CyberHire
Request invitation

Real challenges.
Real candidates.
Unreal hiring.

CyberHire is the technical screening platform for cyber security teams. Real boxes, real challenge environments, real skills. No CV astrology, no paper tigers, no second-guessing who can actually do the job.

Request your invitation code See how it works

14 days free · No credit card · No sales call required

MA

Maya Andersen

SOC Analyst Tier 2 Screen

Completed 14m 22s
3 / 5 Privilege escalation
Solved · 04:37
candidate@box-7f3a:~$sudo -l
(ALL : ALL) NOPASSWD: /usr/bin/less
candidate@box-7f3a:~$sudo less /etc/hosts
:!/bin/bash
root@box-7f3a:/#id
uid=0(root) gid=0(root) groups=0(root)
Flag captured. Submitting answer.

Candidates

19 of 24 completed · sorted by score

MA

Maya Andersen

94 14m HIRE
02
JL

Jordan Li

91 19m HIRE
03
PR

Priya Raman

87 23m HIRE

Really scary statistics we did not verify

$4.88M

Average cost of a data breach. Add $1.76M when caused by a skill gap.

IBM Cost of a Data Breach 2024

30%

Of first-year salary lost per bad hire. Before you count the cost of hiring again.

US Department of Labor

84 days

Average time to fill a UK cyber security role. Longest of any tech discipline.

DCMS Cyber Skills 2024

57%

Of certified cyber pros lack the practical experience to back the cert.

ISACA State of Cybersecurity 2024

From job spec to test

Upload your job spec. Get a custom hiring test. Instantly.

This isn't 1999 so why do we still hire like it? Drop a JD into CyberHire and get back a complete assessment, calibrated to what the role actually needs. Edit it, customise it, send it.

Job spec

empty pasted · 287 words

Paste or drop a job spec here

Tier 2 SOC Analyst

Banking · UK · hybrid

We are hiring a Tier 2 SOC Analyst to join our 24/7 security operations team. The role focuses on alert triage, threat hunting, and incident response handover.

Required:

  • · 3+ years SOC experience
  • · Strong KQL and Microsoft Sentinel
  • · Linux command-line proficiency
  • · Packet analysis with Wireshark or tshark
  • · Incident response exposure
  • · MITRE ATT&CK familiarity

Generated assessment

READY

Waiting for a job spec

SOC Analyst Tier 2 Screen

6 challenges · ~50 min · hands-on

  1. 01

    KQL Threat Hunt

    Sentinel-style log investigation

    10 min
  2. 02

    Privilege Escalation

    Linux terminal · sudo misconfig

    10 min
  3. 03

    PCAP Triage

    Lateral movement detection

    8 min
  4. 04

    Auth Log Investigation

    Brute force + persistence

    8 min
  5. 05

    Incident Response

    Multi-stage scenario triage

    9 min
  6. 06

    ATT&CK Mapping

    TTP knowledge check

    5 min

Works for every cyber role you hire. SOC, pentest, cloud, AppSec, forensics, IR, malware, threat intel, GRC.

Custom challenges

Describe the scenario. Get the challenge.

When the library does not have what you need, write a sentence. AI generates the environment, the questions, and the grading criteria. You review, tweak, publish.

Your description

waiting 47 words
Describe the scenario you want to test...

A SOC analyst challenge where the candidate investigates a brute-force SSH attack on a Linux server. They should identify the attacker IP, check if any logins succeeded, find the persistence mechanism, and recommend a remediation.

1 AI credit

Generated challenge

READY

Waiting for a description

SSH Brute-Force Investigation

Linux terminal · ~12 min · hands-on

Environment

  • Ubuntu 22.04 sandbox box
  • Pre-loaded /var/log/auth.log with attack traces
  • Persistence planted in /etc/cron.d/

Questions (5)

  1. 01 What is the attacker's source IP address?
  2. 02 Did any login attempts succeed? If so, which user?
  3. 03 Where did the attacker plant their persistence?
  4. 04 Which command would you run to remove it?
  5. 05 What hardening would prevent the attack vector?

Or pick from a library of hand-built challenges across every cyber discipline. Both work.

The candidate experience

Leverage real tools. Don't hire them.

Candidates triage phishing in an email client. Investigate Security Events in a Windows Event Log style viewer. Write KQL in an editor built to match Sentinel. Pop a shell in a real Linux box. Let your candidates showcase their skills.

candidate@box-7f3a / privilege-escalation

candidate@box-7f3a:~$ sudo -l

(ALL : ALL) NOPASSWD: /usr/bin/less

candidate@box-7f3a:~$ sudo less /etc/hosts

: !/bin/bash

root@box-7f3a:/# id

uid=0(root) gid=0(root) groups=0(root)

[ challenge solved · privilege escalation · 04:37 ]

Logs Hunting Workbooks
SecurityEvent Last 24 hours
SecurityEvent
| where EventID == 4625
| where IpAddress == "185.143.223.47"
| summarize count() by Account
► 12 results 0.21s
Accountcount_
administrator247
root183
backup91
jsmith14
Mail · Focused inbox Reply · Forward · Report

IT Support Team

ACTION REQUIRED: Password Verification

Contoso IT Security · Verify your credentials...

IT Helpdesk

RE: VPN Access Request

Hi Sarah, your VPN access has been...

Human Resources

April Payslip Available

Your April payslip is now available on...

Email Headers Raw source

ACTION REQUIRED: Password Verification

IT Support Team <it-support@contoso-secure.com>

Dear Employee,

As part of our ongoing security improvements, we are requiring all employees to verify their credentials by end of business today.

Verify Your Password Now

If you do not complete this verification, your account will be temporarily suspended.

Event Viewer File · Action · View · Help

▸ Custom Views

▾ Windows Logs

Application

Security

Setup

System

▸ Applications and Services

Security Number of events: 356
Keywords Date and Time Source Event ID Task Category
🔑 Audit Failure 10/04/2026 10:58:00 Security-Auditing 4625 Logon
🔑 Audit Failure 10/04/2026 10:56:00 Security-Auditing 4625 Logon
🔑 Audit Success 10/04/2026 10:54:00 Security-Auditing 4624 Logon
🔑 Audit Failure 10/04/2026 10:52:00 Security-Auditing 4625 Logon
🔑 Audit Success 10/04/2026 10:50:00 Security-Auditing 4672 Special Logon
components/UserProfile.jsx React
12const UserProfile = (user) => {
13 const bio = user.bio;
14 return (
15 <div>
16 <div dangerouslySetInnerHTML={{ __html: bio }} />
17 </div>
18 );
19};
Stored XSS via dangerouslySetInnerHTML on untrusted user.bio

A real Linux box. SSH in, work like you're on the job.

Built to match the Microsoft Sentinel Logs UI keystroke for keystroke.

Phishing triage in a familiar inbox layout. Headers and raw source on tap.

Native Windows Security Event triage. Same columns, same icons, same workflow.

Syntax-highlighted code review with the languages your AppSec team actually reviews.

Insights and analytics

Open the dashboard. Pick your hires.

Score distributions, skill breakdowns across the cohort, time analytics, integrity flags, ranked candidates. The data sorts itself, the dashboard surfaces the people you should be talking to. You make the offer.

The old way

312

CVs to read

23h

screening

6w

to fill

James Wilson

5 yrs SOC, CISSP, GCIH

unread

Sarah Chen

3 yrs IR, SC-200

unread

David Kumar

7 yrs cloud security, CCSP

unread

Emma Brooks

4 yrs AppSec, OSCP

unread

Marcus Lee

6 yrs threat intelligence

unread

Lena Park

5 yrs forensics, GCFA

unread

Tom Reed

8 yrs pentest, OSEP

unread

Priya Patel

2 yrs SOC analyst

unread

Olivia Stone

4 yrs detection engineering

unread

Daniel Cole

6 yrs malware analysis

unread

Aisha Khan

3 yrs GRC, CISA

unread

Carlos Vega

7 yrs IR, GCIA

unread

Maya Andersen

5 yrs SOC + KQL specialism

unread

Noah Tremblay

Self-described "cyber ninja"

unread

Robert Singh

10 yrs CIO, transitioning

unread

Hannah Walker

Recent grad, CompTIA Security+

unread

Jordan Li

5 yrs SOC, GCIH, KQL strong

unread

Priya Raman

4 yrs SOC, Sentinel exp

unread

James Wilson

5 yrs SOC, CISSP, GCIH

unread

Sarah Chen

3 yrs IR, SC-200

unread

David Kumar

7 yrs cloud security, CCSP

unread

Emma Brooks

4 yrs AppSec, OSCP

unread

Marcus Lee

6 yrs threat intelligence

unread

Lena Park

5 yrs forensics, GCFA

unread

Tom Reed

8 yrs pentest, OSEP

unread

Priya Patel

2 yrs SOC analyst

unread

Olivia Stone

4 yrs detection engineering

unread

Daniel Cole

6 yrs malware analysis

unread

Aisha Khan

3 yrs GRC, CISA

unread

Carlos Vega

7 yrs IR, GCIA

unread

Maya Andersen

5 yrs SOC + KQL specialism

unread

Noah Tremblay

Self-described "cyber ninja"

unread

Robert Singh

10 yrs CIO, transitioning

unread

Hannah Walker

Recent grad, CompTIA Security+

unread

Jordan Li

5 yrs SOC, GCIH, KQL strong

unread

Priya Raman

4 yrs SOC, Sentinel exp

unread
Then you interview 25 of them.
The new way

19

tests sat

2m

to review

8

ready to hire

Ranked by performance

MA

Maya Andersen

94

HIRE
02
JL

Jordan Li

91

HIRE
03
PR

Priya Raman

87

HIRE
04
OS

Olivia Stone

82

HIRE
05
DK

David Kumar

79

HIRE
06
CV

Carlos Vega

76

HIRE
07
AK

Aisha Khan

73

HIRE
08
LP

Lena Park

71

HIRE
Character interview + culture fit.

6 weeks

spent reading CVs and scheduling interviews

2 minutes

picking the people who really know their stuff

Anti-cheat

Cheaters are creative. We are paranoid.

Cheating in 2026 looks like a second monitor with ChatGPT open, a friend on Discord, taking a picture of the question with your phone, hiring somebody to take the test for you. We let you capture every signal that matters and algorithmically score candidate integrity.

TO

Tom Okafor

SOC Analyst Tier 2 Screen · Completed in 28m 14s

Risk score

41/100

REVIEW
IP 81.143.62.118
Geo Manchester, United Kingdom
Browser Chrome 122 / Windows 11

Integrity events

4 triggered · ranked by severity

Excessive paste 3 events · 247 chars

Concentrated in Q3. Largest paste was 184 chars into the free-text answer.

high
Multi-monitor detected 1 event

Second display connected at 14:32, 11 minutes into the session.

high
Tab visibility lost 12 events

8 of 12 in the final 5 minutes of the session.

med
Keystroke cadence outlier Q4 only

Inter-keystroke intervals were uniform within 4ms variance.

med

Passed checks

Standard signal sweep

No fullscreen exits No copy events Browser supported Consent recorded Webcam snapshots captured KQL introspection clean
Suggested action: manual review of Q3 and Q4 Open session log

Three integrity tiers. Standard, Secure, Proctor. And no, ChatGPT does not type like a human.

How it works

Three steps. From spec to shortlist.

Build the test, invite the applicants, view the results. Each step, what it actually looks like.

01

Build the test.

Hand-pick challenges from the library, or paste a job spec and let AI draft a full assessment for you. Mix and match types, set the duration, publish in a minute.

Roughly 60 seconds.

New assessment Draft

4 challenges · 38 minutes · hands-on

  • KQL Threat Hunt

    Sentinel editor · 10 min

    KQL

  • Privilege Escalation

    Linux terminal · 10 min

    TERM

  • PCAP Triage

    Network forensics · 8 min

    PCAP

  • Incident Response

    Multi-stage scenario · 10 min

    IR
  • + Add more from the library
Saved as draft
02

Share with applicants.

Drop emails in by paste or CSV. Or generate a public share link for the job board. Each invitation carries a one-time token, a consent flow, and a 7-day expiry. Hit send. Close the laptop.

Sub-2 minutes.

Send invitations SOC Analyst · Tier 2
To
MA maya.andersen@gmail.com JL j.li@northshore.io PR priya.r@protonmail.com TO tom.okafor@outlook.com +21 21 more recipients
25 invitations · expire in 7 days
03

View the results.

Candidates take the test in their browser on real infrastructure. Answers graded, integrity checked, rankings automatic. Open the dashboard when they are done. The top of the list is your shortlist.

Under 5 minutes per review.

Ranked candidates 19 of 24 complete

78

Avg score

22m

Avg time

8

Ready to hire

MA

Maya Andersen

96% accuracy

94

HIRE
02
JL

Jordan Li

92% accuracy

91

HIRE
03
PR

Priya Raman

89% accuracy

87

HIRE
Plus 5 more recommended for offer See all →

First mover advantage

Three years ahead of the room.

While the market is still arguing about CV page length, you are shipping the best team you have ever built. By the time everyone else catches up, you will be eating their lunch. Seven reasons you are already in a different weight class.

01 Validated, practical skill

Better capability. More credibility.

Hire people who can actually triage, query, reverse, and respond. Your median-time-to-detect moves in the right direction the week they start, and the board notices.

02 From GBP 299 / mo

One hire and it pays for itself. Several times over.

A mis-hire costs about 30% of first-year salary. Our Starter plan costs about 30% of one day's billable consultancy.

03 Async screening at scale

Screen hundreds of candidates. Without interviewing them.

Bulk invite your entire applicant stack. Scores ranked, integrity flagged, shortlist surfaced. You only book interviews with the people actually worth meeting.

04 Test flight, not paperwork

You wouldn't hire a pilot without a test flight.

Your security team is flying your entire operation. When it crashes and burns, the cost is measured in regulatory fines, breach disclosures, and a very awkward board meeting. Put them in the simulator first.

05 Audit-ready workforce competence

Regulators be regulating.

Every serious framework wants documented evidence your security team can actually do the job.

ISO 27001:2022 Clause 7.2

Requires documented evidence that security personnel are competent, based on education, training, or experience.

SOC 2 CC1.4

Explicit requirement to "attract, develop, and retain competent individuals."

NIS2 Article 20/21

EU. Management bodies must ensure staff have "sufficient knowledge and skills."

DORA Article 13

EU financial services. Training "commensurate with role."

NIST CSF 2.0 PR.AT-01

Personnel must possess knowledge and skills to perform tasks.

06 Blind, skills-first, standardised

People deserve a fair shake.

We believe in fairness. Your filters are quietly rejecting hidden gems. The self-taught analyst. The career-switcher. The one without the university logo. Skill-first testing drags them back in.

07 AI grading - ranked dashboards

Oh, and get your evenings back.

The forty hours you used to spend on screening become forty minutes of decision-making. Sometimes the little things are large.

Pricing

Price, price, baby.

You didn't think we were going to hide the pricing, did you? We're not that saas-y. Four plans. Top-ups when you need them. 14 day free-trial.

Free Trial

Kick the tyres for two weeks.

£0 £0 /mo

14 days, no card 14 days, no card

Request invitation
  • 5 candidate invites
  • 1 team seat
  • Library access (limited)
  • 3 AI credits
  • Standard integrity
  • Secure & Proctor modes
  • Custom branding

Starter

For growing teams.

£299 £249 /mo

per month, billed monthly £2,988 billed annually

Request invitation
  • 25 invites / month
  • 3 team seats
  • Library access
  • 10 AI credits / month
  • Standard + Secure integrity
  • Proctor mode
  • Custom branding
Most popular

Pro

Hiring often. Multiple roles. Branded.

£799 £669 /mo

per month, billed monthly £8,028 billed annually

Request invitation
  • 250 invites / month
  • 10 team seats
  • Full library access
  • 30 AI credits / month
  • All three integrity tiers
  • Custom branding
  • Custom email templates

Enterprise

MSSPs and larger security functions.

£1,499 £1,249 /mo

per month, billed monthly £14,988 billed annually

Request invitation
  • 500 invites / month
  • Unlimited team seats
  • Full library access
  • 75 AI credits / month
  • All three integrity tiers
  • Custom branding
  • Priority support

Our Starter plan costs about 30% of one day's billable consultancy.

Come back if you want a call

Try it.
We'll put the kettle on.

14 days free. Invitation only. Request a code, get up and running in minutes. No demo required. No sales call required.

Request your invitation code Talk to sales

14 days free · No credit card · Code in your inbox once we have reviewed