this post was submitted on 12 Jul 2023
33 points (97.1% liked)
cybersecurity
3242 readers
9 users here now
An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!
Community Rules
- Be kind
- Limit promotional activities
- Non-cybersecurity posts should be redirected to other communities within infosec.pub.
Enjoy!
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I'm new to the field (I'll start masters in Sept). What all topics should I focus on to improve my resume? My previous exposure to the field is 1 ctf competition that's all.
Having a CTF on your resume and being able to speak to that experience is great imo. Early-career is always a bit difficult for resumes since you wanna beef it up but you don't want to fill it with things that don't matter. CTFs, trainings, content you've created (blog, podcast, write-ups, GitHub), etc.. are all great things to put on there imo. If you have any coding projects or cloud experience (easy enough to get) you can put that on there too. Will you be looking to get a job while pursuing your masters?
I'll go for something like a TA maybe. I have some job experience already (sde, not cybersec) so idk if it counts.
Can you give some examples so that I can avoid that
Mostly non-tech experience. This is subjective and will vary hiring team to hiring team but in this field I have always glossed over any non-tech things on a resume. There's so much opportunity for people to learn and get involved with IT/security that there's no excuse to not just focus on those competencies on the resume. Just my opinion.
Okay. So my experience as a software developer while not the main thing being judged will still be relevant?
Absolutely still relevant!
Thanks a lot! Also any certifications I should start doing rn?
Kinda depends what you want to get into. If you’ve let to land your first security job maybe something like Sec+ to help get your foot in the door. If you know what discipline you want to get into (appsec, endpoint-sec, etc…) this could help further filter down what cert/training might be best to shoot for. Do you know what you think you want to do?
I was thinking Network Security. But I'm not sure about it. Sec+ will help me decide that?
Depends what you mean by “Network Security”. A lot of companies have adopted cloud-first environments so traditional netsec is more so cloud infra. In this case there are cloud-specific certs from Azure, AWS, GCP you can take that would be great. If you’re considering traditional network security it may be different. (Though a lot is very much shared).
Okay. Thanks a lot! :)