August 23, 2009 at 6:37 pm #4177ethicalhack3rParticipant
Ive been wanting to write a CV with all of my infosec experience/education on for a while. Ive started to write it using my ‘regular’ CV as a template.
Is it a good idea to keep two CV’s? One for regular and another for security job applications? (I’m still a full time student)
Ive been told that on my security CV I should also incorporate my other non related work experience as it shows I am flexible. Is this a good idea?
I normally have my date of birth on my CV, is this really necessary?
And finally… does any one have any good examples? tips? advice?
Thanks in advance!
August 23, 2009 at 9:44 pm #26463dalepearsonParticipant
There are many guides around on the net.
If your a student and starting out include all your work experiance would be my suggestion.
Perhaps post a masked version of your CV for review?
August 23, 2009 at 11:41 pm #26464JhaddixParticipant
I keep a good ‘base’ resume for myself, then when i want a job i tailor it to the position I want to apply for.
My basic advice is a resume that goes like this:
1) Personal statement – no one wants to hear an objective anymore, write what you’re passionate about related to the position you are applying for. Mine was all about pentesting and learning new things. Show tenacity, interest, and enthusiasm in this small paragraph.
2) Now we have a choice, if you have a lot of work or volunteer experience then do that next. highlight projects, deadline completions, milestones, training, and cooperating wtih different departments. If you do not have a lot of work experience do your education section next, highlighting interesting projects, groups, awards, research, etc.
3) Do the section you didn’t do before.
4) Small section with awards, certifications, extra training.
5) If you still cant flesh out two pages (or one as some people will say is better) do a self rated proficiencies list. Rate yourself 1-5 on specific things. Mine was pentest/VA so i have nessus, MSF, and all kinds of related products and languages involved in that field. Be honest and comprehensive.
A family member of mine is the lead tech recruiter of Panasonic and this is what i got after reading some good books on tech resumes and conspiring with her.
just my 2c =)
August 24, 2009 at 2:16 am #26465KetchupParticipant
A friend of mine actually ran his resume through a professional resume writer and was able to pass some advice to me. The one thing that really struck me and I hadn’t considered before was to list bulleted accomplishments at the end of the paragraph describing your job responsibilities. If you worked on a difficult project, met an unreasonable deadline, etc, employers want to see it. I really think that I have gotten many more leads after restructuring my resume with the above.
August 24, 2009 at 5:56 am #26466
I see no particular reason why two CVs would be necessary. Maybe when someone has quite a lot of experience etc. and to only list the things which are of interest for a specific job, but especially as a student I would list also other things I have done.
If you are into security and everything but have done previously something like construction worker (e.g. because of money) I would only list it if your CV would be very short without those things, otherwise I don’t think that this would be of interest for your employee.
In terms of your birthdate I would say you have to include it. Is there a specific reason why you are considering to not put it there?
No examples here (I guess it wouldn’t hurt if I write my CV in English too), but there should be many examples available on the net. If you don’t care, you could anonymize yours (and remove “unimportant” details ) in order to let it review others. Maybe this way we could improve it somehow or at least proofread it.
August 24, 2009 at 1:25 pm #26467
awesec: Never put your birthday on your resume. You’re opening yourself up to discrimination. At least where I live, you’re not allowed to ask about age on interviews. I learned that last year when I was interviewing people for a Jr Network Engineer / Help Desk position. The only people who should know your age, is the HR department.
As for gaps in your resume… I worked out of IT for about 2 years. One was spent going to college while living off my savings, the other was spent going to college while working a bar. I usually get asked about the 2 year gap by the head hunters, and the interviewers.
I know different countries different rules.
August 24, 2009 at 3:35 pm #26468BillVParticipant
I also don’t (and wouldn’t) put my birth date on my resume. As noted above, it opens you up to discrimination.
I think Jason offered up a lot of good advice. One thing I’ve been told by recruiters that helps is being very detailed when listing things you have experience with (e.g., instead of ‘firewall administration’ list ‘Juniper SSG540 Firewall administration’).
When/if you focus on what you’ve done with an employer, don’t just bullet responsibilities (many people tend to do this). An employer doesn’t want to see that you were “responsible for the administration of the helpdesk system.” No one cares. Now, if you “implemented a new helpdesk system that cut trouble-ticket response time by 65%” that’s much better. Try to quantify things and make it appealing from a business perspective.
August 24, 2009 at 5:08 pm #26469
Mh interesting bit about the birthdate. In my country we get taught at school that this should/ have to be included beside some other details as well.
Discrimination because the interviewer may assume that one have not much knowledge because of age? Maybe I didn’t think about this one because I have no problem with telling my age nor have any bad experience with this. Just curious, but do you include a picture of yours in the CV or is that also not common in your countries?
August 24, 2009 at 5:24 pm #26470
Pictures aren’t common here. Basically in the US (or at least my part of it) all they want is a documented history of what you thought your work was. If it matches what they need you’ll get an interview.
August 24, 2009 at 5:58 pm #26471BillVParticipant
I don’t include a picture and I would say that’s probably pretty rare here in the US.
Well, I started to type a lengthy reply but decided to skip it. All that I’m going to say is I very much dislike being judged by my age. I’ve pretty much had to deal with that since I was 20 (though it’s starting to go away now) as the youngest in my position across the country for a global company. The strange looks, the attitudes and plain being ignored. I surely wouldn’t want a hiring manager or a recruiter having the same type of attitude after seeing my age on my resume. I want to be judged by knowledge, skills and experience – the way it should be.
August 24, 2009 at 6:45 pm #26472
Interesting to read about how different the same procedure is done in different countries.
I agree with you, that one should not be judged by age, but by knowledge, skills, experience and others – though I must admit that I would probably presume that a fourty year old person have more experience than an eighteen year old. However, just because someone is young, it doesn’t mean that he is not knowledgeable nor have skills.
Thanks for sharing your personal experience with this, Bill.
August 24, 2009 at 7:18 pm #26473AnonymousParticipant
I have found that the one page resume rule really only applies to non-IT related jobs. In IT Security, hiring managers want to see all of your experience and skills. The more experience you document the better.
August 24, 2009 at 8:49 pm #26474ethicalhack3rParticipant
Thanks to all for the great tips/advice. I have removed my DOB from my CV, as I too think it is unnecessary. I have seen people put pictures on their CV’s in France so it must be quite common world wide, not here in the UK tho.
I have almost finished my ‘security’ CV now. One more question… should I include a link to my personal blog? It contains a lot of what I do/have done.
Thanks again everyone! 🙂
August 24, 2009 at 11:09 pm #26475
One more question… should I include a link to my personal blog? It contains a lot of what I do/have done.
No. It’s a personal blog, if they want to see it, they can find it via Google. If it was a professional blog, and only talked about computer security and nothing else, then maybe. Like Jhaddix’s http://www.securityaegis.com site. (Sorry if it’s not a blog). But even then I’d scrub everything I could of personal information.
August 25, 2009 at 12:24 am #26476AnonymousParticipant
The blog thing can be touchy. In my opinion, I think you’d be fine to link it. It’s almost entirely focused on security related content as well as your personal work on DVWA. I would hunt through your archives and make sure there’s nothing that you wouldn’t want them to see. Such as “Went out drinking last night and somehow ended up dancing on the bar naked. Here are some pics!”
August 25, 2009 at 12:45 am #26477jasonParticipant
Definitely keep your professional blog and your personal blog separate. You never know who’s looking at either of them. Even if you monitor the logs, it could be your boss surfing from home. Same goes for Twitter and other similar sites. There are numerous examples if people getting fired, not getting jobs, etc…
August 25, 2009 at 5:05 am #26478
I did not go through all of your posts on your blog, but from what I have seen, there shouldn’t be any problem when including the link in your CV (I mean this one, don’t know if there is a more personal one too). As already said by the others, I too would only include related things and nothing personal (seperation).
What I would definitely include, if you haven’t already, is your DVWA project.
August 25, 2009 at 7:01 pm #26479JhaddixParticipant
I would reference your blog, no address (if theres NSFW content) and then your DVWA project with an address because its very noteworthy =)
- You must be logged in to reply to this topic.