How to Answer: In your opinion, what's the ultimate goal of information security to an organization, and why is it important?
Advice and answer examples written specifically for a Tanium job interview.
23. In your opinion, what's the ultimate goal of information security to an organization, and why is it important?
How to Answer
This is a simple one to answer, and you should have several good examples of why this is important to an organization. Before we go into the purpose and goal of an IT Security organization, let's examine what you might encounter in a typical IT environment, and why a hiring manager is asking this question.
Depending on the size of the IT organization, the hierarchy might look something like this: CIO/CTO, VP(s), Director(s), Manager(s), Analysts, Developers, Testers, Project Managers, Architects, etc. Keep in mind that there will likely be non-technical team members in the IT department whose roles are to be a conduit or liaison between the business and the technology/security departments. You might be in a panel interview with three or more people from the company you are interviewing at, and one or two of those people might be a Business Analyst or Project Manager who may or may not have a technical background. The reason for this is to get a mix of technology/security and business personnel to participate and ask questions that might be relevant to their role. At the core of your response, your answer should be something like; helping the organization succeed, prosper or grow, and that security is needed to ensure the company runs smoothly and efficiently.
1st Answer Example
"Being mindful that a company's goal is to be successful and run a business is something that I always keep in the back of my mind. Information security performs three critically important functions for an organization. They are:
1. Enable the safe operation of applications implemented on the organization's IT Networks and Systems.
2. Protect the data the organization collects and uses.
3. Safeguard the technology assets of an organization.
As a top priority in my role, I ensure that all company information is stored and kept secure. My number one priority is to protect our company data from threats and provide a virus-free work environment."
2nd Answer Example
"The goals of an Information security organization should align with the goals of the business organization. Knowing this, I can identify with what each is trying to achieve. The Information security organization wants to make sure that they have all the tools necessary to protect the interests of their company and ensure that they can conduct business as usual without interruption to their systems, networks, employees, products, services, and customers. At my last company, it was our policy to inform and train our employees to understand the importance of information security, and to keep confidential information private within the organization."
Anonymous Interview Answers with Professional Feedback
Anonymous Answer
Rachelle's Feedback