Information security career resume tips
Introduction - Make the most of your six seconds of fame
When your resume hits a hiring manager’s desk, they’ll spend an average of six seconds reading it. Six seconds. That’s a tiny window of time you have to communicate a lifetime’s worth of work history, skills, education and more. But though it sounds like an impossible task, you can absolutely sell a hiring manager on your candidacy by following a few information security career resume guidelines.
Making a good first impression on the hiring manager is your first step towards getting an interview. While that may sound self-evident, it’s often easier said than done. It’s hard to know what to put on your resume since every hiring manager has different expectations. A one-size-fits-all approach just isn’t going to cut it. However, there are certain details that cybersecurity hiring managers always want to see, and listening to their cues will help your resume get the right kind of attention.
What should you learn next?
At this point, some of you might be thinking, “but I already have a resume!” That’s awesome — you’re already ahead of the curve! But keep in mind that cybersecurity is a constantly evolving industry. If your resume hasn’t been updated in a year, it’s time to pop it open and freshen it up.
Take a look at these top tips for making an outstanding cybersecurity resume:
Keep your resume simple
Resume format is just as crucial as the actual content of your resume. Even if your headings and bullet points are written beautifully, they may not get read if they’re presented in a way that confuses the reader. The rule of thumb is to keep the format simple and easy to understand.
- Use bolded section headings to let readers know exactly what to expect in that section (education, technical skills, work history and so on)
- Stay away from big blocks of text or paragraphs — readers will glaze over them. Instead, break your accomplishments up into pithy, easily digestible sentences. Each sentence should start with a bullet point
- Stick to one page for entry-level jobs. For middle-level and senior-level positions, you can go up to two pages. Make sure your content is concise and on-target; eliminate any fluff
The “plain and simple” rule also applies to the overall look and design of your resume. You don’t need graphics, bold colors or intricate designs to catch a hiring manager’s eye. In fact, a resume that looks too busy or exotic can backfire. According to Google’s head of HR, “Unless you’re applying for a job such as a designer or an artist, your focus should be on making your resume clean and legible.”
Soft skills are just as important as technical skills
Charles Gaughf, security lead at (ISC)2, explains that "cybersecurity is an interesting field — not only do you need to bring the technical skills to the table, you must be relatable, you need to be a people person. These skills all mixed with professional skills are ideal."
In other words, your knowledge of network security is just as important as your communication or problem-solving skills. Penetration testers, for example, need to break down technical concepts and explain them in layman’s terms to non-IT staff. Other examples of soft skills include problem-solving, attention to detail, collaboration and leadership.
Don’t throw spaghetti at the wall
If you’re unsure of how best to market yourself, you may feel the urge to pile information onto your resume with the hope that the hiring manager will sift through it and find what they’re looking for. Now think back to that six-second rule. They don’t have time to do a thorough line-by-line reading of your resume; instead, they’re looking for the nuggets of relevant information they need to confidently move you to the “interview” stack.
The best-written resumes will immediately demonstrate relevance to the position in a clear, concise way. “Content that does not relate to the job and does not address what qualifications a candidate has for a job can absolutely eliminate a candidate who may have accomplished many of the tasks that job is looking for, but was not articulated in the resume,” according to Elizabeth Harrison, Senior Recruitment Partner at Decision Toolbox.
Use active voice to play up your achievements
Your resume is all about shining a spotlight on your achievements and accomplishments. Despite it being the perfect opportunity to show off, we’re socially conditioned to downplay our achievements for fear of sounding like we’re bragging. This results in many people writing resume bullet points starting with “soft” words like helped, assisted with and handled. Erase those generic verbs and instead hook the reader with a strong action verb that showcases your skills.
Your accomplishments should be specific
Hiring managers hate vagueness and don’t like hypotheticals. The best way to build up their confidence in you is by giving them detailed, concrete proof of things you’ve done on the job. In other words, instead of writing a statement like “knowledgeable about incident response,” beef it up to read: “Perform real-time cyberdefense incident handling like forensic collections, intrusion correlation and tracking, threat analysis and direct system remediation to support deployable Incident Response Teams (IRTs).” You can find this example bullet point and more on CyberSeek’s Career Pathway Tool.
It benefits you to be as specific as possible when describing your experience and skills. Back up your claims by including measurements when possible — this builds up your credibility in the mind of the hiring manager.
Links to LinkedIn, personal GitHub, website and so on
It’s safe to say that social media is completely shaking up the hiring process. While certain age-old hiring traditions like the cover letter and suit-and-tie interview are still common, employers also have many more options at their disposal when it comes to getting to know their candidates. LinkedIn, personal websites and blogs are all fair game.
A 2018 CareerBuilder survey concluded that 70% of employers use social media to screen candidates. “It’s great to see LinkedIn profiles that are engaging and built out with lots of detail. Added bonuses are resume attachments, project work, videos or blogs,” says Karen Whyte, Senior Recruiter.
Keep hobbies focused
Hobbies are distracting and don’t do anything towards building a case for why you’re the best fit for the job. Activities you can include are ones directly related to cybersecurity like personal projects, professional organization memberships, articles or papers you published and blog posts you’ve written.
Keep your writing simple and straightforward
Avoid throwing out huge words or using complicated language to try to impress the manager. At many companies, especially the larger ones, your resume will have to get the green light from HR before it’s passed on to the cybersecurity hiring manager. Keep in mind that HR reps are not experts in your field and instead rely on the job description as a benchmark for how well your resume lines up with the role. To avoid confusion, take cues directly from the language used in the job description and keep your language simple and straightforward.
Proofread and spell-check
Once you’re done writing your resume, the last step is to proofread it, since spelling and grammatical errors hurt your credibility. It may sound self-evident, but minor errors easily slip past even the sharpest set of eyes. Before you apply for a job, have a friend or colleague read your resume in case they catch something you didn’t. Or you can use a free proofreading tool like Grammarly.
Submission time!
Once you’ve run through this checklist, you’ll have an eye-catching new resume to share with hiring managers and recruiters. Don’t let the resume writing process intimidate you. By investing just a little bit of time, you can transform a basic list-style resume into a well-organized document packed full of your achievements.
Your new, upgraded resume will have a huge positive impact on your job search. And when a hiring manager is skimming through literally hundreds of resumes, standing out is the key to getting an interview!
What should you learn next?
Sources
- How to make your cybersecurity resume stand out: 5 tips, TechRepublic
- This Is Exactly What Hiring Managers & Recruiters Look For When Scanning Resumes, Glassdoor
- 5 Things People Reading Your Resume Wish You Knew, The Muse
- Keep It Clean: Social Media Screenings Gain in Popularity, Business News Daily
- 185 Powerful Action Verbs That Will Make Your Resume Awesome, The Muse
- Cybersecurity Career Pathway, CyberSeek
In this Series
- Information security career resume tips
- Top-paying cybersecurity jobs and salary trends for 2024
- The importance of IT certifications in boosting your career
- Understanding the role of a network engineer in IT
- The role of the chief information officer (CIO) in cybersecurity
- What is a network engineer and how to become one?
- What does a system administrator do and how to become one?
- Cyber security hiring: Tips and best practices
- Cybersecurity soft skills: Career benefits of public speaking
- CompTIA Data+ certification: Opening doors to new careers
- Surviving cybersecurity burnout: Tips from industry experts
- How to make a mid-career change to cybersecurity
- 7 top security certifications you should have in 2024
- The Changing Role of the Modern SOC
- Discover the top 5 information security management certifications
- CySA+ versus CASP+: Is the CySA+ good enough for a career in cybersecurity?
- The best cybersecurity jobs in 2023: Trends, roles and salaries
- Top 10 penetration testing certifications for security professionals (2023)
- How to land an entry-level cybersecurity job: Essential skills and certifications
- 133 cyber security training courses you can take now — for free
- Breaking down barriers: How to make cybersecurity more inclusive and diverse
- Computer forensics interview questions
- The digital security forensic analyst salary guide
- Applying linguistics to cybersecurity: The journey of Jade Brown, a 2022 Infosec Scholarship winner
- The Path to “Career 4.0”: Amy Bonus leverages humanities, FinTech experience to bring Cybersecurity to the layperson
- Security engineer: Degree vs. certification
- Cybersecurity engineer: CyberSeek
- Infosec Accelerate Scholarship winner highlights essential qualities of a successful cybersecurity professional
- Career skills, imposter syndrome and intelligence-led pentesting | From the Cyber Work desk
- Cloud security engineer interview questions and answers
- Prior preparation results in a big payoff for Jason Mondragon, an Army veteran transitioning into cybersecurity
- Infosec scholarship winner Kandice Kucharczyk salutes her mentors as she sets her sights high
- Which CompTIA cert is right for you: Security+, PenTest+, CySA+ or CASP+? [updated 2023]
- How VetsInTech and Infosec Laid the Path to Gaurav Panta’s New IT Career
- Infosec 2022 scholarship winner Anthony Torres: Bringing the Marine Corps ethos to the cyber domain
- Infosec Scholarship winner Chris Chisholm knows the power of service and diversity in cybersecurity
- Betta Lyon Delsordo, Infosec scholarship 2022 winner, is a true life-long learner
- A veteran transitions from military medical logistics to multi-national security analyst
- An Army National Guard member fast tracks his cybersecurity career transition with VetsinTech
- How a career harnessing Navy nuclear energy can power a transition to a Security+ certification
- What is a cloud administrator? Essential roles and skills
- Security control mapping: Connecting MITRE ATT&CK to NIST 800-53
- Should you take the CCSP/SSCP before the CISSP? [updated 2022]
- (ISC)² certifications: The ultimate guide [updated 2022]
- CCSP vs. Cloud+ [updated 2022]
- Data architect: The ultimate career guide
- The ultimate guide to ISACA certifications: Overview & career paths [updated 2022]
- I failed IAPP’s CIPP/C certification. Here’s how I recovered
- How learning to be "Always Flexible" helped a Marine in earning the Security+ certification
- How to learn and pass your next certification exam
- Mission accomplished: How one army veteran turned neurobiologist moved into cybersecurity
Get certified and advance your career
- Exam Pass Guarantee
- Live instruction
- CompTIA, ISACA, (ISC)², Cisco, Microsoft and more!
Professional development
Professional development
Professional development
Professional development
The role of the chief information officer (CIO) in cybersecurity