8 Questions Cybersecurity Pros Should Ask Hiring Managers
Not too long ago, the consensus on the economy was that it was firing on all cylinders. Unemployment was low, investment across all sectors was through the roof, and within the cybersecurity vendor community, opportunities for career growth and change proliferated. Then, suddenly, the sentiment changed.
Inflation skyrocketed, the stock market went into a tailspin, and investment tightened based on speculation that interest rates would increase—which became an eventuality. In the cybersecurity world, the combination of negative general economic sentiment, dire messaging from VCs to founders, and sizeable layoffs at organizations that recently raised vast amounts of cash had a tangible effect on the people (talent) that make up an industry. People are staying put, and who can blame them? During periods of uncertainty, it’s most comfortable to go with the “devil you know,” but that’s not always the best strategy.
Few professionals we speak with consider that there are also risks involved with staying in their current situations. Staying in a deteriorating or stagnant situation simply because it’s the “devil you know” can have negative career consequences. When it’s clear the status quo at one’s current place of employment is unsustainable, passing up a chance to explore opportunities only serves to limit a professional’s options in the event their company implements a reduction in force.
At that point, that professional is not interviewing and, if the market contracts further, the opportunities presented will be more limited and substantially more competitive. This can lead to a downward spiral that can be damaging, usually in the form of extended unemployment. And—like it or not—there’s the perception of “if you haven’t been hired by now, there must be something wrong with you.”
To mitigate the negative outcome of staying put in a bad situation and the uncertainty of moving to a new organization, acquiring data that allows for assessing a company’s medium-term viability is critical.
Here are items to consider asking, especially when determining the viability of startups, which tend to dominate the cybersecurity vendor landscape today.
Who are the investors?
Understanding which individuals and entities are investing in the company you’re considering is critical. A lot can be gleaned from how well previous investments have worked out. While not all investments will be home runs, a track record of favorable outcomes indicates a robust due diligence process.
Another element that’s important is subject matter expertise. Do the investors know cybersecurity? They will sit on the board, mentoring founders and driving goals. If an investor is not familiar with the industry, sometimes the goals and objectives can be unrealistic, ultimately leading to failure.
What is the financial runway, and how long until the company needs to raise the next round?
A financial runway is defined by how long a business can operate on its raised funds. For startups, the road to revenue and profitability can be winding and arduous, so it’s essential to know how long current cash reserves will last relative to current and planned operations. To be clear, most startups will raise several funding rounds until an event (an IPO or acquisition) occurs. So, while probing into the company’s financial runway, inquiring into plans for future rounds should also be part of the due diligence process.
How much is revenue contributing to that runway?
While most startups operate in the red, it doesn’t mean there’s no meaningful revenue. Understanding how much revenue is offsetting expenses today can provide insight into the financial health of an organization. It also gives you more insight into the overall runway and how revenue helps extend the time between funding rounds.
What is your hiring plan, and how sustainable is it against the cash runway?
This is a big one. In the recent frenzy of cybersecurity funding, a trend of extensive hiring took root. It turns out that saturating business units with too many professionals too fast results in significant reductions in force when ROI isn’t achieved in a timely manner. Understanding the hiring plan, its logic and overall expectations will provide insight into whether the strategy is realistic and sustainable against cash-on-hand.
Is the C-suite committed to the hiring plan you just outlined?
It’s often assumed that the C-suite is on board with an executive’s hiring plan; however, that’s not always the case. Understanding how the role you’re interviewing for aligns with C-level strategy will provide important context into the potential for longevity with a startup.
What needs to be accomplished on this team and company-wide to ensure this job remains secure?
This is a great way to feel out expectations in the short-, mid- and long-term. This line of questioning opens a window to serious dialogue around the company’s overall strategy. This allows for an assessment of how realistic the goals are and whether they can be accomplished based on your experience.
Are you confident in long-term success, and are you planning to be here for the foreseeable future?
It’s not far-fetched that a hiring manager is on the way out when interviewing you. (Really, this happens!) While a manager is employed at a company, they are obligated to perform their day-to-day duties, which include hiring. This is a great way to probe whether the hiring manager is on the way out.
Why?
Executives are really good at driving conversations. The simple question “why” is a great way to fully go down the rabbit hole. Specifically related to the question of the hiring manager’s plans for staying at the company, asking this very simple question provides you the opportunity to hear what it is about this startup that has the person sitting across from you committed.
By asking the questions above when considering a new opportunity in the cybersecurity space, you’ll be able to better assess whether you should leave your current situation.
