BSidesSATX 2023

Two Sides of the Same Coin: Interview lessons, as learned by both interviewee and interviewer
2023-06-10, 10:00–10:45, Track 2 (Moody Rm 101)

When people think of interviews — especially in cybersecurity — they focus on the opposition of interviewer vs. interviewee, of hiring company vs. potential candidate. However, successful interviews result when the perspectives of both interviewer and interviewee are kept in mind, regardless of what side of the proverbial table you’re sitting on. In this talk, hiring managers and potential new hires alike will learn how to approach all stages of "The Interview" from both perspectives.


In this talk, I aim to share with attendees all the lessons learned from my most recent experiences on both sides of the interview table, focusing on how the interviewer and interviewee perspectives are more alike than different, and why this parallelism will help set both parties up for a positive and successful interview experience. We’ll start with recurring pre-interview activities, such as regularly scheduled reminders to update resumes or job descriptions, respectively. We’ll move on to general interview prep, which includes both parties preparing a list of questions that reflect their individual and/or company values and priorities. Then, we’ll get into the hearts of both technical and cultural fit interviews, where questions and answers alike will be encouraged to beget honest and genuine communication. Finally, we’ll discuss post-interview tasks, in which both parties can play an active role. At each stage, I’ll give real-world examples and applications of the lessons shared: sample emails, questions, preparation materials, etc. This talk will be a dissection of even the most daunting types of interviews in the world of cybersecurity, resulting in a more holistic understanding of the interview process. In addition, there will be a handful of takeaways from my personal successes and failures that everyone in the industry can learn from to improve and optimize their interview experiences for all parties and stakeholders involved. Welcome to the one-stop interview shop!

Sara Friedfertig is a Security Developer at Arctic Wolf, focusing on endpoint detections and third-party EDR integrations. She describes her “sweet spot” as the intersection of cybersecurity and programming, while still valuing any opportunity to serve as a communications liaison across teams. She holds an undergraduate degree in Software Engineering, a graduate degree in Cybersecurity, a dreamworld degree in Literature (doesn’t she wish!), and an EC-Council CEH certification. Prior to her current role, Sara has worked in and around the SOC as an analyst, engineer, and consultant. Driven by curiosity, Sara is known to ask the most questions on any given day at work; always learning, she takes pride in calling herself a forever-student. Sara is also a champion of advancing women in the cybersecurity workforce, having co-founded the Austin, TX Women in Cybersecurity (WiCyS) affiliate and currently serving as the chapter's Senior Vice President.