Online security is beginning to become more of a concern for corporations and individuals alike. And the cybersecurity industry has risen in lockstep with the growth of that sentiment. According to the U.S. Bureau of Labor Statistics, the job prospects for Information Security Analysts alone is growing at 33%, which is a lot higher than the average.
Considering those factors, your cybersecurity resume can be your golden ticket to a job in an industry that’s showing no signs of slowing down. And we’re going to help you out by breaking down exactly what comprises a great cybersecurity resume.
How Important Is a Cybersecurity Resume?
Recruiters hiring in the technology industry are going to take a look at your LinkedIn, social media profiles, along with your Github profile. But in order to get to a stage where they’re screening those profiles, you have to send them a resume that grabs their attention and positions YOU as a strong fit for a role.
Resumes become all the more important when you’re applying for a cybersecurity role because of the nature of the job itself. When you work in security roles, companies will often have to share sensitive data with you that they expect to be kept away from anyone who isn’t authorized to access it. So your resume is an opportunity to establish trust with your future employer, which is an important part of the process for them.
What Should You Include in Your Cybersecurity Resume
Let’s take a look at how you should articulate the key pieces of information that need to go on your resume.
Name & Contact Information
Something that we touched on earlier, the fact that companies really care about your identity when they’re hiring for a cybersecurity role, especially if they work in industries with very sensitive data (like defense or governance-related information). For that reason, it’s important to mention the same name on your cybersecurity resume that you use in other IDs.
When it comes to contact information, you don’t need to include your physical address unless explicitly mentioned. But you do need to mention your phone number and email since most recruiters prefer one of those two channels.
Another important inclusion in this section is your LinkedIn profile. Hiring managers use your LinkedIn to corroborate some of the information in your resume and to verify your professional profile in general. So clean up your LinkedIn if you need to and throw a link to it up in the contact section of your resume.
Start by listing the accredited colleges you’ve attended along with information on your tenure there.
To add to that basic information, including information on the coursework that you’ve done that is relevant to the cybersecurity space. Any classes that you’ve taken in areas like information security, information risk management, network security, and penetration testing will count. Listing these classes shows recruiters that you have at least an academic understanding of some of those topics.
You could just put all your skills in a bulleted list in this section but there’s a better way to format it for readability. Group your skills under three categories:
- Cybersecurity techniques
- Cybersecurity domains
- Cybersecurity tools
Cybersecurity techniques include things like penetration testing, reverse engineering, encryption, and incident response. If you’re more of a specialist in specific areas like data center security, cloud forensics, and operational resilience, then put those under the cybersecurity domains category.
In some rarer cases, you might need to know how to use a specific tool for a job. Place tools like Syxsense, Netsparker, and Acunetix under that header. Certain companies tend to use specific tools to carry out their cybersecurity operations. Knowing how to use them can make you appear like an easier fit in those organizations.
You can also mention a few relevant soft skills in this part of the resume, but don’t go too crazy with it or you’ll end up sounding self-congratulatory. Skills like critical thinking, accountability, and collaboration are worth mentioning in a cybersecurity resume.
It’s quite rare for individuals to specialize in cybersecurity at the undergraduate or even graduate level. But that doesn’t mean that you can’t get a job in this space. A great way to make an entry into cybersecurity is to get yourself certified. The more reputed certifications sometimes carry more weight on a cybersecurity resume than a four-year degree.
Certifications in the cybersecurity space achieve two main goals. The first is that they give you a regimented path to understanding a specific domain within cybersecurity. For example, the much sought after Certified Ethical Hacker (CEH) certification will teach you about things like penetration testing and white hat hacking.
Certifications also help hiring managers quickly gather the information they need about your skills. When they see that you have a CEH certification, for example, they instantly know that you have at least some of the tools to do well in a team that works on vulnerabilities and systems security.
You can list your certifications in much the same way as you would your educational background. Include the name of the certification, the certifying authority, and the dates between which you completed it. Include your grade or any distinctions you received along with that information.
Any existing experience you have in the cybersecurity industry is very valuable. It shows recruiters both an interest in the field and a demonstrated ability to deliver on projects.
Always list your previous jobs in reverse chronological order. Include the name of the company, location, your job title, tenure, and your most important contributions to the company.
When talking about what you did at each job, always quantify your achievements. As much as possible, connect your work to what the company gained through it. So instead of saying that you “built a DNS zone audit system,” say that you “built a DNS zone audit system, thus reducing DNS attacks by 25%.” This is a great way to show recruiters that you understand how your skills can tie into an organization’s larger cybersecurity goals.
Personal or passion projects in the cybersecurity domain are not the most common thing. However, if you do have any projects, then list them with information on what you created and for what purpose. Things like text encryption tools, keyloggers, network traffic auditing tools, and image encryption software all look good on cybersecurity resumes.
You can also include projects where you built security features within an application whose core focus wasn’t security. For example, let’s say you built a password analyzer for a social media app. Then you can mention the analyzer specifically and talk about the skills that you used while building it.
You can also mention open source contributions that you’ve made to cybersecurity projects, plenty of which are available on Github. Be sure to include the name and purpose of the project at large along with details on your contribution to it.
An award is evidence of an unusual level of skill in a cybersecurity discipline, so of course, you want to mention it on your resume. There are also cybersecurity challenges where you can compete and gain recognition in the field.
When talking about an award or winning a competition, mention the details of the project. Talk about the skills that you used, the problem that you solved, and the results you achieved that helped you win.
Cybersecurity Resume Samples Based on Career Stage
Here are a few examples of real cybersecurity resumes. We’re going to analyze them to get an idea of what the good ones are made up of.
Entry-Level Cybersecurity Resume
What To Include
- If you have any job experience in the cybersecurity industry, then mention that first. If not, start with your academic history.
- List college coursework that you’ve taken that is related to cybersecurity. Any subjects related to systems security, networks, and data protection are worth mentioning here.
- At this stage, any online courses or bootcamps that you’ve taken can also come in handy, so include those under the certifications section of your resume.
This cybersecurity resume has a lot of the right content for an entry-level role but could be structured better.
The first thing we notice is that the candidate’s education is mentioned before their work experience. That’s a big no-no and those two sections should be swapped. Cybersecurity engineers who have worked in the industry should always mention their employment history before their academic history because that carries more weight to recruiters.
We also see that the candidate’s certification is relegated to a single line between the sections about the languages they speak and personal interests. The right thing would be to put the certification in its own section after the one on education. There should also be more information on what the subjects covered in the certification and if relevant, the grading the candidate achieved in it.
Senior Cybersecurity Resume
What To Include
- Put the section on your employment history at the very top of your resume. When you’re a senior cybersecurity professional, that’s the information that matters most.
- Highlight certifications that you’ve completed in the domain. Recruiters like when cybersecurity engineers take the time to get certified in a particular discipline and recertify when the time comes.
- Flesh out your employment history by detailing how your work has contributed to previous companies’ goals. Quantify this information as much as possible, in terms of things like penetration tests completed, network throughput, system recovery times, and so on.
Here we have a simple, well-formatted cybersecurity resume for a senior role. The candidate starts with their employment history and then moves on to education and skills, which is exactly what you want to do.
Within the employment history, we see the information broken down into responsibilities and achievements. This is a good way to articulate details on the job that you were given and the quantifiable results you achieved. In this case, the candidate is able to show that they identified a certain number of viruses and secured a website so it faced no major attacks. That shows hiring managers that you can deliver key results by applying your skills.
Cybersecurity Resume Samples Based on Target Job
There is a range of jobs that fall under the cybersecurity banner. We take a look at resumes from a few specific roles.
Cybersecurity Analyst Resume
What To Include
- Cybersecurity analysts are often required to rewrite software after understanding threats, so include experience that you have working with languages like Java and C++ and applying them to threat detection and negation.
- Analysts need to know how to work with diverse network types. Mention experience or coursework that has to do with networks and network security.
This candidate has created a cybersecurity resume covering all the important details of their work as an analyst. There is mention of experience with both threat analysis and networks, which hiring managers look out for. The only missing element is quantifiable results. The candidate talks about their responsibilities, but not the important part of talking about the results of that work.
The skills section of this resume could have been formatted better. It’s currently a wordy, long list. It would be better to categorize skills as we mentioned earlier and list individual ones under those categories.
SOC Analyst Resume
What To Include
- The main responsibility of a security operations center analyst is to detect vulnerabilities and mitigate them. Your resume should demonstrate experience in that function.
- SOC analysts usually work with large teams, so talk about skills that you have in collaborating with cybersecurity engineers and security managers.
This SOC analyst candidate’s cybersecurity resume mentions some of the keywords that you would want to see. There is information about their work in intrusion detection, vulnerability scanners, and network monitoring. These are all important terms to cover in your SOC resume.
One key change to make in this resume has to do with its structure. This candidate’s work history section comes after the one on their skills. This should never be the case. Always mention your work history first and then go into talking about your education, certifications, and skills.
Information Security Analyst Resume
What To Include
- The main job of an information security analyst is network protection and IT systems defense. Any experience you have in those areas should show up in your cybersecurity resume.
- Include details on how you’ve influenced security policy in your organization. Mentioning how you’ve been associated with new policies shows recruiters that you can go beyond threat detection and lay the groundwork for better preemptive actions.
This is the cybersecurity resume of an entry-level information security analyst. It demonstrates a clear understanding of the responsibilities of such a role through the mention of network systems, penetration tests, and security evaluations.
The candidate displays additional competence in the field by mentioning how they drafted new policies and procedures for the company. This shows hiring managers that you’re able to go from detecting vulnerabilities to creating procedures to mitigate them.
Tips for Creating an Awesome Cybersecurity Resume
Now that we’ve taken a look at a few cybersecurity resumes, let’s see how you can create a great one yourself.
How To Stand Out
Be Strategic With Formatting
With a stack of resumes on the table (or in their inbox), prospective employers can only spend a couple of minutes, max, scanning your resume. So do them a favor; make it “scannable.” Bold the headings of each section (traditionally, these sections are “About Me,” “Experience,” “Skills,” “Education,” and “References”).
Also, make the title text slightly bigger. You can italicize subheadings such as company names and dates as well. But let’s take it one step further: bold the main points of your cybersecurity resume to not only make the document easier to read, but also to allow those words and phrases to stand out, immediately communicating to your prospective employer that you have the required job experience and understand the responsibilities.
Shining a Light on Your Job Experience
Your job experience is proof that supports how good you are at your job, so take some time with this one. As mentioned above, start by ordering your previous roles in reverse-chronological order.
Each short blurb underneath each job experience is a mini slay-the-dragon moment. Highlight your main job responsibilities, as well as how you used them to slay the dragon (solve the problem) and rescue the town (company or client). Then, highlight the significance of this job experience at the end: what specific skills and lessons did you learn? How does this experience make you a good candidate for the job? How can you use this experience to help the company get the results it wants?
Skills and Education: What You Need To Know
Go beyond the standard “expert in Microsoft” and “good social skills.” Yes, these are important and useful, but get specific: which programming languages do you know? What malware and antivirus programs are you familiar with? Now’s the time to list these skills out. Bullet points will do. And consider noting expert, proficient, and beginner status.
The education part is your chance to show off the cybersecurity courses you’ve taken and the degrees you’ve earned. Be sure to include any certifications. A simple set of bullet points will work here.
What To Avoid
There is a common mistake job-seekers are most likely to make, padding resumes with information that isn’t necessarily relevant to the job that they’re applying to. This can only hurt your cause. Cybersecurity recruiters don’t care about the work you’ve done in front-end development or chip design. You have to show the experience that you have in the cybersecurity industry and leave out everything else.
Using Passive Voice Excessively
Use the active voice in your cybersecurity resume as much as possible. Here’s an example: “I helped X cybersecurity company run routine pen-tests for small and mid-level businesses.” “I” is the subject, “helped” is the verb, and “X cybersecurity company” comes after the object. It’s succinct and straight to the point.
Unlike this example, which is in the passive voice: “X cybersecurity company was helped by me via running routine pen-tests for small and mid-level businesses.” Notice how the subject, “me,” is after the object, “X cybersecurity company,” and the verb, “was helped.” Classic passive structure: object, verb, subject.
Why is passive voice a NO when writing your resume? As you can see from the passive sentence, it’s wordy and unclear. Since it’s important to convey that you’re the best candidate as quickly as possible (and to stick to one page), you can’t afford extra words, much less confusion. Use passive voice sparingly, if at all.
Where To Find Cybersecurity Resume Templates
The internet has many cybersecurity resume templates to offer if you’re looking to mimic some best practices. But be sure to use them only as inspiration and not as your own resume. Always write your resume yourself and make sure that it accurately reflects your skills and the requirements of the job you’re applying to.
Here are a few places to find cybersecurity resumes:
Cybersecurity Resume FAQs
Should You Customize Your Cybersecurity CV for Each Job?
Yes, you should customize your cybersecurity resume for each job. Mention only the experience and academic history you have that’s relevant to the job that you’re applying to.
How Long Should a Cybersecurity Resume Be?
A cybersecurity resume should be two pages at most. As much as possible, keep it down to one page so that recruiters can glean all the key information quickly.
What Skills Should You Put On Your Cybersecurity Resume?
There are three main categories of skills that you can put on your cybersecurity resume. They are:
Cybersecurity techniques: penetration testing, reverse engineering, encryption, etc.
Cybersecurity domains: datacenter security, cloud forensics, operational resilience, etc.
Cybersecurity tools: Syxsense, Netsparker, Acunetix, etc.
Bootcamps and certifications are a great way to quickly pick up these skills if you’re trying to enter the cybersecurity industry.
Is cybersecurity the right career for you?
According to Cybersecurity Ventures, the cybersecurity industry is expected to have 3.5 million high-paying, unfilled jobs this year. With Springboard’s comprehensive Cyber Security Career Track, you’ll work 1:1 with an industry mentor to learn key aspects of information technology, security software, security auditing, and finding and fixing malicious code. Learning units include subject-expert approved resources, application-based mini-projects, hands-on labs, and career-search-related coursework.
The course will culminate in a multi-part capstone project that you can highlight on your resume for prospective employers or use to demonstrate your technical knowledge in your job interview. The learning materials will also help prepare you to pass the globally-recognized CompTIA Security+ certification so you stand out when applying for cybersecurity roles.
Learn more about Springboard’s Cyber Security Career Track here.