Not Technical Enough

Created in November 20, 2025

2025   ·   career   technical   interviewing   scripting   ·   career


Link

Not Technical Enough


The Introduction.

So, I read a post on LinkedIn one time from a job empowerment specialists describing being rejected as being not technical. They attributed the feedback to discrimination citing obtaining the Security+ and CISSP as proof of technical demonstration. Scrolling through the comments showed a kind of defensiveness and refusal to onboard feedback. Now, at the time, I had the Sec+, which is nowhere near a technical exam, so the situation struck me as odd.
Fast forward, this week, started prepping the CISSP and the first sentence of the study guide is that this is not a technical exam. I am not the type to rip into someone in the comments section so I let it go at the time. Now, as I was thinking about a blog topic, wondered if there are other people who suffer this confusion about the term “technical.” So, here are my thoughts on the matter.


Caveat

Technical enough is a relative phrase and varies heavily depending on the interviewer and position. Sometimes, I still get the feedback, even though I have technical exams and entire technical blog. Just keep in mind that there is no “silver bullet” that will solve this problem. So, I would suggest following a defense-in-depth strategy and choose multiple techniques and just keep grinding. The more we do that is one less recruiter that will pass on us for not being technical enough.


Exams

Going to start with exams since that is what the post used as reference. You should focus on exams that have a distinct technical component to them. I liked the OSCP. We had an entire lab to get through. Then, for the exam, we were given five IP addresses and just told “Good luck.” In addition to a technical exam cert, I also had “war stories” so to speak about different accomplishments throughout the journey. I can hear you asking “BD, what if we don’t like offensive security.” Fair play, HackTheBox has Certified Defensive Security Analyst and CyberDefenders has the Certified Cyber Defender if Blue Team is more your thing. The advice I give junior analysts who join my company is to avoid exams where passing the exam is the achievement. Take exams where the whole journey is filled with achievements.


Boxes

Do you get exam anxiety? Never fear, you can take boxes. On the red team side, HackTheBox and TryHackMe have hundreds of boxes to you can get down with your bad technical self. The thrill of popping a shell and cat/type that sweet, juicy flag. I have you covered too my Blue Team comrades. CyberDefenders and Blue Team Labs Online. All of the PCAP analysis, DFIR, and Malware reverse engineering that will cover all of your technical needs. Gamified. Interesting.


Portfolio

Once you start taking your flags, then what? Do you just list the number on your CV? You should consider creating an online portfolio to demonstrate all the boxes you have taken and code you wrote. Something concrete that the employers can see. It makes it more real than just a story you tell them. They can read your voice and see demonstrations of your technical prowess. This is important because having a live portfolio will make it difficult to ignore your technical chops. If you need something to help you get started, I know an excellent blog post that will walk you through setting up a blog.


Repos

I mentioned code that you wrote for the blog. Setting up some repos to showcase the code is probably a good idea for that part of your portfolio. Which code? The sky is the limit. I like to write Buffer Overflows. You can see them on this site. But if that is not your cup of tea, helper scripts, yara and sigma rules, automation are all excellent ideas. Write the code and host them in a repository. Then, give them a section on your portfolio something mimicking an interview whiteboard session.


Open-source projects

Struggling to come up with ideas? Open-source projects are another good avenue for you to contribute to get your technical credentials. Find a project you are super passionate about or use all the time and figure out how you can contribute to it. Make your push requests and document it. Or at least make sure that it gets listed on your CV.


Other Ideas

Have other ideas? Perfect. This list isn’t meant to be exhaustive. Just remember, the main thing that you are trying to prove is that if I were to put you in front of a keyboard, can you do the job. Any idea that you have that will go to furthering the narrative that the answer is emphatically yes is a great idea and you should do it. Consider having a brainstorming session and figuring out what will work for you. There is no set path or answer. Just have fun with the struggle getting there.


Management

Since the CISSP is a management exam, maybe you had your sight set on that. You don’t want to work with the amazing nerdism that I like to work on and present. That is perfectly ok too. The CISSP would make sense for that role. However, you have to be honest with yourself about just not being technical. Embrace your inner manager. I promise I will be more than nerdy for the both of us. I’ll avoid management roles like they carry the bubonic plague; I am happy in the weeds. Be comfortable in your own skin, at the end of the day.


Reflections

It is a grind to stay technical. An equal blend of doing the work and showing it off to the world. But, if you find yourself doing MCQs, you might not be going down the technical path, which is fine if that is what you want. But, after that is done, grab your favorite caffeinated beverage and put those fingers on the keyboard and get to work.

The best advice for people struggling with “Not Technical”:

You have to put fingers on the keyboard to prove technical.


Tools Referenced:

  • Tool free week!

Similar Content:

  • Coming soon!

Did you find this helpful? Please let me know!