Believe it or not, some people want to be managers.
There are few resources about how you prepare yourself to get a manager job, much less in cybersecurity. So I to decided to add something that hopefully others can learn from and make their own. This post is meant to be a concise guide to interviewing for management positions in cybersecurity, but certainly not all-inclusive.
Disclaimer: If you don't want to be a manager, there is nothing wrong with that at all, but this post may not be for you. Also, becoming a manager is not selling out; it's just learning and using a different skillset.
For the sake of this post, I’m considering a “manager position” to be one that has leadership accountability for a team of people and the HR responsibility to hire/coach/fire them. Being a "leader" is different, and anyone at any level can do this. You'll need to be good at both managing people and leadership to be successful.
Becoming a manager in any field typically requires a person to demonstrate many skills that have nothing to do with the team of people they are leading.
But at the same time, with tech teams, you also have to demonstrate enough “street cred” to lead a team of more technical people. You have to be able to talk shop, understand enough of the “how,” and filter and translate direction and strategy outwards and upwards.Getting Ready for the Interview
You’ll be expected to speak about your principles and approaches on a wide range of non-technical topics for the interview.
Be prepared to cover:
- Your management style
- Your leadership style
- Your perceived weaknesses
- How you motivate and lead teams
Be prepared to speak in summaries about:
- How you drive and manage work
- How you influence and lead others
- How you motivate people
- How you engage and convince stakeholders
- How you manage expectations upwards
Be prepared to speak in more depth about:
- What you are passionate about
- What kinds of problems you like to solve
- Where you feel you provide the most value
- How you get support from the people you lead
Be prepared to come with examples of:
- How you reduced risk through strategic planning
- How you made security easier for your end-users
- How you enabled the business in a secure way
You might have noticed something about that above in that it has very little to do with cybersecurity. If you recognized that, you'd be spot on. These are softer skills; these are skills that show how you manage work and get the buy-in from everyone around you. The higher you move up, the less it becomes about the work itself and the more it becomes about WHAT outcomes you achieved and HOW you got them done. The rest is details.
How far you can go in a management career will always be bounded by your ability to convince all the people involved that you know the best way to navigate to a successful outcome.
Other Resources that Can Help
Here are some other resources to get you prepared to think and act as both a leader and a manager in the cybersecurity field:
- An interesting take on management philosophy
- A Twitter thread on the books that helped me the most throughout my career
Most of this is stuff you can’t fake, at least not for long. You have to have real experience navigating these things and proving yourself, but you’ll never get the chance if you don’t sell yourself when you have a shot.
Get the free weekly newsletter recapping funding news in the cybersecurity space.