Do: Make professional experience your first category. It’s more important than an “objective” paragraph in the cybersecurity industry.
Don’t: Waste time — yours or the recruiter’s — with cluttered layouts, atypical font types or overdone design. Simple layouts with clear headings fare best.
Do: Include both hard and soft skills. Communication and teamwork are important.
Don’t: Leave off experience you have in other fields or positions. Include other job experience that shows your work ethic, attention to detail and communication skills.
Do: Research the different paths a cybersecurity analyst career can take and tailor your resume to best illustrate your aptitude for the specific job you’re seeking.
Don’t: Exaggerate or elaborate your qualifications. Your integrity is at stake.
Common Features of a Good Cybersecurity CV
What specifically should you include and exclude on your cybersecurity resume? While it partly depends on the position you’re applying for, here are some general guidelines: research the company, tailor your resume based on the job description, write in active voice and use a straightforward format.
What to include
1. Work experience
This is the most important aspect of your cybersecurity resume. When listing work experience, begin with your most recent job. Include relevant information such as job title, place of employment, dates of employment and job description. The best resumes don’t just say what you did, they show how it mattered. Tailoring resumes with metrics to show how you impacted the business is key and can make you stand out in a crowd.
Include universities you attended and degrees you earned, such as a master’s degree in cybersecurity. Also include special achievements from school, such as summa cum laude, but don’t include GPA. If you’re applying for your first cybersecurity job and feel like your previous experience doesn’t show your qualifications, you can include special areas of study from school. Additionally, include professional conferences or organizations you’ve participated in; they show you’re interested in learning and keeping up with the field.
3. Certifications and hard skills
Credentials are critical in cybersecurity positions. Include your certifications and hard technical skills by listing them in previous job descriptions or creating a new category. Include relevant software platform, network, language, programming, cryptography, criminology, data and security-system skills, as well as any security clearances you have.
4. Soft skills
While not all job descriptions emphasize soft skills, they are important to employers. Strong communication, customer service, teamwork and leadership skills show your potential employer that you’d be a good team member and well-rounded employee.
When it comes to references, do what makes you most comfortable. Some people choose to include “References available upon request” at the bottom of their resume. Others provide them up front by sharing references’ names, titles and contact information. Either way, choose references wisely and let them know beforehand that you’re including them.
What to exclude
1. ‘About me’ section
In general, you don’t need an “about me” section. However, if you have the space and feel like this section could distinguish you from other applicants, put it after your work experience and skills. It should consist of a couple of sentences that give insight into who you are, such as what drew you to cybersecurity and membership in associations or organizations.
Just like “about me,” this should only be included if you have room and feel it will set you apart from other applicants. An employer may get more personal insight about you if you include your passions and interests in things like outdoor activities, reading, animal rescue, sports or so on. You can even include your passions in the “about me” section if you have it.
3. Objective paragraph
Your objective, of course, is to get the job you’re applying for. You know this and your potential employer knows this. In many industries, objective paragraphs are important. But it’s not required. Remember: You have less than eight seconds to make a first impression. Let your work experience do that for you.
What to highlight
When you’re working on your resume, don’t simply focus on selling yourself; focus on selling yourself to each company. Figure out what’s most important to your potential employer (which isn’t difficult if you’ve done some research) and highlight aspects of your work experience that align with the specific job. For example, if one of your previous jobs is particularly relevant, go into more detail about it. Or, if you have an industry certification that’s known to be hard to earn, consider placing it near the top of a section and mentioning it in your cover letter. It’s not uncommon to edit your resume for each job you apply for.
You may not want to highlight salary in your cybersecurity resume, but you might have to address it. It’s common for online applications to have a section for salary. On paper or in an interview, it’s easy to say your salary is negotiable. However, some online application forms don’t accept “negotiable” or “entry-level.” In this case, you’ll have to enter a specific number. Research similar positions and use a competitive salary; don’t go so low that you’re undervaluing yourself, but don’t go so high that you’ll be quickly screened out.
Your resume should be the best representation of you and your experience to date. It should present a detailed, thoughtful summary of your experience, qualifications and accomplishments. Don’t forget to proofread your resume before sending it. An obvious grammatical mistake can communicate that you lack attention to detail or don’t care about accuracy. If your resume does its job, you’ll have the best chance at getting an interview for a cybersecurity position.