Not In My Watch! - CyberSec Analyst Interview

Not In My Watch! - CyberSec Analyst Interview

by SoftAndoWetto ~2 min read

A behind-the-scenes look at a CyberSec Analyst pre-screening interview in an IoT and enterprise environment. Learn what skills and experience stand out, from hands-on labs and CTFs to cloud security, networking, and proactive team collaboration.

blog
#interview #cybersecurity #cloud-security #devops #azure #saas #career #penetration-testing

Context & Participants

This interview was a shorter, pre-screening interview on my side to see if this is somewhere I want to work.

The recruiter didn’t provide much detail about the role, so they asked what I already knew about the company.

I explained that I had researched the company beforehand to familiarise myself with what they do.


Company & Role Overview

The company develops, releases, and supports software for both public and private sectors, serving a variety of industries.

The security responsibilities for this role include:

  • Advising on secure Azure and cloud environments
  • Ensuring secure DevOps and CI/CD practices
  • Overseeing SaaS security and customer environments
  • Collaborating closely with IT and infrastructure teams to implement and maintain best practices

The role also involves reviewing existing security measures, identifying areas for improvement, helping build security runbooks and documentation, and providing guidance to ensure teams follow secure processes.


What the Company Is Looking For

The company is seeking a candidate with strong security knowledge beyond what the current IT team possesses, while also being able to learn their specific tech stack.

Key requirements include:

  • Strong security focus; deep hands-on IT or infrastructure skills are not expected
  • Collaborative mindset, helping others implement secure practices
  • Understanding of firewall rules, networking basics, and the ability to provide recommendations for improvement
  • Self-sufficiency, initiative, and the ability to suggest and implement security enhancements
  • Assistance in building security runbooks and documentation to support consistent practices across the team


Candidate Background & Experience

  • Grew up around computers and eventually focused on cybersecurity, with a main passion for penetration testing
  • Hands-on freelance penetration testing experience from university
  • Experience bypassing SIEM and EDR tools, providing an attacker’s perspective for security assessments
  • Familiar with Active Directory, including techniques such as Kerberoasting, pass-the-hash, and golden ticket attacks
  • Uses practical learning platforms like Hack The Box and its academy labs, runs home VMs on Kali Linux
  • Experience with networking basics and tools such as Packet Tracer


Interview Questions & Answers

Hands-on Security Tools

  • Focus was on practical experience, not just theory
  • They wanted to see that I could apply security knowledge in real-world environments

Use of MITRE ATT&CK

  • Asked about my knowledge of the framework
  • Interested in how I apply it in my work

Lab Setup & CTF Experience

  • Questions about whether I set up my own labs or engage in CTF challenges
  • Emphasis on hands-on, self-directed learning

Networking & Infrastructure

  • Asked about comfort with networking concepts
  • Explored experience with networking hardware such as routers, switches, and firewalls


Candidate Questions to the Company

  • High performer traits: self-sufficiency, collaborative, proactive in implementing improvements
  • Biggest team challenges: lack of in-house security expertise; need to define and implement best practices
  • Measure of success: security issues remain invisible; the company isn’t hacked, security functions as insurance




Related posts


DeepSeek AI's Data Privacy Concerns: From Troubling Test Results to South Korea’s Ban
Feb 17, 2024
My First Penetration Tester Interview
Oct 31, 2025
What The Government Really Asks You - Pentester Interview
Nov 7, 2025
← What The Government Really Asks You -... My Interview With A Tech Giant - Cybe... →

Published on November 14, 2025 by SoftAndoWetto