👀 Recruiting for Cybersecurity @ SeatGeek – iykyk

Staying Anonymous, a Recent Grad with a Degree in Computer Science

Hi there 👋 — Who are you and what’s your background?

Hi, I’m a recent college graduate with a degree in Computer Science and I’m an incoming Security Engineer at SeatGeek.

Coding with a Security Mindset

What is cybersecurity and how does it differ from a regular Software Engineering role?

Cybersecurity is about defending user information and data. There are different avenues in which you could do that, but the one I focus on is securing applications like websites and mobile devices. It’s different from a Software Engineering role in that there’s a whole security mindset that you need when you’re coding things. You have to think about all the different avenues that attackers can come from, so like downloading malicious software and installing random Node packages (NPM). So, you really have to think about what you’re doing with tech differently, rather than just coding applications.

Take Home, Behavioral Interview with Recruiter, and Final Round with Security Team

What was the interview process like and what made you stand out as an applicant?

A week after I had applied, they sent me a take home which was basically a demo application where they gave me the source code. I had to find vulnerabilities, report it, and send it back.

After a week or two, I got a scheduled call for a behavioral interview with the recruiter. They went through my resume and asked your basic behavioral questions. One of the most surprising questions they asked was what my expected salary was, so I just gave them a ballpark.

Two to three weeks later, I was pushed to the final round which consisted of three to four hours with the whole security team. Because the team was very new, I had to interview with every single person, but they all had different interview formats. One of them was a reverse interview, in which I could ask questions, one was a little more technical as they were went over my portfolio, and the last one was with the manager where they went over things on my resume to make sure it was good.

Do Your Take Home ASAP

What do you think made you stand out as an applicant and is there a recruitment strategy that nobody is doing right now, but should be?

I think that one of the best strategy I had was doing my take home the same day that they sent it to me, because I think that the recruiters definitely notice.

Get Experience Through Internships, Projects, and Self-Learning

What were your previous experiences and is it difficult for someone with no direct experience to go into cybersecurity?

In my portfolio, I had two previous internships and projects. During freshman year, I worked as a Software Engineer for a small security company, writing challenges that involve people helping other people learn concepts in cybersecurity. The summer before my sophomore year, I worked as an application security, like a pentester or consultant, so I reviewed and tested clients’ applications, wrote reports, and explained what was wrong. I think that the two experiences helped me because it helped me gain a better understanding of both Software Engineering and Security. As for my projects, I did some volunteer work at security events.

It honestly might be a little bit hard for someone to go straight into security with no adjacent experiences, because there are some core concepts that people just don’t know about. For example, cryptography versus hashing versus encoding. They’re things that you can definitely learn if you take the time to do so.

Projects and Competitions are Important

What advice would you give someone who wants to pursue cybersecurity full-time?

Personally, I think that projects are definitely more important than a high GPA, because it shows more ambition and dedication. You’re actually taking time out of your day to do the projects, rather than just going to a class that you were forced to take.

I would also recommend doing cybersecurity competitions and honing your programming skills, but using a security mindset. You need to think like a real Security Engineer by thinking about which key points can be vulnerable.

Salary Expectations

What is the average starting salary for program participants and what does the salary progression look like once you’ve graduated from the program?

I would say my salary is on par with the new grad Software Engineer salary.

Future Plans

What’s your next play and what is your 5-10 year career plan?

I want to stick with security so that I can move into a managerial position later on, and climb the ranks.