Monday, May 12, 2008

Over the past week, we've been interviewing someone to be my back up. My manager asked me to join in on the process to make sure I like the person selected and to ask the technical questions.
This has been an interesting process for me, because almost all of my interviewing experience has been on the other end of the conference call.
I'll share the technical questions I asked in case anyone finds themselves is the unenviable position of being interviewed by me.

1. What do you see as the most critical and current threat to data security?

2. What online resources do you use to stay current on the latest threats and vulnerabilities?

3. If you have a brand-new server, what is the first thing you would do to ensure that it is secure?

4. If you were required to both compress and encrypt data, which would you do first and why?

5. What is the goal of information security in an organization?

6. Are open-source projects generally more or less secure than proprietary ones?

We had one guy get them all right and another get them all wrong. The others fell somewhere in the middle, more towards the "all wrong" end.

Are these questions mean or something? If you were interviewing for a security position would you expect this type of thing or something entirely different?

The fact that someone was able to answer them leads me to believe that the questions might have been alright, though I initially considered them not technical enough.

The other thing this process taught me was that if you are fielding interview questions while jogging you should slow down to a pace that makes it sound less like you are dying and that we should hang up and dial 911.

1 comment:

Anonymous said...

actually I agree, I didn't see them as tech questions. btw your getting a lacky AWESOME!