With cybersecurity professionals in high demand, a number of companies are seeking talented cyber experts to add to their ranks and protect against major threats including ransomware and DDoS attacks.
However, when it comes to seeking a cybersecurity position, “information security resumes can be difficult to write,” said Charles Gaughf, security lead at ISC(2). “Depending on the position you are applying to, you are likely trying to convey a lot of information in as small a space as possible. Accomplishments, technical skills, experience, multiple specialties all crammed onto a few pages.”
After reviewing more than a dozen resumes, hiring managers often see them start to blend together, Gaughf said. However, there are a few ways to make yours stand out.
Here are five tips for building a strong cybersecurity resume:
1. Mention of personal passion projects
2. Links to personal github with code projects
3. Involvement in the local security community, such as organization chapters, groups, and meetups
4. Emphasis on accomplishments over technical skills
5. Personal style, and putting your personality into your resume
“All security professionals must have a passion for learning,” Gaughf said. “This field, like others, requires professionals to always be up to date, and have the current lay of the land in regards to threats and our ever-changing landscape.”
The following five elements are general must-haves for cybersecurity resumes, Gaughf added:
1. Well-written and free of errors
2. Targeted to the specific position and organization
3. Simple, concise language
4. Demonstrates relevance to the position
5. Includes measurable accomplishments
For more senior positions, your resume needs to demonstrate your track record, said Ashley Arbuckle, vice president of security services at Cisco. “You see a whole host of different paths that folks take to get into security,” Arbuckle said. “But that track record is really important because it shows a foundation of the knowledge and expertise they have, and their ability to move and transform over time as the market has changed.”
Soft skills are also key to demonstrate, Arbuckle said. “Soft skills are becoming more and more relevant as security moves from the back office to the boardroom,” he said. “You shift to more business enablement as you think about digital transformation and the impact that can have on organization’s ability to move and stay competitive. Security needs to be embedded in that and into the fabric of the overall digitization strategy, and that really takes people skills. It takes the ability to align with stakeholders to understand the business problems that are trying to be solved and connect the dots.”
SEE: Cybersecurity spotlight: The critical labor shortage (Tech Pro Research)
Communication and analytical skills rank high on hiring managers’ lists, Gaughf said. “Cybersecurity is an interesting field–not only do you need to bring the technical skills to the table, you must be relatable, you need to be a people person. These skills all mixed with professional skills are ideal,” he added.
Security positions from entry level to C-suite must be able to discuss complex topics in an easily understandable way, Gaughf said. “You need to be able to speak with confidence, so that others see the value in security and trust what is being said,” he added.
For entry-level employees who are trying to break into the field, the most important thing to communicate is a desire to learn, Gaughf said. “If someone is new to the field or looking to migrate to this field, I would like to see what things you have done to learn about the field,” he said. “Have you taken community classes, have you completed any recent online training? Even if it is non-traditional learning, I want the candidate to show evidence of more than just a passing fancy, but true enthusiasm for the field.”
If your resume makes the cut, you’ll likely be called for an interview. To learn 10 common cybersecurity interview questions you may face, click here.