Home » Security Leadership » Career/Staffing

10 Tough Job Interview Questions, and How to Answer Them

Recently hired CSOs share what hiring execs want to know in interviews.

Good sales and leadership skills are critically important. After all, what good is all that vision and experience if you can't persuade others to your way of thinking? Veteran security executive Pamela Fusco, an adviser to the Information Systems Security Association, has often been asked to make a sales pitch for a particular business case during an interview. "Executive management needs to know that you can talk at multiple levels and build a business case," says Fusco.

6. How do you sell security to the company at large?

Influencing the average employee also comes with the job, and it's often the greatest challenge for security executives. "You have to demonstrate that you can make people change even when they don't want to," says Robert Garigue, vice president for information integrity and chief security executive for Bell Canada. Candidates should go into an interview with examples of situations in which they were able to change ingrained behaviors and long-established processes to accomplish a security goal.

7. Why are you leaving your current job?

This is a question where CSO candidates can sabotage themselves by going negative. It's important to be honest but to also stay positive. Perhaps you are looking for greater opportunities for development, a new career challenge or to launch into a different industry or type of company. Don't use the interview to vent about the inadequacies of your current job.

"I've witnessed a lot of senior security position interviews where the individual was crying over spilled milk," says Kevin Lampeter, chief security and fraud officer with a global financial services firm. "If the conversation is about what everyone did to make their job harder, that tells me that they didn't take ownership. That reflects on a candidate's ability to be collaborative and their interpersonal skills." Airing dirty laundry is also poor judgment, says Lampeter. If a candidate is speaking poorly of his current employer, chances are good he'll do the same thing to the next one.

8. Are you willing to be accountable for security?

This question digs into your knowledge about government regulations that apply to the prospective employer. A candidate needs to be conversant with any regulations that affect the company he's interviewing with, and must show he can integrate business requirements into an overall security program and organization. "They take for granted that you understand all the baseline physical and IT security stuff," says Champion. "They want to know: [Do] you understand their compliance environment and Sarbanes-Oxley? Can you interpret a SAS 70 report from an IT vendor? How will you keep them out of hot water with regulators, auditors and shareholders?"