Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analytics

10/31/2018
02:00 PM
Kelly Sheridan
Kelly Sheridan
Slideshows
Connect Directly
Twitter
LinkedIn
Google+
RSS
E-Mail
50%
50%

9 Traits of A Strong Infosec Resume

Security experts share insights on which skills and experiences are most helpful to job hunters looking for their next gig.
Previous
1 of 10
Next

(Image: Jirapong - stock.adobe.com)

(Image: Jirapong stock.adobe.com)

When your resume falls into the hands of a hiring manager, it only has a minute to convey the skills and experience you hope will prove you're qualified for the job. Is yours doing the trick?

In cybersecurity, companies are looking for a wide range of qualifications, researchers found in the new "(ISC)² 2018 Cybersecurity Workforce Study." With the global workforce shortage approaching 3 million employees, companies are in need of a long list of infosec skills.

Topping the list is security awareness, according to 58% of 1,452 experts polled. The same percentage is also looking for people who excel in risk assessment, analysis, and management. Security administration (53%), network monitoring (52%), incident investigation and response (52%), intrusion detection (51%), cloud security (51%), and security engineering (51%) are in demand.

"It's not a field like carpentry that we lump everyone in, where there's a basic skillset," says John McCumber, director of cybersecurity advocacy at (ISC)². "Cybersecurity encompasses governance, policy, identity and access management, and a variety of related [skill sets]."

However, organizations often lack the clarity they need to make informed hiring decisions, he continues. There's a lot of confusion in the industry about what people need to be effective in their roles and often a gap between job-description demands and legitimate security needs.

"There's this disconnect between what [companies] put in a job description and what people respond with in their resumes," McCumber adds. For example, many of the cybersecurity challenges businesses face aren't tech problems and don't require tech expertise to solve.

Of course, the skills you need depend on the job you're eyeing. Security analysts, for example, should prioritize technical skills and previous roles, while CISOs are better off highlighting their leadership experience and business know-how.

Here, several security experts share their insights on building resumes and which skills, traits, and experience are most helpful to job hunters looking for their next gig.

 

Kelly Sheridan is the Staff Editor at Dark Reading, where she focuses on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance & Technology, where she covered financial ... View Full Bio

Previous
1 of 10
Next
Comment  | 
Print  | 
More Insights
Comments
Oldest First  |  Newest First  |  Threaded View
enhayden1321
100%
0%
enhayden1321,
User Rank: Strategist
11/3/2018 | 2:25:37 PM
Demonstrate Your Communication Skills
The article is interesting but missing a key element.  It is an imperative that the security professional is a strong communicator.  This includes verbal and written skills that demonstrate you know how to write complete sentences, develop arguments, and can speak to the issue at hand.  Also, you need to have very strong skills with the Microsoft suite of Word, PowerPoint, and Excel.  If you cannot effectively communicate then you will not be a solid security professional.  Thank you.
The Mainframe Is Seeing a Resurgence. Is Security Keeping Pace?
Ray Overby, Co-Founder & President at Key Resources, Inc.,  8/15/2019
The Flaw in Vulnerability Management: It's Time to Get Real
Jim Souders, Chief Executive Officer at Adaptiva,  8/15/2019
Tough Love: Debunking Myths about DevOps & Security
Jeff Williams, CTO, Contrast Security,  8/19/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-5638
PUBLISHED: 2019-08-21
Rapid7 Nexpose versions 6.5.50 and prior suffer from insufficient session expiration when an administrator performs a security relevant edit on an existing, logged on user. For example, if a user's password is changed by an administrator due to an otherwise unrelated credential leak, that user accou...
CVE-2019-6177
PUBLISHED: 2019-08-21
A vulnerability reported in Lenovo Solution Center version 03.12.003, which is no longer supported, could allow log files to be written to non-standard locations, potentially leading to privilege escalation. Lenovo ended support for Lenovo Solution Center and recommended that customers migrate to Le...
CVE-2019-10687
PUBLISHED: 2019-08-21
KBPublisher 6.0.2.1 has SQL Injection via the admin/index.php?module=report entry_id[0] parameter, the admin/index.php?module=log id parameter, or an index.php?View=print&id[]= request.
CVE-2019-11601
PUBLISHED: 2019-08-21
A directory traversal vulnerability in remote access to backup & restore in earlier versions than ProSyst mBS SDK 8.2.6 and Bosch IoT Gateway Software 9.2.0 allows remote attackers to write or delete files at any location.
CVE-2019-11602
PUBLISHED: 2019-08-21
Leakage of stack traces in remote access to backup & restore in earlier versions than ProSyst mBS SDK 8.2.6 and Bosch IoT Gateway Software 9.2.0 allows remote attackers to gather information about the file system structure.