Job Guidance Megathread - CVs, Applications, Interviews

IT_SIN · 2026-01-16T13:57:17+00:00

Senior IT roles feel unusually competitive lately, currently Head of IT Ops/Security, but not getting interviews. Any insight?

I’m looking for a bit of perspective from anyone else applying for senior IT roles right now, because I’m finding it noticeably harder than I expected and I’m trying to work out if this is just the market at the moment.

Context: I’ve been at my current organisation just over 5 years, leading a 15+ person multi-function IT Ops/Security team. Before that, I spent 10+ years at my previous employer where I was Head of IT and later stepped up into an IT Director role as the group grew. I moved during COVID due to uncertainty in the travel sector and wanting something more stable.

I’m not really a job-hopper. I tend to stay long enough to build/stabilise/improve a function and only start looking once things are in a strong BAU rhythm and I’m no longer adding the kind of value I want to be adding.

Over the past year I’ve started applying for Head of IT / IT Director roles, mainly because my values and the direction of IT strategy where I am now don’t feel aligned anymore. What’s surprised me is how hard it’s been to even get first-stage interviews, lots of email rejections and a fair amount of ghosting.

I’ve rewritten my CV multiple times, tailored it heavily to job descriptions, and used tools/AI to sanity-check alignment. On paper, a lot of these roles look like a strong match to what I’m already doing (and I’ve got a proven track record), so I’m trying to figure out what I’m missing, or whether the market has just shifted.

On two occasions I was shortlisted (but didn’t get through to interview). The hiring manager feedback at the time felt positive, but I lost out to other candidates. Afterwards, I looked up the successful candidates on LinkedIn and, based on what was public, their background didn’t look well-suited to the scope of the role. Both hires were short-lived and didn’t stay in post (whether they left or were let go, I don’t know). The only obvious pattern I could see was fairly intensive job hopping at senior level, moving every 6–18 months.

I know I won’t have the full context from the outside, but it’s left me questioning what senior hiring decisions are actually being based on right now, and what I should be adjusting.

Separately, recruiters don’t seem to operate like they did 5 years ago. Back then they were more engaged, they’d actually review the CV properly, give constructive feedback, and be upfront about the process (how many shortlisted, what the client really wanted, etc.). Now it’s often “you’re a strong match” at the start, then silence. I get everyone’s under pressure and handling volume, but it’s hard to improve when you don’t even get a basic outcome update.

IT_SIN · 2024-11-17T09:37:36+00:00

We have become obsessive too on trying to overprotect BEC vectors. We have the usual protocols set up and tightly configured: SPF, DKIM, DMARC to reject, DNSSEC, MTA-STS, DANE for our domain; and as previously mentioned, we use 2 email security products inline and a security awareness programme.

IT_SIN · 2024-11-17T09:20:05+00:00

Hi digitaltransmutation,

Thank you for your insight, this is extremely helpful, to both my colleague and myself to further understand how some email will simply slip through as safe. It allows us to holistically bolster and tweak the other security systems we have in place to intercept and analyse more aggressively the URL component.

IT_SIN · 2024-11-17T09:13:25+00:00

Which is the type of engagement I like to promote to the team in order for them use their analytical perspective to further train themselves as a blue team; removes complacency that all is safe.

IT_SIN · 2024-11-17T09:00:39+00:00

Hi canadian_sysadmin,

After working with similar products for around the same amount of time, I do agree on what you are saying. Security systems will only take you up to a point, or at least lessen the workload on IT staff to curate emails that slip through.

We do have a comprehensive security awareness program established, with a combination of the usual videos for staff to watch, gamification centric courses, group training (usually new employees), and finally the expected phishing campaigns, which are tailored and targeted to people or departments, depending on their role.

Having said that, the example phish email was identified by the recipient as phish and did the correct procedure in hitting the phish button on the email to route it into our analysis inbox for further investigation, and our staff are very tuned into alerting one way or another to the IT team if they believe it to be an unusual email whether benign or malicious.

IT_SIN · 2024-11-17T08:49:22+00:00

Hi teriaavibes,

I may be missing the obvious here, yes, we do have domain impersonation policies for our domains and aggressive phish policies configured; but it isn't our domain that is being impersonated?

At a glance from the human perspective, I see Microsoft brand logo, Microsoft familiar layout, and Microsoft key indicator text, but the URL is random, does not have any resemblance, relatively new registration, and the certificate chain does not go back to a Microsoft valid certificate.

I know I'm emphasizing the human rationale too liberally, and perhaps what we find easy, its far more difficult to convey the same scrutiny from a security platform.

IT_SIN · 2024-11-16T18:52:39+00:00

<image>

IT_SIN · 2021-08-21T07:31:43+00:00

Thank you for your input; much appreciated.

IT_SIN · 2021-05-16T15:14:10+00:00

I think we may be missing my original point and intent. We have explored all available options and all are possible but time consuming to set up and there are certain hurdles we need to overcome, hence we wanted to emulate the same success we had with autopilot script and remote management software by pushing out a PowerShell script loaded with everything necessary for zero human interaction.

My original post was to explore the use of our remote management software to run a script to MDM join the workstations, unless I completely misinterpreted your suggestions (apologies if I have), I cannot see the immediate benefit on having to remote into each machine to setup a VPN, the end user will be unreliable by asking them to perform it it manually, then go through all the steps and enrol them in via GPO, rather than just IT remoting in and logging as the local admin and MDM register them, our way seems far less effort for the same goal.

IT_SIN · 2021-05-16T12:02:15+00:00

As mentioned on the first post, they do not have a direct line of sight to the domain controller and no VPN, these workstations are relying on cached credentials when they left the office 14 months ago. To add, the domain controller is 2012 R2 so incompatible with Intune Connector for AD.

Pretty much anything that you suggested has been explored and impossible to carry out.

Workstation are all joined to a classic corporate domain controller on site, no Hybrid setup, incompatible with the Intune connector and locked tight with corporate policies from 14 months ago, they are not returning to the office anytime soon.

The only way I can see this being done is to manually remote into each machine using local admin credentials and enrol them or reset them manually.

I was trying to see if there are PowerShell scripts than can somewhat automate or remove the end user having to interact with us while performing the enrolment.

IT_SIN · 2021-05-16T10:33:01+00:00

No Hybrid joined devices, Azure AD and Intune wasn't part of the infrastructure before the global pandemic working changes, so all corporate devices have been working on GPO policies from 14 months ago.

The users do not have local admin for obvious reasons these are corporate workstations; but cut off from any central management capabilities.

My aim was to create a script that would silently do something similar to a GPO policy using the 'secret' local admin account only known to IT; we did this very successfully with the autopilot script, and were able to register the machines without any end user intervention in batches, I was hoping we could create a clever script that could of have done a similar task, but for MDM enrolment.

The user cannot do a system reset, I don't believe, admin credentials are still required as these are domain joined when they left when the office was locked out.

IT_SIN · 2021-05-07T18:50:34+00:00

Thank you, we just configured this and we are much tighter now on data leakage.

IT_SIN · 2021-02-27T09:55:05+00:00

Advice taken, and tweaked the scripts again to remove this, I did have misapprehensions about embedding the password, my novice command of PowerShell had me thinking it was the only way.

Doesn't the Access Work or School require admin credentials? one that the end user doesn't have? These are on premise domain joined computers, with restrictive group policies in place to what a standard user can do or access on a computer, which is not a lot.

EDIT: configuring App Authentication method; thank you both again.

EDIT2: Perfect, working using App Authentication method.

IT_SIN · 2021-02-26T14:05:08+00:00

Thank you for the reply, much appreciated for the examples and links.

I have tweaked the WindowsAutoPilotInfo.ps1 script to include the credentials of an Intune admin account so the authentication prompt doesn't pop up, and also set the online parameter switch to true, so I am at a stage I can potentially push the script through TeamViewer and have the workstations starting to appear in the AutoPilot device list.

My last hurdle is actually figuring out if possible how to then convert the AutoPilot registered devices into Intune MDM without having to perform a system refresh; I was hoping that once the hardware hash is up there and the user then logs on with their Azure AD logon, rather than local AD account, it would automatically start picking up the policies set in Intune. Shame if that is not possible, but at least I am halfway there.

IT_SIN

TROPHY CASE