NOTE: I wrote “Understanding Why Side Projects Are Looked At So Highly in Tech” in January 2017. This is an updated version of the article. I am no longer using the term “side project” because the term is heavily connotated with Software Engineering. If you are aiming for a career in Cyber Security, doing Capture The Flag competitions or building a malware lab is equivalent to doing a software side project. The message is the same for Software Engineering, Program Management, Cyber Security, UI/UX, and countless opportunities: projects outside of the classroom are important. I am not deleting the original article for referencing and recordkeeping.

It is no secret that tech companies place high value on projects done outside of the classroom when making hiring decisions. Most of the top companies including Google 1 and Facebook 2 will not even consider you if you do not show any projects done outside of the classroom. Microsoft’s posting for Software Engineering and Program Management summer internships lists “some experience building software beyond the classroom environment” as one of the qualifications.

Qualifications for Microsoft Summer Internship 2020

Many have asked me why projects done outside of the classroom environment are so highly valued by companies for internships and full-time opportunities in tech. Let’s delve into understanding why.

Interviews can only go so far. Interviews can reveal your competency in a subject area, but they do not reveal your natural interest in building and breaking stuff, ability to learn quickly, or ability to work on something for a long time.

Such projects will open up a deeper and engaging conversation. Peeking at samples (e.g., source code, writing) reveals a lot. A question I always ask candidates is something along the lines of: “tell me about a project that you have worked on” 3. This is where I can assess candidate’s ability to analyze costs and trade-offs, remark about programming style, writing abilities, passion, and personality. A fantastic outcome of such conversation is if both the candidate and I learn something from each other.

They demonstrate your ability to apply what you have learned in the classroom. Students have been trained all their life to do homework assignments, take tests, and perhaps aim to get top grades for classes. This cycle does not reflect how the real world works. The aim of homework assignments is to apply recent concepts learned. Most assignments are one-offs. Tests, quizzes, and certifications almost never show anything about a person’s hands-on abilities. For most, there are not enough opportunities in the academic setting to put-it-all-together. Sadly, the result is many students graduate with a Computer Science degree but do not feel they know how to program as evident by this sobering discussion on StackExchange.

They demonstrate your ability to learn on your own. Compared to when I was a Computer Science student in the Dot-com days, there is now a plethora of JavaScript and web frameworks, Machine Learning packages, security tools, microcontrollers, databases, integrated development environments (IDEs), and the list goes on. The barrier and cost of entry for the technologies are very low. There is a massive collection of resources (e.g., documentation, examples, courseware) available on the Internet. There are communities (e.g., meet-ups) and conferences for special interest and topics. What is certain: (1) there will be more technologies released in the future, and (2) you will be asked to work on something using technologies you are not familiar with. It is very difficult to keep up with the pace of technology and innovation. The technology or framework that you are using today may be obsolete tomorrow. You need to demonstrate your value and your ability to adapt quickly. I didn’t take a course in web development when I was an undergraduate, and I didn’t take a course in mobile development (it didn’t even exist): I had to learn them on the job and on my spare time.

This is especially important if you want to get into Cyber Security: most college and certification courses do not “provide all of the skills and practical experience needed to become a desirable candidate for an entry level position” 4. Josephine Wolff wrote: “the skills needed for cybersecurity jobs aren’t easy to learn in the classroom. Some of these skills can be taught in the classroom, through checklists of where to look for possible weaknesses and tools that can be used to help conduct those assessments. But the most effective red teams, like the most effective attackers, find vulnerabilities that no one has ever thought of before —-much less included on a course syllabus. It can be hard to reward those skills —-much less teach them in a college course where there are supposed to be clear expectations and learning objectives, well-defined grading rubrics and set schedules.” 6

They demonstrate your ability to work on unstructured problems. This is the complete the opposite of assignments in an academic setting: the problem is defined (sometimes too defined), the answer(s) are known in advance. This is a reason why classroom projects listed on a résumé hold much lesser weight. I’ve been appalled by how students are generally uncomfortable with working on unstructured and open-ended problems. The problem becomes glaring during students’ first internships as I constantly see comments in Curricular Practical Training (CPT) reports such as “I wish my supervisors had described the overall structure in a little more detail” or “I was simply freaking out with the fact that I did not have an assignment with a roadmap.” My response is always: “welcome to reality.” The professional world “is unstructured, with competing priorities and decisions that need to be made on the fly. College is very task-based: take an exam, finish a paper, attend a club meeting, go to practice. The workplace is more of a mash-up of activities with no scheduled end.” 5

They help build your track record and portfolio. Just doing the bare minimum coursework is not enough to get you opportunities. Experience and track record are paramount for any opportunity from first full-time opportunity out of college to senior-level position. How can people trust you and your work when you have little or nothing to show for?

The bottom line: you cannot, and will not, learn everything in classroom. It is impossible. If you do not want to put in the effort to go the extra mile, someone else already has. The amount of information and technologies available is massive and accessible. In fact, many people learned programming or Security without a Computer Science degree. A few years ago over lunch, my friend Jeff Seibert said two words that still resonates: no excuse –there is absolutely no excuse to not take advantage of the opportunities, tools, technologies, and resources that are available and accessible. While it is impossible to learn everything that is available, there is absolutely no excuse to not learn something. You’re not asked to build the next great app on the side; the point is to show that you can do something –the bar isn’t that high.


  1. How to Increase Your Chances of Getting an Internship at Google (LinkedIn)

  2. Here’s what it’s really like to be an intern at Facebook (Business Insider)

  3. Preparing For A Technical Interview (LinkedIn)

  4. Starting an InfoSec Career – The Megamix – Chapter 6 (hacks4pancakes)

  5. Many colleges are failing to prepare students for their working lives (Washington Post)

  6. How Do You Get Students to Think Like Criminals?