Hello,
Ive been wanting to write a CV with all of my infosec experience/education on for a while. Ive started to write it using my 'regular' CV as a template.

Is it a good idea to keep two CV's? One for regular and another for security job applications? (I'm still a full time student)

Ive been told that on my security CV I should also incorporate my other non related work experience as it shows I am flexible. Is this a good idea?

I normally have my date of birth on my CV, is this really necessary?

And finally... does any one have any good examples? tips? advice?

Thanks in advance!
Ryan

hey ethicalhack3r!

I keep a good 'base' resume for myself, then when i want a job i tailor it to the position I want to apply for.

My basic advice is a resume that goes like this:

1) Personal statement - no one wants to hear an objective anymore, write what you're passionate about related to the position you are applying for. Mine was all about pentesting and learning new things. Show tenacity, interest, and enthusiasm in this small paragraph.

2) Now we have a choice, if you have a lot of work or volunteer experience then do that next. highlight projects, deadline completions, milestones, training, and cooperating wtih different departments. If you do not have a lot of work experience do your education section next, highlighting interesting projects, groups, awards, research, etc.

3) Do the section you didn't do before.

4) Small section with awards, certifications, extra training.

5) If you still cant flesh out two pages (or one as some people will say is better) do a self rated proficiencies list. Rate yourself 1-5 on specific things. Mine was pentest/VA so i have nessus, MSF, and all kinds of related products and languages involved in that field.  Be honest and comprehensive.

A family member of mine is the lead tech recruiter of Panasonic and this is what i got after reading some good books on tech resumes and conspiring with her.

just my 2c =)

I see no particular reason why two CVs would be necessary. Maybe when someone has quite a lot of experience etc. and to only list the things which are of interest for a specific job, but especially as a student I would list also other things I have done.

If you are into security and everything but have done previously something like construction worker (e.g. because of money) I would only list it if your CV would be very short without those things, otherwise I don't think that this would be of interest for your employee.

In terms of your birthdate I would say you have to include it. Is there a specific reason why you are considering to not put it there?

No examples here (I guess it wouldn't hurt if I write my CV in English too), but there should be many examples available on the net. If you don't care, you could anonymize yours (and remove "unimportant" details ) in order to let it review others. Maybe this way we could improve it somehow or at least proofread it.

I also don't (and wouldn't) put my birth date on my resume. As noted above, it opens you up to discrimination.

I think Jason offered up a lot of good advice. One thing I've been told by recruiters that helps is being very detailed when listing things you have experience with (e.g., instead of 'firewall administration' list 'Juniper SSG540 Firewall administration').

When/if you focus on what you've done with an employer, don't just bullet responsibilities (many people tend to do this). An employer doesn't want to see that you were "responsible for the administration of the helpdesk system." No one cares. Now, if you "implemented a new helpdesk system that cut trouble-ticket response time by 65%" that's much better. Try to quantify things and make it appealing from a business perspective.

Pictures aren't common here. Basically in the US (or at least my part of it) all they want is a documented history of what you thought your work was. If it matches what they need you'll get an interview.

Interesting to read about how different the same procedure is done in different countries.

I agree with you, that one should not be judged by age, but by knowledge, skills, experience and others - though I must admit that I would probably presume that a fourty year old person have more experience than an eighteen year old. However, just because someone is young, it doesn't mean that he is not knowledgeable nor have skills.
Thanks for sharing your personal experience with this, Bill.

Thanks to all for the great tips/advice. I have removed my DOB from my CV, as I too think it is unnecessary. I have seen people put pictures on their CV's in France so it must be quite common world wide, not here in the UK tho.

I have almost finished my 'security' CV now. One more question... should I include a link to my personal blog? It contains a lot of what I do/have done.

Thanks again everyone! 

The blog thing can be touchy.  In my opinion, I think you'd be fine to link it.  It's almost entirely focused on security related content as well as your personal work on DVWA.  I would hunt through your archives and make sure there's nothing that you wouldn't want them to see.  Such as "Went out drinking last night and somehow ended up dancing on the bar naked.  Here are some pics!"