You need to determine the track you are going in. Your income potential and
ability to enter the space will significantly improve if you have knowledge and
any level of experience (Read: even in-lab experience) with common enterprise
security tools and technologies, especially SIEM, DLP, Encryption, Application
Control, Mobility Solutions, etc. If you don't have specific keyword skills,
you will be quickly surpassed by a candidate that may have less experience
overall, but one that has key solution-based knowledge and experience.
You also need to understand your security domains. The best way to present that
knowledge is via certifications. Many in the industry brush them off as a joke,
but most people in HR, as in the folks that actually qualify you before you get
to talk to the hiring management, will look for those and prefer candidates
with any relevant certifications. If you cannot qualify for one, at least do
self-study to learn the necessary security fundamentals as your interviews will
likely be broad, and learning the CISSP domains, as an example, will do a great
job preparing you.
Hope this helps.
Andy | Oxbeef
________________________________
From: Andrew Case <[email protected]>
To: PaulDotCom Security Weekly Mailing List <[email protected]>
Sent: Wednesday, January 30, 2013 10:09 PM
Subject: Re: [Pauldotcom] CV for InfoSec Jobs
I might be answering your questions out of order, but hopefully this helps:
1) Do not worry about the 1 page rule as long as your information is
reasonable...
2) List any relevant certifications (obvious, but was not on your list)
3) I have seen many people list security tools that they are
comfortable using for pentests, reversing, etc (whatever it is you
focus on)
4) If you have never spoke / presented / demo'ed at conferences, then
you can list ones you attended, but otherwise I would just list where
you had active participation. If you have never spoke then you should
start! Events like Bsides are a great place to get your first
experience speaking and many bsides run tracks specifically for new
speakers and have speaker coaches, etc.
5) I would definitely list any local groups you belong to as it shows
an interest outside of 9-5 in the field
6) If you can code and have written any applications, small scripts,
etc, then definitely list them. Even if its just utility scripts to
automate things you normally have to do by hand.
7) List any trainings you attended including the class number, link to
the page if its still up and so on
Hopefully that is a good start. If you are job hunting I would also
recommend making a linkedin profile if you dont have one and make sure
it closely matches what is on your resume/CV.
On Wed, Jan 30, 2013 at 10:17 AM, Bacon Zombie <[email protected]> wrote:
> Hi All,
>
> I'm looking to move from Network/System Admin role into pure Security
> and in the middle of updating my CV.
>
> I would like to see if the hive mind has any opinion on what should
> and should not go into a CV and should a CV for a Security Job be
> different from a standard Tech CV.
>
> Soon difference that come to mind are:
>
> #> Do you list conferences you have attended and if so what section do
> you list them under or do they deserve there own section.
>
> #> Do you list projects and CTF.
>
> #> Do you list that you are a member of your Hackerspace, DC or 2600
> group and what do you put it under.
>
> #> Do you follow the no more then 2 or 3 pages rule or has that
> changes now since most people will read your CV via TXT/PDF/DOCX and
> not a printout.
>
> What are some thing really should include and also really should not
> include on my CV.
>
> Thanks in advance,
>
> P.S : Just realised CV may not be a common term for all; CV =
> Curriculum Vitae or Résumé.
>
> --
>
> BaconZombie
>
> LOAD "*",8,1
> _______________________________________________
> Pauldotcom mailing list
> [email protected]
> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> Main Web Site: http://pauldotcom.com
_______________________________________________
Pauldotcom mailing list
[email protected]
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com
_______________________________________________
Pauldotcom mailing list
[email protected]
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com
