Module 5: Find and apply for cybersecurity jobs

Welcome back! We’ve covered so many security related
topics in detail. Throughout this program, we’ve discussed protecting
organizational assets and data, and the tools and
procedures used to protect them. We’ve also explored how to
communicate with stakeholders, reliable sources to
help you stay up-to-date on security news
and trends, and ways to get involved with the
security community to help establish and advance
your career in the field. Now, we need to get
you prepared to find a job as an entry-level
security analyst. Security is a huge field with countless job
opportunities. By 2030, the U.S. Bureau
of Labor Statistics expects the number
of security roles to grow by more than 30%. But how can you find the
right opportunity for you? In the next several videos, we’ll discuss specific
strategies to help you find and apply for
jobs in the industry, including how to create your resume and develop
rapport with interviewers. We’ll also cover how to
use the STAR method for interviewing and how to
develop an elevator pitch. I remember initially
being interested in my role because
education is my passion. Researching the security field and industry in preparation for my interviews cemented my
fascination for cybersecurity. I’ll be honest, I had taken a lot of what security
does for granted. Now, I feel incredibly
fortunate to be a part of this industry and the exciting
opportunities it offers. Now, it’s time to
get you ready to find security jobs.
Let’s get started!

Deep Dive into Security Analyst Roles: Your Career Launchpad

Welcome, aspiring security champions! This tutorial dives deep into three key security analyst roles, equipping you with the knowledge and skills to launch your career in this exciting field. Remember, understanding these roles is crucial for tailoring your resume and interview preparation, maximizing your chances of landing your dream job.

Level 1: Foundations of Security Analyst Roles:

• Security Analyst: This entry-level role focuses on monitoring networks for breaches, developing security strategies, and researching trends. Your understanding of log monitoring and SIEM tools from the program will be invaluable assets.
• Information Security Analyst: This role involves crafting security plans and implementing measures to protect networks and systems. Your knowledge of controls, frameworks, SIEMs, and packet sniffers will be key differentiators.
• Security Operations Center (SOC) Analyst: This fast-paced role prioritizes swift and efficient handling of security incidents. Your grasp of security playbooks and incident response procedures will be highly sought-after.

Level 2: Unveiling Your Strengths:

• Match your skills to the role: Analyze each role’s responsibilities and required skills. Identify how your program learning and personal strengths align with each role’s requirements.
• Highlight relevant experiences: Think beyond formal job titles. Consider volunteer work, personal projects, or academic experiences that demonstrate your aptitude for the chosen role.
• Quantify your achievements: Use metrics and data to showcase the impact of your past work. Did you identify X number of potential security threats? Did you implement a security measure that reduced incidents by Y%?

Level 3: Exploring the Job Market:

• Leverage online job boards: Create accounts on platforms like ZipRecruiter, Indeed, and Monster Jobs. Filter by “cybersecurity” and explore hundreds of listings with detailed requirements.
• Network with professionals: Connect with security professionals on LinkedIn®, attend industry events, and participate in online communities. Their insights can help you identify promising opportunities and gain valuable career advice.
• Research potential employers: Before applying, delve into the company’s website, social media presence, and news articles. Understand their mission, values, and security culture to assess if your skills and aspirations align.

Level 4: Preparing for the Next Step:

• Craft a compelling resume: Tailor your resume to each specific role, highlighting relevant skills and experiences gained from the program. Use keywords from the job description and showcase your achievements with quantifiable data.
• Master the interview art: Practice your responses to common interview questions. Research the company and prepare insightful questions to demonstrate your genuine interest in the role and the organization.
• Embrace continuous learning: The security landscape is constantly evolving. Stay updated on the latest trends, technologies, and threats through online resources, conferences, and professional development opportunities.

Remember:

• Passion is key: Choose a role that aligns with your interests and long-term career goals. Your passion will fuel your motivation and dedication in this dynamic field.
• Networking is invaluable: Build connections with security professionals within your community and online. These connections can open doors to exciting opportunities and provide valuable mentorship.
• Never stop learning: Continuous learning is essential for success in cybersecurity. Stay ahead of the curve and embrace the challenges and rewards of this ever-evolving field.

By understanding the different security analyst roles, showcasing your strengths, and actively engaging with the job market, you can launch your cybersecurity career with confidence. Remember, your journey has just begun! Embrace the learning, network with passion, and watch your career soar to new heights in the thrilling world of cybersecurity.

Bonus Resources:

• SANS Institute: https://www.sans.org/
• OWASP: https://owasp.org/
• (ISC)²: https://www.isc2.org/
• Black Hat: https://www.blackhat.com/
• DEF CON: https://www.cisa.gov/news-events/events/black-hat-usa-2023-defcon

This tutorial provides a roadmap for navigating the exciting world of security analyst roles. By following these steps and utilizing the resources provided, you can confidently launch your cybersecurity career and make a significant impact in this critical field.

I hope you feel really proud
of how far you’ve come! You may remember that
earlier in this program, we discussed a few security
roles in the industry. Now, we’ll explore
three of those roles. We’ll start with
security analyst. Security analyst is typically
an entry-level role that might interest you
as you prepare to enter the security field. The role generally focuses on monitoring networks
for security breaches, developing strategies to
help secure an organization, and even researching
IT security trends. In previous courses,
we discussed log monitoring and SIEM tools. Having a solid foundational
understanding of how to use those tools will certainly
be useful in this role. Another role that
might interest you is information security analyst. This role generally focuses on creating plans and implementing security measures to protect organizations’
networks and systems. Earlier in the program, you learned about controls
and frameworks that can be used to develop security
plans and procedures, as well as how to use SIEMs and packet sniffers to
identify risks. That knowledge will
be beneficial when it comes to developing plans and determining the best
tools to strengthen an organization’s
security posture. Finally, we’ll explore the security operations
center analyst role. Security operations
center analyst, also known as a SOC analyst, is another role you
might find exciting. This role generally focuses on ensuring security
incidents are handled rapidly and efficiently by following established
policies and procedures. Earlier in this program, we discussed security
playbooks and how they are unique
to each organization. We also covered
the importance of being able to follow
the processes outlined in playbooks to respond to security
events or incidents. That knowledge will
certainly help you stand out as a potential
candidate for this role. There are many more job roles that you may be interested in. A great way to find
more of these roles is to create an account
on various job sites and search for cybersecurity
positions. A few well-known job sites in the United States and
internationally are ZipRecruiter, Indeed, and Monster Jobs. Each of these sites
have hundreds of open job listings with roles, responsibilities, and skill set requirements
posted under the job title. How exciting is it that
we’re now discussing jobs and sites that you
can use to apply for them!? It’s important that
you do your research before applying to any position. Gather plenty of information
about the company, the job role, as well as
required and preferred skills. This will help prepare you
for a potential interview by knowing exactly what the
employer is looking for and how your skills align with the
employer’s expectations. This will also help you
align your own values and passions with the
organization’s mission and vision. But before you can apply
for a security job, it’s important to create a resume that will catch
an employer’s attention. Coming up, we’ll discuss the resume development
process in detail.

In this video, we’ll discuss how to create
a resume that is tailored to the job you’re applying for. Note that a resume is sometimes called
a Curriculum Vitae, or CV, for short. Remember that it’s okay if you don’t
have any cybersecurity experience. This certificate program
has covered key skills and concepts that employers are looking for in
an entry-level security analyst position. You can mention all that you’ve learned
in this program on your resume, including programming languages, such as
Python and SQL, and Linux line-command. You can also share your understanding of
what it means to have a security mindset, your knowledge of standard frameworks and
controls, like the NIST CSF and CIA Triad model, as well as your familiarity with
how to use SIEM tools and packet sniffers. It’s also possible that some of your
earlier job experiences allowed you to develop knowledge and skills that
are transferable to a security role. These skills could include being
detail oriented, collaborative, and having strong written and
verbal communication skills. Here’s an example of a resume. You’ll want to start with your
name at the top of the resume, followed by your professional title. Your title could be something
like ‘Security Analyst’ or a title that matches the position
you’re applying for. You’ll also want to include at
least one way that employers or recruiters can contact you, for example,
an email address or phone number. After your name and title,
you’ll provide a summary statement. This section should be brief, just one or two sentences related to
your strengths and relevant skills. Make sure the statement includes
specific words from the responsibility section of the job description. You can include something like this in
your statement: I am a motivated security analyst seeking an
entry-level cybersecurity position to apply my skills in network security, security policy,
and organizational risk management. Following your name and
summary statement is the skills section. This is a bulleted list of the skills
you’ve learned in this program that are related to the position. Employers usually like to know about
your previous work experience. In the experience section,
you’ll list your work history. Underneath each job entry,
provide a list of the skills and responsibilities you performed. It’s a good idea to start each
bullet with a verb and, if possible, details that quantify an accomplishment. For example: ‘Collaborated with a team
of six to develop training for more than 25 company employees.’ ‘Try to highlight the security or
technology related skills and knowledge that you have, based on
your experiences in previous jobs and this certificate program.’ The next section of the resume lists
your education and certifications. Start with the most recent
education you’ve completed, including certifications, trade schools,
online courses, or college experience. Also include the names of sites and organizations that issued your
certifications and schools you attended. List any subjects you studied related
to the job you’re applying for. If you’re currently enrolled in school or
a certification program but haven’t graduated, note: in progress. As you develop your resume,
keep a couple of things in mind. Make sure there are no spelling or grammatical errors in your resume before
sending it to your potential employer. Also note that resumes are typically
about two pages long, and list only your last 10 years or
less of work experience. Resumes can be created using word
processing applications like Google Docs or OpenOffice. However, you might find some simple but professional resume templates
online to get you started. To find them, type: free resume template or a similar search term
into your internet browser. If you use a template, be sure to replace
all of the prefilled text with YOUR information and qualifications. There is so much to consider
when creating your resume. But what we covered today
will help you get started. Coming up,
we’ll explore the interview process.

[MUSIC] My name is Garvey, I’m a global
staffing manager here at Google. I hire essentially all the cybersecurity
engineers here at Google. I’ve hired across the US, Zurich, London, Sydney, Australia, and
virtually any office that you name. This space is unique in the sense that
it’s growing, it’s vastly evolving. You have a number of candidates that have
pivoted, changed positions in their life, come from all different walks of life,
right? So, cover letters is an opportunity for
you to tell that story. A resume tells me the facts,
what have you done, but a cover letter tells me who you are. Why cybersecurity? Why this space, why this opportunity? What draws you here? Most folks that I’ve met that want to
enter this space have a reason. Either they’ve been the victim of some
sort of cybercrime, or they know others who have, or they’ve seen something
that has affected them in their lives, that has brought them to that moment. I want to know more about that. I want to understand what your passion is,
what your interest is in this space. So I think in particular when
it comes to cybersecurity, when it comes to cover letters,
it’s your opportunity to tell me kind of what’s written in between those lines
of that resume that’s brought you here. How long should a cover letter be? I don’t think there’s any
perfect science to that, you know. First give me a few lines about yourself,
your family, your hobbies. And then after that, really kind
of cut to what makes you unique, what makes you different
than this other applicant? What has brought you to this opportunity? How have you overcome adversity? How do you plan to do so
in this work environment? What does this job mean to you? What are the soft skills
that you can present and bring to your colleagues in this role? If I’m a candidate that’s
making a career transition, I want to know in that cover letter, why? Is there a particular reason
cybersecurity excites you? Is there a particular reason
you’re making this transition? What haven’t you found
in your previous career? I want you here forever, right? And if I keep you here forever,
I want to keep you happy, right? So what makes you happy? What are the things that you see in
this space that are going to excite you, that you’re passionate about? All right, I want to see that
written on the cover letter. Don’t just sort of standardize
your cover letter and just fire it off regardless of
the company that it is, right? Tailor your cover letter
around that mission. What’s their mission? Make it a part of your own. Know the company’s mission,
know their purpose, their products. Insert that in your cover letter. A cover letter is meant to capture
someone’s attention quickly. You can’t manage to capture
the attention of someone for the entirety of what you’ve written,
right? So, what is it about you that interests
me, that brings you to this time and this opportunity? You want to capture someone’s eye first
and then capture their attention and their mind, right? So be bold, be loud, right? I think keep the words simple,
but like, be bold.

After you’ve
submitted your resume to several job postings, you’ll hopefully get an
opportunity for an interview. The interview process
usually starts with a short
pre-screening phone call. It typically involves having a 15-minute conversation
with a hiring manager or recruiter who will
ask you some questions to make sure that you are who
your resume says you are and that you meet the minimum
requirements for the job. Following the pre-screening,
you could be invited to an in-person interview
either on-site or online. This could be a panel interview
with a few members of the team that you
would be working with or a one-on-one interview. Let’s discuss some
strategies that can help prepare you
for an interview. Review the job description and
your resume ahead of time. Practice speaking
about the experiences and skills that the
employer is looking for. Consider practicing this with a friend by participating
in a mock interview. Your friend will act as the
interviewer and you will answer their questions, as if you’re meeting
with the employer. It can also be helpful to
dress professionally and feel comfortable
in the clothes you choose to wear for
the interview. Before the interview begins, take a few deep breaths, and remind yourself of all
the preparation you’ve done. If the interview is online
via video conference, prepare a location
in your home that is quiet, tidy, and professional. Also be sure to test your
video and audio settings, and if necessary, download the video conference application specified by the interviewer. This will help ensure
that you correct any technical issues
before the interview. Interviews usually
include two parts: a background interview and
a technical interview. The background
interview will likely include questions
about your education, work experience,
skills, and abilities. You might even be asked some personal questions
unrelated to the job posting. The interviewer is trying to
get to know you, to determine if you’ll be a good match for the team and company culture. At the same time, you want to ask questions
to help you decide if the team and company culture
are a good match for you. The other portion
of the interview is the technical interview. This is when the
interviewer will ask you specific questions
about technical skills related to the role. You might be asked,
how you would respond to a specific situation, or to explain a
technical concept that’s listed on your resume. Do your best to answer
these types of questions confidently and concisely based on your current knowledge. It’s okay to say that you
don’t know the answer to a question or that
you need a moment to respond, so you can
think about your answer. Employers respect honesty. Just follow up with an explanation of how you
would figure out the answer, either by researching it or
collaborating with the team. Even after you’ve completed
this certificate program, you’ll still have access
to all of the content. So before the interview, go
back and review your notes, the glossary, and any concepts that you might need to refresh
your memory on. This can help you feel prepared for the questions
you’ll be asked. Remember, you can prepare for the interview by participating
in a mock interview, reviewing the job description, and taking a few deep breaths before the interview begins. You’ve learned a lot in this
course and are ready to move ahead and find a position
as a security analyst. Coming up, we’ll discuss how to conduct
pre-interview research.

[MUSIC] My name is Garvey, I’m a global
staffing manager here at Google. I’ve hired, I would say, several hundred security engineers here
at Google over the last seven years. Advice I’d give those
that are preparing for their technical interviews, don’t expect
that the interview will be a sort of trivial exam of how many questions can you
answer in this sort of period of time. I want to know, as an interviewer, does
the candidate understand the fundamentals and can they explain them back to me? Programs and applications that
I would recommend preparing for when doing an entry level interview,
for example, Splunk, Wireshark, understanding their functions,
their purpose. If you can get to the point of
understanding their internals, why they exist. If they didn’t exist,
how would you solve a problem? Outside of that, just understanding the fundamentals of
topics that exist within this space. Network security, web application,
security knowledge, operating system internals,
understanding and mastering security protocols I think
that’s an important place to start. Practice answering open end questions. They tend to be really difficult,
they’re ambiguous by design, they’re complex by design. You always want to start first
by asking clarifying questions. Get information from your interviewer
to help you narrow down the focus of the question itself, but also sort of
lower the scope of the problem, right? Into something that you
can answer yourself, that you know that you
feel comfortable with. Organize your answer
through the STAR method. It’s a great way to organize yourself when
faced with a large open ended question, it will help your interviewer
understand your train of thought. Thinking out loud as well will help your
interviewer understand okay, this is where Garvey’s going with this answer,
if I need to help him, I can help him. Maybe he doesn’t get the entire answer, I
know he was on the right track because he was thinking out loud,
I understood where he was going. If you don’t know the answer, that’s fine. Again, no one expects you to walk on
water, but we don’t expect you to lie, [LAUGH] if you will, right? My ideal candidate is someone
who just loves to learn, right? Someone that’s humble, that’s honest,
someone that can manage through ambiguity, complexity in their own life, doesn’t
necessarily have to be directly related to cybersecurity, but someone that when
faced with a problem, runs towards it. They’re always a student, they’re always
there to learn, always there to mentor, lead others, and they demonstrate those
characteristics throughout their life. Nerves during technical interviews,
I think that’s pretty standard [LAUGH], it’s okay to be nervous, right? I think it means you care. There’s a reason you’re there. There’s a reason you find
yourself in that moment, right? Someone has counted you in already. They have belief in you and
this space needs you. So, you know, I would say, trust yourself,
trust your gut, don’t be afraid to fail.

Previously, we
discussed how to create a resume and what to expect
during an interview. In this video, we’re
going to cover a few more things that
you need to do to prepare for the interview
and that could help set you apart as an excellent
candidate for the position. Before the interview, it’s important to do
some research about the organization you’re
interviewing with. Interviewers want to know
that you’re a good match for their team and that you value the things that are
important to the company. It’s just as important
for you to decide if the company
matches your values. So make sure you know the organization’s
mission and vision. Understand their core
values and company culture. This information is usually
easy to find either in the job description or on the “About” page of the
organization’s website. Think about why these values and the company culture are
also important to you. Then, practice how you will communicate this to
potential employers. Remember that you will not be the only applicant
for the position. Consider what sets you apart
from other candidates and be prepared to emphasize those qualities
during the interview. What about your skills, experience, or work ethic make you the best match
for this position? How do your goals align to the
goals of the organization? You want the employer
to remember you after they’ve interviewed
several candidates. So highlight things that make you the best candidate
for the role. You also want to think about
the employer’s perspective. The organization has needs that must be met by
filling the position. They may have productivity
or compliance goals. Or the team might be growing because the
company is expanding. Take some time to
think about what the interviewer is
seeking in a candidate. Then prepare yourself to state directly how you can meet
the employer’s needs. The interviewer may have reservations about
hiring you because of your lack of experience
as a security analyst. If this comes up
in the interview, be prepared to address any possible concerns by speaking about your
strong work ethic. This could include an ability
to learn quickly based on feedback, or to collaborate
and communicate with others. Also, you could discuss
having a security mindset, or problem solving
skills that you’ve developed from personal life, work, or educational experiences. Learning about the organization’s
culture and mission and preparing to
demonstrate how you can add value to the
team are essential. It’s also a good idea to write down questions that you can ask the interviewer about the organization’s past
accomplishments and future goals. This shows potential
employers that you’ve done your research and care about
the organization’s success. Coming up, we’ll discuss how to build rapport with interviewers.

What should you research about an organization before an interview? Select three answers.

The organization’s mission. The organization’s vision. The organization’s vision

You should review the organization’s mission, vision, and their core values before an interview. Interviewers want to know that you’re a good match for their team and that you value the things that are important to the company.

In this video, we’ll
explore a topic that can contribute to your success
during the interview process: How to build rapport with
your potential employer. Rapport is a friendly
relationship in which the people involved understand each other’s ideas and communicate well
with each other. Building rapport begins with the very first
interaction you have with the company’s staff by phone, email, or video conference. It’s important to use a professional tone in
the email you write, expressing your
interest in the job. But it’s also important to
be polite and friendly. Expressing appreciation for
being considered and having the potential opportunity to interview is one way
to build rapport. When and if you have an
initial phone screen, you can use a friendly,
conversational tone of voice. To do this, try smiling
while you talk. While it’s true
that nobody can see you smile on a phone call, smiling while you talk can
make you sound friendlier. During the phone screening
and in-person interview, you can ease interview
nervousness by engaging actively in a way
that feels natural to you. That can mean simply saying: “Hello, nice to meet you.” You can even start a short,
friendly conversation by asking the interviewer
how their day is going. Or, if the weekend just passed, you might ask the interviewer: “How was your weekend?” Make eye contact when you ask these questions during
an in-person interview, or be sure to look directly into the camera during
a video interview. This will show the
interviewer that you’re engaged in
the conversation. Oftentimes, during the second
half of an interview, the interviewer will ask if you have any questions for them. As we discussed earlier, it’s important to
have some questions prepared to ask at this point. Here are some suggestions. You could ask: What is the biggest challenge
I might face coming into this role and how would I be expected to
meet that challenge?” Or you might ask: “What would you say
is the best part about working for this company?” Or: “What is a typical
day like for an analyst?” Another great question is: “What is the potential
for growth in this role?” Asking questions shows
that you’re engaged in the conversation and you’re interested in the company
and the position. It also shows the employer
that you are confident and that you want to make
sure that their company is a good match for you before
you make a commitment. It’s nice to send a
follow-up email a day or two after your
in-person interview. This is just a brief email
thanking the interviewer for the opportunity
to meet with them and learn more about
the organization. It’s also a good idea to mention something specific from your
interview in this email. It shows that you were actively engaged in the conversation. Remember, the employer is probably interviewing
other candidates. So sending a follow-up
email will help set you apart and remind the
interviewer of your discussion. Building rapport
with the interviewer and other employees is an important skill when interviewing for your
first security position. Writing friendly but
professional emails before and after the
interview and engaging in friendly conversation
during the interview can help set you apart as a
great candidate for the job.

Welcome back! Preparing for job interviews in the security
field is such an exciting process. You’ve learned a lot through this
program that can help you stand out as a candidate. Let’s discuss some useful interview
strategies to consider when speaking to an employer. Your interviewer is going to ask
several questions when you meet. Carefully consider each
question before responding. Let’s discuss the STAR method, which
can help you prepare for interviews. The STAR Method is a technique
used to answer behavioral and situational interview questions. Using this method is a great way to help
you understand each interview question and provide a thoughtful and
thorough response. STAR stands for: Situation, Task, Action, Result. The STAR method is typically used to
answer open-ended questions such as: “Tell me about a time when you
encountered a challenge on the job?” Let’s go through an example of how this
question could be answered using the STAR method. The situation: Two people needed to
stay home for work due to illness, and I was the only person
available to assist customers. The task: I needed to answer phone
calls from customers, while assisting shoppers in the store. The action: I came up with a strategy that
allowed me to assist customers as they entered the store while also ensuring
that customers who called were helped or politely placed on hold until I
was able to address their needs. The result: I managed the in-store
operations for the day without many mistakes, and my manager complimented
me during the next team meeting. Hopefully this example highlights the
benefits of answering open-ended interview questions using the STAR method. But the STAR method isn’t the only
strategy you can use during an interview. You can also answer
questions with confidence. One way to demonstrate confidence is by
admitting when you don’t know something. For example, if an interviewer asks you
to discuss a skill that you don’t have, it’s okay to admit you
haven’t learned it yet. However, the trick is to confidently
mention that while you don’t have that particular skill, you’re a quick learner
and eager to develop that skill. Treat it as an opportunity to
emphasize your ability to adapt and learn on the job, which shows confidence! You know what else shows confidence? Taking the time to fully
understand a problem or question to provide the best solution or
answer possible. When interviewing,
don’t be afraid to ask the interviewer for a moment to think about your answer. It shows that you’re willing to take the
time needed to understand the question and provide a response that is meaningful and
relevant. We’ve discussed a few strategies that can
help you overcome the nervousness you may feel about interviewing for a job. Coming up, we’ll continue to explore
ways to prepare for interviews.

Fill in the blank: The _____ Method is a technique used to answer behavioral and situational interview questions.

STAR

The STAR Method is a technique used to answer behavioral and situational interview questions. This method can help you develop a thoughtful and thorough response to open-ended interview questions by analyzing a situation, task, action, and result (STAR).

In this video, we’ll take a little time
to discuss additional strategies you can use during a job interview. In past job interviews,
your potential employer may have asked: “Do you have any questions for me?” This type of question can
be an opportunity for you to show the interviewer
that you’re prepared and ready to have a meaningful
conversation with them. A big part of interview preparation
is researching the company before the interview because it will allow
you to ask questions that demonstrate you took the time to learn about
the organization and its needs. These kinds of questions show that
you’re passionate about your career and that you want to help the company
strengthen its security posture. There are also some general questions
you can ask the interviewer to determine if the job and the organization
itself are a good match for you. Here are some examples: “What’s the biggest challenge for a new person
in this role?” “In what ways can I contribute to the
success of the team and the organization?” “What qualities or traits are most important
for working well with the team and other stakeholders?” Questions like these can help you develop
rapport with the interviewer, and show that you’re interested in learning more about
the role and the organizational culture. Interviewing for jobs can be a really
exciting process when you’re prepared, and asking questions is an essential
part of the interview process. Don’t be afraid to ask potential
employers tough questions. This will help them understand
you as a thoughtful, curious person who can
add value to the team. Coming up, we’ll discuss another strategy:
The elevator pitch!

Hi, I’m Karan. I’m a security engineering
manager here at Google. As part of my job, I do
participate in hiring candidates. And so far I’ve spoken to like hundreds of candidates,
potential candidates, people who actually got into Google. Almost every
time I meet somebody, I get to see a new path. And that’s always fascinating for me to learn about somebody else. One thing I’m seeing
very interestingly is the increase in the
number of people who come from
non-technical backgrounds. So that can be recruiting, sales, like you name it, we’re seeing a ton of people. So, for preparing for interviews, I think you can break
down that question into technical preparation and
non-technical preparation. And so for technical preparation, I advise people to build up on, you know
networking fundamentals, information security
fundamentals, get all those concepts right, so you understand
how things work, how are they related,
and all of that. Make sure you ask clarifying
questions to get to the root of the problem and what the interviewer wants from you. A lot of people just dive into the problem without
really clarifying. If you don’t know something, don’t be afraid to say, “I don’t know” and say, but here’s how I would
approach the problem. For the non-technical pieces, I think practice with a friend, have an interview partner, and see how you respond. See where you fumble, and be kind to yourself
as you’re doing that. Focus on bringing your whole
self to the interview. So that means showcasing how
you’ll work with a team. Bring up examples of projects
you have done with others, how you have led those projects? Have you done open-source
collaborations? A lot of these soft skills, if I may put them as are super crucial even when you’re
solving a security problem. So those are some key aspects
that we’re looking for when we are
interviewing for roles. For new folks in the industry, the main thing we would be
looking for is curiosity. Personally speaking, I look
for people who have drive, who are very driven to
learn more about the field, they may not know everything
and we know that, but we want to make sure
that they are asking the right questions
and getting through the problem by
working with others. So, if you get an answer
like, I don’t know, but I’ll figure it out, and
here’s how, that’s amazing. Also, I’ll say don’t be
afraid of rejection, because it takes time to
find your first role. It took me hundreds of
applications to find my first job. And then don’t be afraid to
apply even if you don’t meet all the required or
preferred qualifications, just look at the
minimum qualifications. And if you do pass that, you know, it
doesn’t hurt to apply. So, please keep applying.

Now, let’s discuss a concept that can
help you identify your strengths and allow you to highlight
those strengths to others: An elevator pitch. An elevator pitch is a brief summary of
your experience, skills, and background. It’s called an elevator pitch
because it should be short enough to say in 60 seconds or less,
which is the average amount of time you might spend talking
with someone on an elevator. Elevator pitches allow
you to demonstrate who you are to potential employers
in a very short time span. They can be used at job fairs, career
expos, and other networking situations, like professional conferences and
social media job sites such as LinkedIn®. Now, let’s examine how to
create an elevator pitch. Your elevator pitch needs to be short and
persuasive. There’s no need to list all of your
previous experiences and accomplishments. Instead, explain who you are and why you
care about being a security professional, as well as the qualifications and
skills you have that are specifically related to getting a job
as a security analyst. For example, critical thinking,
problem-solving, and the ability to build collaborative
relationships with others are transferable skills that most
organizations are looking for. So, highlight those in
your elevator pitch. You could also mention technical
skills you’ve learned in this certificate program, such as using various SIEM tools and
programming languages like SQL and Python
to identify and respond to risks. Now, we’ll cover a few things to avoid
when delivering your elevator pitch. It’s important to avoid rambling, or sharing irrelevant details,
during your elevator pitch. Potential employers only
want to know who you are and why they should consider you for
a security role. As you develop your elevator pitch, you’re going to want to
practice it several times. However, don’t practice it so
much that you end up sounding ingenuine or robotic when it’s time to share your
pitch with a possible decision maker. Instead, speak naturally, like you’re
having a conversation, when you give your elevator pitch. That will help keep people engaged and
interested in what you’re saying. Another thing to avoid:
speaking too quickly. Because an elevator pitch is fairly short, it can be easy to rush through it.
But that can cause people to miss out on some key skills you have to offer,
simply because you sped past them. One last tip: search the internet for
elevator pitches to find examples that may help you
generate ideas for your own pitch. In essence, your elevator pitch
is a way to tell people why you are an amazing candidate for
a security position with great skills and a clear direction for
what you want to do in your career. While it’s natural to be nervous when
speaking to potential employers, just remember: take a deep breath,
gather your composure, and deliver your pitch with confidence,
conviction, and at a normal pace. You’ll be just fine.

Hi, I’m Emily and I’m a
program manager at Google. I work in our security
education space. Imposter syndrome is
a very real thing. There will be days where you feel like you’re riding high, you’re getting everything done, you’re on top of your game. Then there are times
where you feel like I just don’t
know what I’m doing. Everybody else is
doing so much better. Connecting with others in cybersecurity associations
is a great way to combat that
imposter syndrome. Getting involved in cybersecurity organizations
and associations is a great way to grow
your network and frankly build a
community for yourself. It can be really intimidating
to join a new industry. Those folks can support you, and they can also be a
great example of how far you’ve come when you share
your skills with them as well. What helped me when I was
feeling imposter syndrome or just not feeling as confident as I think
I could have been, was connecting with
a trusted mentor. They were really
helpful when I said, “Oh gosh, I feel like
I should know this.” And she said, “There’s no way
you can know everything. We have people who
work on those things across the company and you
don’t have to know everything.” It just helped calm me down and helped me feel
comfortable with what I do know and the skills that I do bring to my organization. It’s really important to
recognize those small wins. I actually like to go to a
special folder I have in my email where I’ve
collected kudos and special emails
that folks have sent me who are
congratulating me on a project accomplishment
or just complimenting me on some skill or something
that I helped them out with. And that really helps buoy my
spirits and reminds me that, yes, I can do this. There is a reason I’m here. Reflecting on your career no
matter where you’ve worked, is a really great way to combat imposter
syndrome as well. It’s a great way to show
how far you’ve come, what skills you’ve
learned and what you’re really going to be able to
contribute in this new field. In the security industry, you’re never going
to know everything, and so it’s important to stay
flexible and fungible and to ensure that you’re
always learning because the industry changes so quickly and
evolves so quickly. There’s not one person who’s
going to know everything. It can be really hard to
maintain your confidence, especially when
you’re new on a job. It’s okay to take time
and to ask questions. There’s never a stupid question. It’s important for you to get information and the
folks around you should be trying to support you
and help you succeed, because they too will
succeed with your success.

You’ve done a great job completing this
section of the course. Let’s take a moment to
review what we’ve covered. We started by discussing how to find and apply for jobs
in the security field. Then, we explored how
to create your resume. Next, we shared
some strategies to develop rapport
with interviewers. We also covered how to
use the STAR Method to answer open-ended interview
questions thoughtfully. We finished by discussing how to develop an elevator pitch. Hopefully, this has
helped you feel confident as you begin to search and apply for jobs in the
security field. Good luck!

Congratulations on completing the final
course of the certificate program! We covered a lot of information, so let’s take a moment to review. We started by discussing
how to protect assets and communicate incidents by
developing a security mindset. Then, we covered when and how to escalate
incidents to the appropriate team members to make sure that small
issues don’t become big problems for an organization and the people it serves. Next, we explored ways to communicate
effectively to influence stakeholders’ decisions related to security. This included discussions about how to use
visuals to convey important information and sending emails, making phone calls, or
sending instant messages. After that, we shared some ways to engage
with the security community, including attending conferences and connecting with
other analysts through a networking site. Then we moved on to the final
section of the course, which covered how to find,
prepare for, and apply for jobs. This included discussions about how
to create a compelling resume and tips to help you navigate
the interview process. It’s been an absolute pleasure
guiding you through this journey.

This certificate covered some
rigorous security content. You could have given
up at any point, but you didn’t. And for that, you deserve to be
proud of yourself! As we discussed at the
beginning of this program, the security field is growing and in need of security
professionals, just like you, to help
protect organizations around the world and
the people they serve. The knowledge and skills
you’ve obtained throughout this certificate program
will allow you to begin applying for entry-level
security analyst jobs. Now, let’s take a
moment to summarize what we’ve discussed
throughout this program. We started by exploring
core security concepts, including the definition of
security and core skills. Then, we covered the focus of
eight security domains and discussed how security supports critical organizational
operations. Following that, we
discussed network security, including network
architecture and the mechanisms used to secure
an organization’s network. In the next course, we
turned our focus to computing basics for
security analysts. In this section, we
introduced Linux and SQL. After that, we explored assets, threats, and
vulnerabilities in depth. This included discussions about how assets are classified and the security controls
used by organizations to protect valuable information
and minimize risks. In the next course, we focused on incident detection
and response. Here, we defined what a
security incident is and explained the incident
response lifecycle. In the following course, we introduced the Python programming language
and explored how to develop code related
to common security tasks. Finally, in the last
course of the program, we explored topics related to your pathway into the
security profession, including how to find
and apply for jobs. You put a lot of
valuable time and energy into completing
this certificate program. Remember that the learning
doesn’t stop here. As you move forward
in your career, always be mindful of the new trends developing
in the world of security. As technology
continues to advance, the threats to organizations and people will evolve as well. It’s up to you to stay informed and always
be willing to learn.

You’ve just completed the Google cybersecurity
certificate. What a remarkable accomplishment that shows just how
committed you are to learning new skills
that will allow you to pursue your career goals. On behalf of myself and my
fellow course instructors, congratulations. You did it. Congrats. I can’t wait to see how many of you
decide to pursue this career and visit some really cool places
in cybersecurity. Way to go. Congratulations. Congratulations. You’re a rockstar. Congratulations. Congratulations. Great job. You did it. Congratulations. Congratulations,
I am rooting for you and wishing you
continued success. Congratulations on your
big accomplishment. Now it’s time to get to work. This is probably one of the best decisions
you’ve ever made I can’t wait to hear about all the opportunities that
you’re going to experience. Congratulations. Congratulations. You’ve
made it to the end and you’re now ready to
keep everyone safe online. Congratulations. Continue
to learn, continue to grow. You’ll find this is a
very rewarding career. Congratulations, you did it. Welcome to cybersecurity. The adventure
continues after this. There’s still a lot more to explore in the world security, but you’re off to a great start. It’s been my
pleasure guiding you through the final
part of this program. I know you’re
well-prepared to begin or continue a remarkable
career in security. Congratulations and best
of luck on your journey.