise, you would see me as addressing within your organization?
 Create
  • Where do you think security will be in 5 years as a [practice|industry|concept]?
 I'll add more to this as I come up with ideas.
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)