Assessing candidates: key skills for cybersecurity professionals By: Kiana Seitz August 22, 2024 Estimated reading time: 7 minutes. The current talent skills gap in cybersecurity is wide and growing every year. While employers may feel rushed to hire cybersecurity professionals to fill the void, it’s important to make sure your organization is hiring quality candidates with proven skills. In fact, the security of your data, network, and devices depends on it. Learn more about what you should be looking for in your next new hire to build your cybersecurity team the right way. Technical skills and competencies A candidate’s technical skills should be the first consideration you make, as this tells you whether they have the knowledge required for the role. Here are five essential (and in-demand) technical cybersecurity skills and how you can assess candidates to see if they have them. Network security Network security protections, such as access controls, VPNs, sandboxing, and firewalls, can prevent bad actors from taking down a network or acquiring sensitive information. How to assess a candidate’s skills: Ask them to answer scenario-related questions. You can also create a simulation activity to see how they might evaluate current activities and policies, uncover vulnerabilities, or conduct penetration testing. Application security and encryption These activities involve building secure application code so bad actors can’t access the data stored inside the application. How to assess a candidate’s skills: Use an assessment platform to test for basic knowledge of programming languages, numerical reasoning, web application architecture, and security frameworks. Examining past applications the candidate has developed can also help you evaluate this skill properly. Additionally, Capture the Flag (CTF) exercises allow you to test for skills in specific categories, like cryptography and reverse engineering. Risk assessment and threat modelling Risk assessment identifies and prioritizes threats to your network. Threat modelling takes it a step further, selecting and implementing security mitigations to withstand attacks and documenting the outcomes of those solutions. Risk assessment identifies and prioritizes threats to your network. Threat modelling takes it a step further, selecting and implementing security mitigations to withstand attacks and documenting the outcomes of those solutions. How to assess a candidate’s skills: Present candidates with hypothetical scenarios or real-world case studies to test their risk assessment and management skills. You can also use behavioural interview questions to ask about past scenarios in which they’ve had to manage specific risks in their current organization. Finally, use capture-the-flag events and other hands-on activities to see how a candidate assesses risks and models solutions in real time. Karolina Dacheva, Head of Customer Success at Businessmap, often cites risk assessment as one of the top technical skills for cybersecurity professionals. She also highlights the fact that her company uses a mix of technical interview questions, hands-on tasks, and evidence from past work to assess this crucial skill. Threat hunting and analysis Threat hunting and analysis take a more reactive stance by detecting existing threats and anomalies and investigating those issues to find a solution. How to assess a candidate’s skills: You can gauge these skills by asking about a candidate's experience with SOAR solutions or how they’ve used programming knowledge to create their own tools. You can also look for evidence of analytical skills in online tests or use hands-on simulations to see how well the candidate can detect and analyze threats. Incident response and forensics Incident response and forensics are about detecting and containing data breaches and properly investigating what happened. How to assess a candidate’s skills: One of the best ways to assess these skills is to simulate a data breach and have a candidate develop a response plan. Additionally, you can test their knowledge of forensic tools and protocols and evaluate their experience using forensic principles in a post-incident response. Upgrade your team’s cybersecurity proficiency with Lighthouse Labs’ Cybersecurity reskill course. Or, design a custom cybersecurity course tailored to your company's needs. Discover Internal Talent Development Solutions Soft skills that make a difference A candidate’s technical skills demonstrate their cybersecurity-specific knowledge. However, assessing their soft skills helps you understand how effective they’ll be at their job, especially when it comes to cultural fit and working as a team. Here’s a rundown of the soft skills cybersecurity professionals need and a few suggestions on how to check for them. Problem-solving Problem-solving is the ability to quickly analyze a situation and determine how best to fix it. How to assess a candidate’s skills: Situational or behavioural interview questions can help you understand a candidate’s problem-solving skills, while case studies, simulations, and CTF challenges allow you to see them in action. Communication Cybersecurity professionals must be able to articulate technical concepts to non-technical colleagues in various settings and write technical reports on their threat assessment findings. Consequently, both oral and communication skills are key. How to assess a candidate’s skills: Make it a point to observe the candidate’s oral communication skills during their interview. It can also be helpful to give them a specific scenario and have them role-play how they would communicate it to various stakeholders. Teamwork Cybersecurity professionals must be able to collaborate with each other and those outside their teams. How to assess a candidate’s skills: Behavioural interview questions and personality assessments can help you decide whether this is a strength for a candidate. In a recent Lighthouse Labs interview, Fraser Health Authority Director of Information Security Penny Longman told a story about needing to articulate the concept of a “kill chain” and the importance of password protocols to a senior manager who didn’t have the same technical knowledge or skills as she did. Longman discussed how critical it was to have empathy and be able to see the situation from another person’s perspective. This situation highlights how important it is to ask these behavioural interview questions, as this skill can make all the difference in developing effective cybersecurity protocols across an organization. Dacheva validates this perspective by discussing how Businessmap’s hiring team has identified effective communication and teamwork in candidates by having them explain complex technical concepts to non-technical team members during the interview stage. Subscribe to our newsletter and stay in the loop with the latest updates and community events at Lighthouse Labs. Sign Up Adaptability Cybersecurity threats are always evolving. As such, cybersecurity professionals need to be able to quickly adjust to new conditions, risks, and technology. How to assess a candidate’s skills: Simulations and behavioural questions about specific times when the candidate has had to switch up their thinking or plan of action are great ways to test this skill. Understanding industry certifications Certifications have become a widely accepted way for candidates to validate their skills. Here’s a brief overview of a few popular cybersecurity certifications and what they signify about a candidate’s knowledge. Certification Skills validated Benefits to employers Lighthouse Labs Cybersecurity Diploma Network security Incident response Coding Threat detection engineering Forensics Threat defence operations Blue team fundamentals Secure design principles Graduate proficiency in line with CompTIA Security+ Intensive, immersive training Job-ready on day one Essential soft skills training Practical and theoretical knowledge CompTIA Security+ General security concepts Threats, vulnerabilities, and mitigations Security architecture and operations Security program management and oversight Validates basic skills ISO/ANSI-accredited Hands-on, performance-based questions Certified Ethical Hacker (CEH) Network scanning Enumeration Vulnerability analysis Malware threats and social engineering Session hijacking SQL injection Wireless networks Mobile platforms Cryptography IoT and cloud computing Comprehensive Global recognition Assurance that candidates have gone through hands-on training with challenges and competitions Prepares candidates for emerging threats with training in IoT and cloud computing Certified Information Systems Security Professional (CISSP) Security and risk management Asset security Security architecture and engineering Communication and network security Identity and access management Security assessment and testing Security operations Software development and testing ANSI/ISO/IEC accredited Global recognition Confirms that the candidate has had five years of work experience in multiple cybersecurity domains Tests a broad range of fundamental skills Practical assessments and challenges Technical education is undoubtedly important for helping cybersecurity professionals build useful skills for a variety of roles. However, practical assessments are necessary for candidates to showcase that learning and determine how they’ll react in real-world situations. CTF challenges, hackathons, and simulations like picoCTF (from Carnegie Mellon University) and Hack the Box are all useful ways for organizations to assess hands-on abilities. In Lighthouse Labs’ Navigator Series, George Al-Koura, CISO at Ruby Life, mentioned his preference for practical experience over certifications — as long as candidates can bring receipts and evidence of skills from practical exercises and use cases. Dacheva says she uses CTF challenges and simulations to evaluate a candidate’s ability to handle pressure, solve problems, and make decisions in an emergency. Staying updated with emerging trends Cybercrime is on the rise and has become more costly than ever. The International Monetary Fund suggests that one of the most powerful actions businesses and organizations can take to combat this issue is to periodically assess the cybersecurity landscape to identify new risks. This is especially important with the proliferation of new technology, including blockchains, artificial intelligence, and IoT devices. With businesses “going digital” at unprecedented rates, cybersecurity professionals must stay current on trends and threats and be ready and willing to adapt to new problems and protocols. With that in mind, it’s wise for hiring managers to take time to assess candidates’ awareness of and adaptability to these issues. In an interview with Lighthouse Labs, Dominic Vogel, President of Vogel Leadership and Coaching, mentions a time when a friend of his in a senior cybersecurity position interviewed a musician transferring into the field. While the interviewee was able to admit his technical weaknesses, he demonstrated adaptability by highlighting how his knowledge of numbers from his music career would be an asset to his development of cryptography skills. This interaction shows the importance of behavioural interview questions in assessing adaptability. Dacheva often achieves the same goal using CTF challenges to see how candidates work under pressure when curveballs are thrown their way. Evolve alongside the exciting cybersecurity industry Upskilling your team with up-to-date cybersecurity techniques is crucial for staying ahead of emerging digital threats. Thankfully, Lighthouse Labs’ robust training courses can help your talent improve their technical and soft skills. If you’re looking to hire job-ready talent who’s already trained on these modern concepts, you can contact our team to find tech grads who have the full gamut of skills required to protect your organization at every turn. Connect with Lighthouse Lab’s Internal Talent Development team to learn more about training your team. Learn more about hiring job-ready tech graduates. FAQs What are the top 3 skills for cybersecurity experts? Risk assessment, system security, and network architecture are among the top skills today’s cybersecurity experts need. According to Jeremy Shaki, co-founder and CEO of Lighthouse Labs, three of the most important soft skills for those coming into the profession include business acumen, research, and communication. What makes a good candidate for cybersecurity? Good cybersecurity candidates have a mix of technical and soft skills. They should also obtain basic certifications and strive to garner hands-on experience through simulations and practical challenges. What skills and qualifications are needed for a cybersecurity professional? Cybersecurity professionals should seek education through bootcamps and learning programs. In some cases, they may need to solidify that training by obtaining certifications, which can help them refine skills like network security, encryption, programming, threat hunting and analysis, and incident response. What are the technical skills required for cybersecurity? The technical skills required for cybersecurity will depend on the specific role a candidate wants to secure. However, network security, risk assessment, knowledge of programming languages, and incident response are integral for all roles. Key skills summary