How Security Skills Can Help You Get a Startup Job
Startups are increasingly vulnerable to cybersecurity threats because they lack the resources to give IT security the attention it needs, say the FBI and security industry executives. So, if you’ve got some background in keeping technology secure, you could have a leg up on other candidates if you’re looking to work for a young company.
“Startups are so busy just trying to survive and make it to the next quarter, that executing at a high level from a cybersecurity perspective is usually really low on the priority scheme,” Stephen Boyer, chief technology officer of Cambridge, Mass-based BitSight Technologies, told the Boston Business Journal. His firm rates companies’ security performance.
Indeed, 80 percent of small businesses fall victim to some sort of attack during their first year of operation, says anti-virus and security software company Symantec. Half of all cybersecurity incidents during 2012 targeted companies with less than 2,500 employees. The most growth was seen in businesses with fewer than 250 employees.
And hackers keep coming up with new kinds of assaults. Lately, they’ve been staging “ransomware” attacks, where they break into a company’s computers and lock users out of critical documents until they’re paid off. A relatively new form of ransomware, called CryptoDefense, infects laptops with trick emails, then locks users out of all of the machine’s contents. If a ransom isn’t paid within 30 days, the encryption key is destroyed and everything on the laptop is lost.
In general, startups can’t afford to hire a dedicated security specialist, but that doesn’t mean they don’t value security skills. This is especially true of tech companies who’ve developed product concepts, marketing strategies and other intellectual property that’s particularly valuable as they’re ramping up.
If you’re talking with a startup about a job, chances are the position’s about areas other than security. Obviously, you have to focus your approach on the problems the company’s trying to address, but that doesn’t mean you can’t work security into the conversation.
If you’ve got security experience, include it as a bullet point in your resume’s top skills section. Under the appropriate professional experience entries, note what you’ve done in particular situations. These bullets should be lower down on your list — remember, you don’t want to distract from the job description’s key requirements.
The same holds true for interviews. When answering questions, indicate your knowledge of security issues by mentioning them in the context of wider projects.
This is a balancing act. Startups face the same security challenges as any other company, but their priorities lie in other areas. Make too much of your security skills here, and you could distract the employer from seeing your core strengths. But make them aware of your experience, and you could show them you’ve got extra value that can solve a problem that looms in the back of every business owner’s mind.