.

Information Security CV advice

<<

ethicalhack3r

Full Member
Full Member

Posts: 139

Joined: Fri Nov 28, 2008 11:29 am

Post Sun Aug 23, 2009 1:37 pm

Information Security CV advice

Hello,
Ive been wanting to write a CV with all of my infosec experience/education on for a while. Ive started to write it using my 'regular' CV as a template.

Is it a good idea to keep two CV's? One for regular and another for security job applications? (I'm still a full time student)

Ive been told that on my security CV I should also incorporate my other non related work experience as it shows I am flexible. Is this a good idea?

I normally have my date of birth on my CV, is this really necessary?

And finally... does any one have any good examples? tips? advice?

Thanks in advance!
Ryan
<<

dalepearson

Sr. Member
Sr. Member

Posts: 357

Joined: Thu Nov 09, 2006 10:03 am

Post Sun Aug 23, 2009 4:44 pm

Re: Information Security CV advice

There are many guides around on the net.
If your a student and starting out include all your work experiance would be my suggestion.

Perhaps post a masked version of your CV for review?
<<

Jhaddix

User avatar

Sr. Member
Sr. Member

Posts: 317

Joined: Wed Oct 29, 2008 10:25 pm

Post Sun Aug 23, 2009 6:41 pm

Re: Information Security CV advice

hey ethicalhack3r!

I keep a good 'base' resume for myself, then when i want a job i tailor it to the position I want to apply for.

My basic advice is a resume that goes like this:

1) Personal statement - no one wants to hear an objective anymore, write what you're passionate about related to the position you are applying for. Mine was all about pentesting and learning new things. Show tenacity, interest, and enthusiasm in this small paragraph.

2) Now we have a choice, if you have a lot of work or volunteer experience then do that next. highlight projects, deadline completions, milestones, training, and cooperating wtih different departments. If you do not have a lot of work experience do your education section next, highlighting interesting projects, groups, awards, research, etc.

3) Do the section you didn't do before.

4) Small section with awards, certifications, extra training.

5) If you still cant flesh out two pages (or one as some people will say is better) do a self rated proficiencies list. Rate yourself 1-5 on specific things. Mine was pentest/VA so i have nessus, MSF, and all kinds of related products and languages involved in that field.  Be honest and comprehensive.

A family member of mine is the lead tech recruiter of Panasonic and this is what i got after reading some good books on tech resumes and conspiring with her.

just my 2c =)
<<

Ketchup

User avatar

Hero Member
Hero Member

Posts: 1021

Joined: Fri Jul 04, 2008 7:44 pm

Location: Philadelphia, PA

Post Sun Aug 23, 2009 9:16 pm

Re: Information Security CV advice

A friend of mine actually ran his resume through a professional resume writer and was able to pass some advice to me.  The one thing that really struck me and I hadn't considered before was to list bulleted accomplishments at the end of the paragraph describing your job responsibilities.  If you worked on a difficult project, met an unreasonable deadline, etc, employers want to see it.  I really think that I have gotten many more leads after restructuring my resume with the above. 
~~~~~~~~~~~~~~
Ketchup
<<

UNIX

User avatar

Hero Member
Hero Member

Posts: 1244

Joined: Mon Apr 28, 2008 9:20 am

Post Mon Aug 24, 2009 12:56 am

Re: Information Security CV advice

I see no particular reason why two CVs would be necessary. Maybe when someone has quite a lot of experience etc. and to only list the things which are of interest for a specific job, but especially as a student I would list also other things I have done.

If you are into security and everything but have done previously something like construction worker (e.g. because of money) I would only list it if your CV would be very short without those things, otherwise I don't think that this would be of interest for your employee.

In terms of your birthdate I would say you have to include it. Is there a specific reason why you are considering to not put it there?

No examples here (I guess it wouldn't hurt if I write my CV in English too), but there should be many examples available on the net. If you don't care, you could anonymize yours (and remove "unimportant" details ) in order to let it review others. Maybe this way we could improve it somehow or at least proofread it.
<<

rattis

User avatar

Hero Member
Hero Member

Posts: 1172

Joined: Mon Jul 27, 2009 1:25 pm

Post Mon Aug 24, 2009 8:25 am

Re: Information Security CV advice

awesec: Never put your birthday on your resume. You're opening yourself up to discrimination. At least where I live, you're not allowed to ask about age on interviews. I learned that last year when I was interviewing people for a Jr Network Engineer / Help Desk position. The only people who should know your age, is the HR department.

As for gaps in your resume... I worked out of IT for about 2 years. One was spent going to college while living off my savings, the other was spent going to college while working a bar. I usually get asked about the 2 year gap by the head hunters, and the interviewers.

I know different countries different rules.
OSWP, Sec+
<<

venom77

User avatar

Hero Member
Hero Member

Posts: 1905

Joined: Mon Dec 11, 2006 3:23 pm

Post Mon Aug 24, 2009 10:35 am

Re: Information Security CV advice

I also don't (and wouldn't) put my birth date on my resume. As noted above, it opens you up to discrimination.

I think Jason offered up a lot of good advice. One thing I've been told by recruiters that helps is being very detailed when listing things you have experience with (e.g., instead of 'firewall administration' list 'Juniper SSG540 Firewall administration').

When/if you focus on what you've done with an employer, don't just bullet responsibilities (many people tend to do this). An employer doesn't want to see that you were "responsible for the administration of the helpdesk system." No one cares. Now, if you "implemented a new helpdesk system that cut trouble-ticket response time by 65%" that's much better. Try to quantify things and make it appealing from a business perspective.
<<

UNIX

User avatar

Hero Member
Hero Member

Posts: 1244

Joined: Mon Apr 28, 2008 9:20 am

Post Mon Aug 24, 2009 12:08 pm

Re: Information Security CV advice

Mh interesting bit about the birthdate. In my country we get taught at school that this should/ have to be included beside some other details as well.
Discrimination because the interviewer may assume that one have not much knowledge because of age? Maybe I didn't think about this one because I have no problem with telling my age nor have any bad experience with this. Just curious, but do you include a picture of yours in the CV or is that also not common in your countries?
Last edited by UNIX on Mon Aug 24, 2009 12:12 pm, edited 1 time in total.
<<

rattis

User avatar

Hero Member
Hero Member

Posts: 1172

Joined: Mon Jul 27, 2009 1:25 pm

Post Mon Aug 24, 2009 12:24 pm

Re: Information Security CV advice

Pictures aren't common here. Basically in the US (or at least my part of it) all they want is a documented history of what you thought your work was. If it matches what they need you'll get an interview.
OSWP, Sec+
<<

venom77

User avatar

Hero Member
Hero Member

Posts: 1905

Joined: Mon Dec 11, 2006 3:23 pm

Post Mon Aug 24, 2009 12:58 pm

Re: Information Security CV advice

I don't include a picture and I would say that's probably pretty rare here in the US.

Well, I started to type a lengthy reply but decided to skip it. All that I'm going to say is I very much dislike being judged by my age. I've pretty much had to deal with that since I was 20 (though it's starting to go away now) as the youngest in my position across the country for a global company. The strange looks, the attitudes and plain being ignored. I surely wouldn't want a hiring manager or a recruiter having the same type of attitude after seeing my age on my resume. I want to be judged by knowledge, skills and experience - the way it should be.
<<

UNIX

User avatar

Hero Member
Hero Member

Posts: 1244

Joined: Mon Apr 28, 2008 9:20 am

Post Mon Aug 24, 2009 1:45 pm

Re: Information Security CV advice

Interesting to read about how different the same procedure is done in different countries.

I agree with you, that one should not be judged by age, but by knowledge, skills, experience and others - though I must admit that I would probably presume that a fourty year old person have more experience than an eighteen year old. However, just because someone is young, it doesn't mean that he is not knowledgeable nor have skills.
Thanks for sharing your personal experience with this, Bill.
Last edited by UNIX on Mon Aug 24, 2009 1:47 pm, edited 1 time in total.
<<

Bane

Post Mon Aug 24, 2009 2:18 pm

Re: Information Security CV advice

I have found that the one page resume rule really only applies to non-IT related jobs. In IT Security, hiring managers want to see all of your experience and skills. The more experience you document the better.
<<

ethicalhack3r

Full Member
Full Member

Posts: 139

Joined: Fri Nov 28, 2008 11:29 am

Post Mon Aug 24, 2009 3:49 pm

Re: Information Security CV advice

Thanks to all for the great tips/advice. I have removed my DOB from my CV, as I too think it is unnecessary. I have seen people put pictures on their CV's in France so it must be quite common world wide, not here in the UK tho.

I have almost finished my 'security' CV now. One more question... should I include a link to my personal blog? It contains a lot of what I do/have done.

Thanks again everyone!  :)
<<

rattis

User avatar

Hero Member
Hero Member

Posts: 1172

Joined: Mon Jul 27, 2009 1:25 pm

Post Mon Aug 24, 2009 6:09 pm

Re: Information Security CV advice

ethicalhack3r wrote:One more question... should I include a link to my personal blog? It contains a lot of what I do/have done.



No. It's a personal blog, if they want to see it, they can find it via Google. If it was a professional blog, and only talked about computer security and nothing else, then maybe. Like Jhaddix's www.securityaegis.com site. (Sorry if it's not a blog). But even then I'd scrub everything I could of personal information.
OSWP, Sec+
<<

Laz3r

Post Mon Aug 24, 2009 7:24 pm

Re: Information Security CV advice

The blog thing can be touchy.  In my opinion, I think you'd be fine to link it.  It's almost entirely focused on security related content as well as your personal work on DVWA.  I would hunt through your archives and make sure there's nothing that you wouldn't want them to see.  Such as "Went out drinking last night and somehow ended up dancing on the bar naked.  Here are some pics!" 
Next

Return to Career Central

Who is online

Users browsing this forum: No registered users and 1 guest

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software