Crafting a winning cyber security resume as an industry newbie might fill you with dread. But with demand for excellent candidates booming, there’s never been a better time to dip your toes into the industry and craft the perfect job application!
In this article, we’ll cover tried-and-tested techniques to make a cyber security resume rise above the pack. But before we start, you’ll want to make sure your application ticks the following boxes:
- It’s carefully checked for grammar and clarity (head to Grammarly or Hemingway to catch anything glaring!)
- It incorporates a few keywords from the job description that show you’re an excellent match for the role
- It includes an easy-to-read “key skills” section that offers an overview of what you bring to the table
- Your contact information is listed at the top (including a name, email address, and contact number)
- The formatting is clean, clear, and user-friendly
- It includes a cover letter (if required)
Now that we have those steps covered, let’s dive in!
1: Network, network, network
Conferences and seminars
The ability to network will set you up for success when starting out in cyber security.
To start with, you can attend industry-specific seminars and conferences. These events allow you to network with professionals offering valid advice on potential career paths. At select conferences, you can even speak to Chief Information Security Officers (CISOs) who may offer invaluable tips for future applications.
From hiring managers to skilled hackers and computer security experts, conferences are empowering settings for newbies. Who knows, you could even uncover potential partnership opportunities or score interviews if you play your cards right! If nothing else, these experts can help unlock your potential by answering burning questions in a low-stakes space.
You can even uncover industry pain points at conferences by asking a few probing questions. If you're clever, these questions could help you discover viable solutions that companies are bound to appreciate on a cover letter.
Cyber security communities
It’s one thing to say that conferences and career fairs are beneficial if you’re fielding general application questions. But it’s also crucial to chat and engage with the wider cyber security community, whether that’s online social media platforms like TryHackMe’s Discord, or a cyber security Reddit.
Building a solid reputation WILL eventually get you noticed.
Realistically, you never know when someone from your community may have a job opening that you're perfect for.
Top tip!
Infosec Conferences regularly publishes upcoming conference dates and locations from around the globe that you can check out. Bookmarking just a few to attend each year will boost your confidence AND keep you up-to-date with the industry’s ever-changing requirements.
2: Highlight achievements with a solid portfolio
One thing you’ll want to showcase alongside your cyber security resume is a solid portfolio. It can seriously boost your credibility and prove your competence in the field (without any official credentials!).
This can be as simple as hosting case studies, awards, and work samples on your GitHub or LinkedIn account.
The main things that you’ll want to show in your portfolio are:
- A genuine interest in the field
- Hard evidence of your ability to solve real-world problems using cyber security tools
- An understanding of the issues facing the industry at large (and solutions that you've created to address them)
So, if you’ve managed to run software seamlessly through Kubernetes, mention it. If you’ve created a simple keylogging software that runs smoothly? Pop it in your portfolio. Perhaps you’ve started a YouTube channel or popular podcast that discusses the ins and outs of current trends in cyber security.
Whatever it is, passionately explain why your portfolio sets you apart by listing projects in the “EXPERIENCE” section of your CV.
A quick note on degrees
We’re not saying that cyber security degrees are unimportant. However, very few hiring managers see them as essential.
The cyber security field is still young, and many universities focus on teaching offensive security skills over defensive ones. So, if you can show that you’re a well-rounded applicant who has taken the time to learn both skill sets - you’ll be ahead of the game.
If you’ve covered topics like compliance, risk management, and cyber law in your own time? That’s even better. And don't worry if you hold a degree in an adjacent field like engineering - you won't be at a disadvantage.
A touch of real-world training through TryHackMe is all you’ll need to prove adaptability and a generous dose of real-world experience!
3: Tailor your application to each role
Almost every employer will notice a run-of-the-mill CV that you’ve fired off to multiple places. It'll take slightly longer, but tailoring an application to each role shows that you've researched the company and understand its expectations.
The goal is to show a company what you can do for THEM instead of explaining HOW MUCH THE JOB WILL HELP YOU.
To avoid falling into a pile of generic applications with lacklustre cover letters, you should:
- Fill your letter with relevant details that showcase a genuine interest in a specific company
- Express your real-world experience by mentioning previous projects (that are in your portfolio!)
Along with tailoring your cover letter, it’s worth pruning your cyber security resume at this stage. It's tempting to include every detail relating to your experience in the field. But the key is to match your CV to the job at hand. List distinct programs, operation systems, and valuable training certifications you already hold instead of generic skills.
Similarly, if the company you're applying to focuses on red-team techniques, showcase your ability to recognise their current weaknesses. For organisations hiring blue-team defensive experts, show off your ability to prevent, identify, and respond to threats.
That’s not to say it’s not worth showcasing both skills in a cyber security resume. But it’s crucial to read the application requirements carefully and ensure you cover the correct points.
To personalise your application further, delve into the company’s main markets and Key Performance Indicators (KPIs). By explaining in detail how you can protect their specific interests, you’re likely to capture the attention of hiring managers.
4: Mention current events in your cover letter
On the topic of cover letters, this is a great time to showcase your genuine interest in the sector! Discussing your earnest enthusiasm about current events and your recommended responses to them can be an incredible way to set yourself apart.
For example, you could outline recent cyber security breaches and offer your thoughts on solutions. If you can offer insight into the technical weaknesses that may have caused them, that’s even cooler.
And because tackling cyber criminals requires you to stay ahead of expert hackers, understanding recent industry developments is incredibly important. After all, you don't want to put any company on the back foot!
Top tips
Keep an eye on relevant communities for inspiration
It's well worth keeping track of the latest cyber security threats by joining relevant Discords and Reddit communities. These forums are typically very current and can give you a springboard for further research that you can use in an application.
If you can discuss how you tackled cyber crime head-on with the help of your portfolio, that's bound to be a huge bonus!
To track must-know industry updates, you’ll also want to read our This Month in Cyber Security roundups in the TryHackMe Newsroom.
5: Keep any hard skills specific and relevant
If you’re struggling to figure out which hard skills to mention on your CV, your shortlist is probably too long. So, let’s run through the most valuable hard skills you can mention on a cyber security resume.
Recruiters and hiring managers hugely appreciate clearly labeled hard skills that include:
- Coding or scripting skills
- Technology and computing fundamentals
- Functional understanding of operating systems
- Good knowledge of cloud computing
- An understanding of network architecture
- Intrusion detection
- Network security control
To make your cyber security resume easy to skim, list these skills right at the top or bottom of your resume. You can expand on specific projects in the rest of your application, and can even mention headlining ones in your profile overview at the top.
6: Don’t overlook the importance of soft skills and leadership skills
Having foundational computing knowledge is crucial for any role in cyber security. However, we've found that many cyber security resumes overlook the importance of soft skills.
It's estimated that there'll be an incredible 15% increase in cybercrime costs by 2025, totaling $10.5 trillion worldwide. And with up to 95% of cyber security breaches down to human error, hiring professionals who can communicate is KEY.
After all, you might be incredibly qualified in the field. But if you can't convey the importance of security measures to non-experts within the company, you're just asking for trouble.
Critical thinking, problem-solving, and communication skills are all crucial to preventing major cyber security breaches.
We also can’t understate the importance of teamwork when collaborating between departments and getting everyone on the same page. Equally, you might be speaking to members of the senior leadership team with little to no technical expertise. So, you’ll need to learn to communicate without jargon in a clear but comprehensive way.
Top tip
To bolster your application even further, note down any public speaking awards or projects that required you to take a leadership role. Even if you're new to the cyber world, showing what you learned from managing simple university projects can be worth its weight in gold.
7: Think like the enemy (AKA: Black Hat Knowledge)
Although this may sound strange, a creative way to make your application stand out is by showing an understanding of what you’re up against.
Knowing how to combat attacks after they’ve happened is one thing. However, being able to think like a hacker and circumvent breaches and attacks before they happen will make you a valuable asset.
Maretta Morovitz (a Cyber Adversary Engagement at MITRE Corp) has stated that “knowing the enemy” can often stop threat actors entirely in their tracks. And this is all about diving into the hacker mindset through ethical hacking.
If companies understand the motives and mentalities of modern-day hackers, they can invest in the right security technologies. So, why not highlight a malware project you’ve worked on or your expertise on intrusion detection and prevention in your cyber security resume?
8: Use resources in the sector to supercharge your resume
Hiring managers in cyber security usually want to see problem-solving skills in action. Although having a university degree proves that you have technical skills and academic know-how, recruiters and hiring managers will have one burning question: “Can you actually DO the job?”.
To showcase genuine hands-on experience, TryHackMe can play an enormous role. Over 2 million users and 250+ organisations trust our hands-on training resources, and we even offer completion certificates to showcase your achievements! You can also prove that you’ve defended a computer against nasty attacks by displaying your rank badges on LinkedIn!
By regularly combating attacks in your spare time, you can run through exactly how you'd tackle these issues in an interview. Plus, nothing beats showcasing your propensity to learn, improve, and become a valuable asset to a potential employer.
Top tip
If you’re around during the Christmas period, it’s always worth joining us for our annual Advent of Cyber event.
With a list of beginner-friendly tasks, this event will kickstart your security journey by breaking down common security topics. We won’t throw you in the deep end, as each free challenge is accompanied by supporting material and a video tutorial. Don’t worry, we’ve got you!
Our final thoughts
We completely understand that applying for your first role in the cyber security space can be overwhelming. But it’s always worth remembering that preparation goes a long way in proving yourself as a standout candidate.
You'll be in an excellent position with decent industry research, a cleanly formatted CV, and a wealth of hands-on experience behind you.
So, if you're ready to train for your first cyber security job, it’s time to kickstart your journey with our hands-on training!
Ben Spring
