eLearnSecurity Blog

How To Craft A Strong InfoSec Resume

How do you get security managers to say “I want that guy on my team!”? It’s all about writing your resume in a way to showcase yourself as the right solution for each employer. Here’s how.

Professional Experience

1. List Your Current & Past Responsibilities

In this section of your resume, you should make a list of your most important responsibilities. Hiring managers have limited time and often judge your resume within seconds. Make those seconds count by starting each bullet point with a verb, then include a power word.

For example, your number 1 task may be “Performed (verb) successful (power word) weekly vulnerability assessments” or “Assisted the incident response team and security engineers”.

However, verbs and power words are just not enough. You want to quantify each responsibility to add more value to your statement, and make it look more real. See below.

2. Describe Each Task In 1 or 2 Sentences

After you’ve listed all your responsibilities, add a short description to show your accomplishments with your current/past employer and show quantitative metrics/value when possible.

Following the previous example, your new bullet point will look something like “Performed successful weekly pentests resulting in 1,200 vulnerabilities found and fixed” or “Assisted the incident response team and security engineers to improve current processes and controls“.

3. Research Your Aspiring Employer’s Issues

Researching your aspiring employer’s problems will allow you to write your resume in a certain way. Indeed, knowing what your aspiring employer’s issues are, you can highlight the responsibilities you’ve had in the past that will most likely make sense. That is, your responsibilities listed should showcase how YOU, the application, will be able to solve his problems, and make his, the employer, life easier.

Simply show your skills and appear as a perfect fit for the job.

If you have no way to actually know what the company’s issues are, have a hard look at the job offer and listed responsibilities.

Offering someone’s a solution to their problem is the best way to get on their “good fit” list.

4. Build Your Personal Brand

Building your personal brand is becoming increasingly common, and can be of great value when trying to prove that you are the right fit for a role. You can build your personal brand via blogging, social media, or various networking sites and events.

If you’ve written articles in the past that are related to the job you are applying to, it can be a good idea to add their links to your application. This smart move will showcase that the knowledge listed on your resume is real, because you’ve previously written about it. In addition, it’ll establish credibility and thought leadership.

This can be a deal-maker for your employer because it proves that holding you by the hand won’t be necessary, as you are already a professional in your field.

Skills & Competencies

While experience might have the most impact on your resume, it’s good to focus on your skills as well –especially if you’re only just beginning your career or barely entered the information security field. In this case, thoroughly list your professional and soft skills.

For example, if you’re applying to become a cybersecurity consultant, and you have experience writing because you’ve also been blogging, then you might want to add how your writing skills acquired by this activity helped you write spotless PenTest reports that clients really appreciate and understand.

Professional skills, both theoretical and practical, are a crucial part of your resume, but so are soft skills. By writing your resume in a way that shows your aspiring employer that you can be the solution to some of his company’s problems, you’re ensuring yourself a space on the top candidates podium.

(Secret) hint: curate a piece of content about an issue mentioned in the job offer, and send it with your application. This will show your potential employer that you have not only thoroughly researched the offer, but also potential solutions to the company’s issue and that you are motivated to do the job right. If you have written about this specific issue in the past, that’s even better, send your article and prove your knowledge on the topic.

Aspiring to discover the world of Penetration Testing and Red Team engagements? Get your Penetration Testing Student training course (PTS) in Barebone Edition for free by registering with our sister company and world renowned security magazine The Ethical Hacker Network (EH-Net).


Connect with us on Social Media:

Twitter | Facebook | LinkedIn | Instagram

Tags: , , ,

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Go to top of page