Re: CV for InfoSec Jobs

[TheTolik <thetolik () yahoo com>]

You need to determine the track you are going in. Your income potential and ability to enter the space will 
significantly improve if you have knowledge and any level of experience (Read: even in-lab experience) with common 
enterprise security tools and technologies, especially SIEM, DLP, Encryption, Application Control, Mobility Solutions, 
etc. If you don't have specific keyword skills, you will be quickly surpassed by a candidate that may have less 
experience overall, but one that has key solution-based knowledge and experience. 

You also need to understand your security domains. The best way to present that knowledge is via certifications. Many 
in the industry brush them off as a joke, but most people in HR, as in the folks that actually qualify you before you 
get to talk to the hiring management, will look for those and prefer candidates with any relevant certifications. If 
you cannot qualify for one, at least do self-study to learn the necessary security fundamentals as your interviews will 
likely be broad, and learning the CISSP domains, as an example, will do a great job preparing you. 

Hope this helps. 

Andy | Oxbeef


________________________________
 From: Andrew Case <atcuno () gmail com>
To: PaulDotCom Security Weekly Mailing List <pauldotcom () mail pauldotcom com> 
Sent: Wednesday, January 30, 2013 10:09 PM
Subject: Re: [Pauldotcom] CV for InfoSec Jobs
 
I might be answering your questions out of order, but hopefully this helps:

1) Do not worry about the 1 page rule as long as your information is
reasonable...

2) List any relevant certifications (obvious, but was not on your list)

3) I have seen many people list security tools that they are
comfortable using for pentests, reversing, etc (whatever it is you
focus on)

4) If you have never spoke / presented / demo'ed at conferences, then
you can list ones you attended, but otherwise I would just list where
you had active participation. If you have never spoke then you should
start! Events like Bsides are a great place to get your first
experience speaking and many bsides run tracks specifically for new
speakers and have speaker coaches, etc.

5) I would definitely list any local groups you belong to as it shows
an interest outside of 9-5 in the field

6) If you can code and have written any applications, small scripts,
etc, then definitely list them. Even if its just utility scripts to
automate things you normally have to do by hand.

7) List any trainings you attended including the class number, link to
the page if its still up and so on

Hopefully that is a good start. If you are job hunting I would also
recommend making a linkedin profile if you dont have one and make sure
it closely matches what is on your resume/CV.

On Wed, Jan 30, 2013 at 10:17 AM, Bacon Zombie <baconzombie () gmail com> wrote:
> Hi All,
>
> I'm looking to move from Network/System Admin role into pure Security
> and in the middle of updating my CV.
>
> I would like to see if the hive mind has any opinion on what should
> and should not go into a CV and should a CV for a Security Job be
> different from a standard Tech CV.
>
> Soon difference that come to mind are:
>
> #> Do you list conferences you have attended and if so what section do
> you list them under or do they deserve there own section.
>
> #> Do you list projects and CTF.
>
> #> Do you list that you are a member of your Hackerspace, DC or 2600
> group and what do you put it under.
>
> #> Do you follow the no more then 2 or 3 pages rule or has that
> changes now since most people will read your CV via TXT/PDF/DOCX and
> not a printout.
>
> What are some thing really should include and also really should not
> include on my CV.
>
> Thanks in advance,
>
> P.S : Just realised CV may not be a common term for all; CV =
> Curriculum Vitae or Résumé.
>
> --
>
> BaconZombie
>
> LOAD "*",8,1
> _______________________________________________
> Pauldotcom mailing list
> Pauldotcom () mail pauldotcom com
> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> Main Web Site: http://pauldotcom.com
_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com

_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com