I began the interview process with a phone screen conducted by the recruiter, where we discussed the Enterprise Information Security Architect role within the Incident Response team. During this initial conversation, I shared my background, skills, and experience relevant to the position, particularly as they relate to security architecture, governance frameworks, and aligning security strategy with organizational goals.
Following that, I was invited to a first-round interview with the hiring manager, which took place about a week later. This discussion went very well and was much more aligned with the responsibilities of a security architect. We discussed my architectural approach, experience with frameworks such as SABSA and NIST CSF, and how I could help the team build scalable, business-aligned security architectures to support both proactive risk management and long-term strategic planning.
I was then contacted to schedule a second interview with the manager and several other members of the team. However, this session was heavily focused on incident response investigations and forensics processes—such as how I approach analysis, containment, and investigation of security incidents. There was little to no discussion about enterprise architecture, security frameworks, or aligning business objectives with security capabilities.
Based on that experience, it felt as though the team may either be seeking a forensics analyst or incident responder more than a security architect—or perhaps they were not fully prepared to assess candidates for a true security architecture role. While the team was professional and knowledgeable, the scope of the second interview seemed misaligned with the stated intent of the position.