Tag: Softskills

Softskills: CV, Job Application and Interviews

This one might be a bit too specific, since every country has its own CV and interview culture. For example in the US you don’t add a picture of yourself, in Germany this is very common. There should be much more differences, so please don’t take everything here for granted in the area or county where you want to get a job. I try to be as general as possible here.

From my previous post Softskills: Networking for your Career you should be aware that it is good to get a job over a personal network and could be the most promising option.

CV & Job Application

A couple of points for the CV & job application:

  • be honest, when people found out you lied or made things up you are out
  • don’t go into details that don’t have something to do with the job you are applying to, unless it seems necessary
  • everything else write detailed, I like to have much information, but other people might have a different opinion
  • take a clean and easy to read format
  • write a great motivation letter for your application
  • proof facts, for example if you write you have a certification add a copy or scan of it to the application
  • check for grammar and spelling
  • if possible let somebody read your application who can give good feedback

Job Interview

I was on both sides of the table, conducting interviews and also of course being the candidate.

  • know your CV well, you should be able to explain everything without looking it up
  • if you have a bad feeling you normaly should not take the job, unless it is a huge chance for you or you can use it for jumping to a better job
  • prepare for the interview, think about what questions might be asked
  • try to prepare for standart questions like
    • what was your biggest mistake
    • where do you see yourself in five years
    • what is your biggest weakness
    • what do you expect from your employer
    • and so on
  • prepare for technical questions
    • there is nothing worse for example when you say for example you know XSS but could not explain the difference between a stored and a reflected XSS
    • have a look at the Daniel Miessler interview questions (see also below)
  • if you have weak spots in your CV you can try to handle this pro-actively, if not prepare for critical questions
  • prepare questions that you want to ask, for me an interview always has to go into both directions

Links
https://us.experteer.com/magazine/should-you-put-a-photo-on-your-cv/
https://danielmiessler.com/study/infosec_interview_questions/
https://www.indeed.com/career-advice/resumes-cover-letters/motivation-letter

Softskills: Networking for your Career

Whether looking for a new job, enhancing your knowlege or finding like-minded people, networking is important for your career.

Social Networks

When I looked for my first job as a pentester I wrote to CEOs and company owners from smaller companies that I found interesting on Xing (which is manily active in Germany) and later I also used LinkedIn. I got invitations to interviews and found a job.

Further I use twitter, but not as much as I did 2-3 years ago. But you can still get information very quick when you follow the right people. For example when a PoC for an exploit is available it is posted fast here, but be careful and check the information.

On all networks you can use direct mail for contacting people when you have questions, in my experience most people are happy to help.

But how to start? First follow and add people you know. Search for people who might be interesting for you and also add/follow them. When contacting the first time, just say a few words about yourself. Share posts you find interesting and maybe start sending your own post, maybe a link to an interesting blog post you found interesting or a short course review.

You can also be successful without social media accounts, but for me it was a booster. It is also useful to stay in contact with people you meet at…

Conferences & Meet-ups

Another great place for networking is conferences and local meetings. At local meetings (I visited the OWASP meeting Cologne for some time) it is easy to get into touch with people in the area you live, you have presentations and can learn.

At conferences it depends strongly for me what you expect. For networking it might be better to go to smaller conferences, especialy if you don’t know anybody. Bigger conferences are also good, but maybe a bit overwhelming first.

You can get more contacts when participating actively, for example by giving a presentation or as a volunteer.

Or, when you are in the industry for a longer time, just meet with people you know.

And guess what? I got in touch with one of my employers at a conference.

Links