VIDEO
Amie Dsouza (Southwest Airlines Cybersecurity Program Manager) wants to help you prepare for an interview for a job you want, but don’t have all the required skills for. She will encourage viewers to prepare for the interview and to share additional information about yourself before the interview to demonstrate how you suit the role.
In this ELEVATE session, Amie Dsouza, a cybersecurity program manager at Southwest Airlines, shares tips and tricks for job seekers. She emphasizes the importance of tailoring resumes for each job application and including the specific keywords mentioned in the job ad, and encourages candidates to apply even if they have slightly less experience than specified, as some employers may be open to training.
Like what you see here? Our mission-aligned Girl Geek X partners are hiring!
- Check out open jobs at our trusted partner companies!
- Watch more ELEVATE 2024 videos from the event, or just the “Best Of 2024” Videos!
- Does your company want to sponsor a Girl Geek Dinner or Virtual Conference? Talk to us!
Transcript of ELEVATE Session:
Amie Dsouza:
Hey everybody. Thanks for the warm welcome, Angie and Happy International Women’s Day. As Angie mentioned, I’m working with Southwest Airlines currently as a cybersecurity program manager and since I have a few years of experience of interviewing for jobs, looking for jobs, as well as writing job requisitions and interviewing job candidates, I thought I’ll share some tips and tricks on how you could go about. I want this session to be really interactive. Could I get a sense of how many of you are students, maybe you could raise your hand if you’re a student and you are looking for entry level jobs? Or maybe you could use the thumbs up emoji. Okay. Okay, so there are a few of you. All right. Okay, many of you. Thank you. All right. I’ll try to tailor it half-and-half for entry level as well as experienced professionals. I’m going to share my screen real quick.
I am going to dive right into it. A couple of things while looking for a job. You all know there are lots of softwares out there where recruiters, when you apply for a job, it only reaches the recruiter if it passes by, and I don’t have a lot of knowledge about that. I’m sure you’ve got some tips about that from other sessions as well.
The one thing I definitely know, once it reaches a recruiter, say your resume has all the right keywords for that job. A recruiter looks at your job for two to three seconds maximum.
Make sure what the job ad specifies, especially the main things they’re looking for is in your resume. One size doesn’t fit all. If you’re really serious about applying and trying for that job, make sure you are tailoring your resume for every job you apply. I know it is tiring. It is a full-time job to apply for jobs, but that’s how it is, and that’ll give you the best chance.
We are going to look at a few job ads. These are job ads I’ve taken out of LinkedIn and I have a couple of entry level jobs and a couple of senior level jobs as well, and I’m just going to analyze who could apply for them. Since I’m from the cybersecurity space, some of these terms like the jobs would be in that space, but it would apply for anybody in other technology areas as well.
This job is a fairly straightforward job. This team is looking for a pen tester and they have specified here, they already have a team. They’re looking at adding. a team member to their team. That’s one of the things you need to know that they’re looking at adding a team member. This is not a leadership position. It’s a consultant tester, that kind of analyst, that kind of position.
They have mentioned three years of professional experience. As a person who’s looking for candidates for my team, for example, I would prefer someone who could come join the team and get started. There’s not too much of training time. That’s why some of the jobs will say three years experience, but this shouldn’t deter you if you are a student and you have trained, have some training as a pen tester. If you had it in your college degree and you’ve done some internship around that, I would encourage you to still try for these jobs.
Everyone is optimistic when they’re looking for candidates they want find the right fit, but when they don’t find the right fit, there are some considerations that a manager who’s looking for a job will make.
If they’re not finding people who have enough of experience, they will look at entry level uni grads as well. If they show the right kind of attitude and they have the right kind of writeup in their resumes. This is one tip I would say. If it says two to three years, it’s possible that that team will look at someone who is fairly new to the workforce and will be ready to train. But, you have to show some examples of what you have done in this particular space. Have you done a course? Have you done some actual internship with an organization? And you could give some examples of that as well.
The other thing which I noticed on this job ad was a strong desire and future focus. It looks like they have burned their fingers a little bit. Like they’ve brought in somebody who kept changing their mind, whether they want to be a pen tester or not. If you read between the lines, you’re looking for someone who will be committed to that job, to that role. If you could mention something like that in your resume that would help you at least get to the interview level.
They have specifically mentioned all candidates are subject to a technical interview. If you haven’t done any work in this space and don’t have the training, I wouldn’t suggest because the technical interview will actually test you for those technical skills. If you have any questions, keep posting them. I’ll see if it is relevant. I will try to answer. I’m going to go to the next one.
This is the job for cyber threat intelligence analyst. Again, it’s similar. It’s an analyst role. I would look at it as… To be a cyber threat intelligent analyst, you need to have some experience, some working knowledge. But again, since they have said three years of proven experience, if you have a little bit less than that as well, I would encourage you to apply, still apply. Now they’re looking at certifications. See some of the certifications, CISSP certification, for example. Only someone who has five to six years of experience in cyber would be looking at doing those experience. They’re looking at a rockstar over here. They want someone with three years of experience, but a rockstar. I think it’s a little bit too farfetched. They may or may not get someone who with this kind of a combination. These are the kinds of things you should try and see and apply if you think… This doesn’t really match three years of proven experience and CISSP. It’s not a match, as such. A CISSP would be at least seven years of experience in cyber itself.
If you’re in the cyber space, Security Plus and CompTIA Security Plus are the entry level certifications, which are really, really useful. It just shows your commitment towards that field. I would highly encourage those certifications, but the rest will come as you go through your career. Don’t get bogged down by lots of information in the job ad. Now these are things that these are good to have for them, right? Can you do trend analysis? Do you have social media mastery? Can you look at social media records and look at and understand what kind of threats or indicators are there?
What you should do is still try to understand what they’re looking for and embed that in your resume and that yes, you have gone through social media logs and have found something like this, for example. That will show that you have specific examples for what they’re looking for. Again, because it’s three years experience, even though you may or may not have that much experience, give it a go because you never know. Maybe they’ve been looking for a cyber threat intelligence analyst for six months, have not found one, now they’re ready to train someone. Maybe you’ll be the right person at the right time.
I’m going to touch upon a couple of a little bit senior positions. This is a job ad which I really liked. Identity governance project manager. It is a lead role because they have mentioned leading a team of functional and technical resources. Someone who has enough of experience, but they have kept it pretty broad. They’ve said 10 years experience, but they’ve not said in what. Not specifically that you should have had 10 years experience in identity and access management or in project management.
It looks like they would be okay with someone mid-level and having some experience in each of these areas. That’s how you should read it. Say you have 10 to 12 years of experience in technology, but only three to four years of experience in identity and access management. A couple of years in project management and agile, you should still go for it because since they have not specified that, it looks like they are open to it. Don’t be shy to apply for this role if you have some experience in any of these areas.
This is a great job ad because they have said how you will stand out as a candidate. They have said these are the bonus points. It’s very rare you’ll see this in a job ad. If you have any of these, familiarity with NIST or you have experienced any of these IM products, any of these networking products or security tools, that’ll just make you stand out. If you have it, put it in the resume right up there. In those two to three minutes that the recruiter looks at your resume, they find those keywords. I’m going to do one more.
This is a GRC lead role. IT security, governance risk and compliance lead. It is a big role. It is managing a team definitely, and it helps in IT risk and control assessments, maintenance of IT risk and control catalog. The only thing about this role, if I look at it… I feel like, oh my god, they’re looking for so much of experience. It feels like that. But you’ve got to read each and every line and see where you are at.
Looking at skills and qualifications, again, they have not specifically said how many years in each of these areas, but they have said, do you have some experience in regulatory and compliant assessments, for example? Do you have some experience in maturing cybersecurity processes? If you have touched upon any of these areas, it should be in your resume to be picked up for this.
Some things they have mentioned. Some years of experience, five to seven years in related experience and project management experience. These are some of the keywords I would look at to see whether I have the right skill. Say my background is more in the identity and access management space. I have touched upon GRC a little bit and I have some experience. I have project management experience and experience in information security and audit. I could probably apply for this.
If they don’t get the exact match, they will at least consider me for an interview. That’s the kind of message I’m trying to give. If you have some related experience, at least try for it and highlight what they’re looking for in that job. Okay, so say you have applied for the job, you get selected.
I have a couple of tips for how do you prepare for the job, especially if you don’t have all the skills necessary, but the recruiter still wants to give you a try, that organization still wants to see if you’re the right fit.
Make sure you look up on the responsibilities and tasks like day-to-day tasks involved in that role so you’re familiar when they ask you those questions. In fact, go ahead and hit up some people on LinkedIn or in your network who are in the similar role and see what they do on a day-to-day basis just to get an understanding. You’ve not done that role in its entirety, so you need to have some inside information on what really happens in that role. And for no matter which level, if it’s entry level or senior level, I always recommend doing a 30, 60, 90 day plan.
What would you do if you are given that? Get into the mindset of that role that yes, you have got the job, and what would you do in the first 30 days, 60 days, and 90 days? Do this for yourself, whether you share it with the recruiter or not, do this for yourself. This will put you in the mindset of that role that if you actually get the role, because they will ask you that. Yes, if you are a pen tester and this is the situation you’re in, what would you do? If you plan that out by walking through your 30, 60, 90 day plan, it will help you answer the questions, prepare you for the interview.
And lastly, I do recommend sending a pre-read for the job interview, because people are looking for so many candidates. If you want to stand out and you want to show your commitment towards how committed you are towards preparing for that role, send a pre-read a day or two before your actual interview. The pre-read, now you’ve already sent your resume. They have looked at your resume, they’ve probably had a chat with you. You could just send a little bit about me, as in very specific, not more than seven to eight lines, very specific to that role, what exactly what the skills you have for that role. That’s it. You could have a 30, 60 day plan for leaders who are looking at middle management or senior roles. You should also look at 90, 180, 270 day plan because as a new leader, the first few months is only about establishing yourself.
You can only be productive and actually show some outcomes a little bit later after three, six months, nine months. For leaders, I would suggest you also show the up to 270 day plan. But for anybody else, you at least have to have a 30, 60, 90 day plan. And make sure you send it to the recruiter and make sure the recruiter sends it to the person who’s going to interview you. This will help. A lot of times they will pull it up as part of the interview. That gives you more control at the interview itself. And even if they don’t bring it up, you can refer to it and say, “I sent my 30, 60 day plan to you, and based on that, this is what I would try and do,” in response to any of the questions.
Yep. And that’s it. Yep. I highly recommend a pre-read. It makes you stand out as a candidate, shows your commitments. Definitely try that. No. Anybody. Even if it’s an analyst position, a testing position, doesn’t matter. Even if you are in technology like an engineer position, anybody will need to have this kind of plan. Look it up for specific your role, what would you need to do? And it could be your opinion as well. It makes them aware that you have really thought about that role and if you are appointed, that you will succeed because you are already in that mindset that yes, I’m getting that job.
Like what you see here? Our mission-aligned Girl Geek X partners are hiring!
- Check out open jobs at our trusted partner companies!
- Watch more ELEVATE 2024 videos from the event, or just the “Best Of 2024” Videos!
- Does your company want to sponsor a Girl Geek Dinner or Virtual Conference? Talk to us!