It’s time to talk resumes. Because guess what? The job outlook for cybersecurity jobs is booming and it’s a great time to get into the industry; according to the U.S. Department of Labor, employment for information security analysts is expected to skyrocket by a whopping 28 percent from 2016 to 2026, much faster compared to the average for other job markets.  

Job outlook for cybersecurity

(Source: U.S. Department of Labor)

The good news is: whether you’re a new or veteran cybersecurity job seeker, there’s demand. But let’s face it, condensing your experience, skills, training, and references into a one-page cybersecurity resume is both time-consuming and boring.

Luckily, it doesn’t have to be. At its core, a cybersecurity resume (much like a first-rate UX resume or any other type of writing, for that matter) is a story. And you are the protagonist. The plot? The work experience, education, training, and references you’ve used to fight off malicious hackers, saving small- and medium-sized businesses, large corporations, and individual clients from damaging attacks.

Learn how to create and structure your cybersecurity resume so that you’re one step closer to landing your dream job.

Hook Your Prospective Employer’s Attention With These Structural Tips

1. Stick to Active Voice

One way to make your cybersecurity resume stand out from the rest is to keep it simple and straightforward. And there are good reasons why.

Let’s say you’re applying for a job at a mid-level U.S. cybersecurity firm. English is linear. Meaning, English-speakers typically talk and process information like this: subject, verb, object (this format is known as active voice).

Here’s an example: “I helped X cybersecurity company run routine pen-tests for small and mid-level businesses.” “I” is the subject, “helped” is the verb, and “X cybersecurity company” comes after the object. It’s succinct and straight to the point.

Unlike this example, which is in the passive voice: “X cybersecurity company was helped by me via running routine pen-tests for small and mid-level businesses.” Notice how the subject, “me,” is after the object, “X cybersecurity company,” and verb, “was helped.” Classic passive structure: object, verb, subject.

Why is passive voice a no when writing your resume? As you can see from the passive sentence, it’s wordy and unclear. Since it’s important to convey that you’re the best candidate as quickly as possible (and to stick to one page), you can’t afford extra words, much less confusion. Use passive voice sparingly, if at all.  

2. Be Strategic With Formatting

With a stack of resumes on the table (or in their inbox), prospective employers can only spend a couple of minutes, max, scanning your resume. So do them a favor; make it “scannable.” Bold the headings of each section (traditionally, these sections are “About Me,” “Experience,” “Skills,” “Education,” and “References”).

Also, make the title text slightly bigger. You can italicize subheadings such as company names and dates as well. But let’s take it one step further: bold the main points of your cybersecurity resume to not only make the document easier to read, but also to allow those words and phrases to stand out, immediately communicating to your prospective employer that you have the required job experience and understand the responsibilities.

A Quick Word: Follow the format. Now isn’t the time to go off-script; follow the traditional resume format, which, as mentioned, usually includes “About Me,” Experience,” “Skills,” “Education,” and “References.”

About Me: Time to Show How Awesome You Are

What makes you tick? What do you offer that makes you stand out from other cybersecurity job applicants? List them accordingly. Using active voice and formatting strategies (listed above), combine them into one concise, scannable paragraph (about five sentences).  

Make It a Story

Catch prospective employers’ attention with a hook, a specific (and accurate) phrase that reels them in. In storytelling, this is called an action beginning. Think one sentence that draws in the reader using sound (“Pow!”), dialogue (“What’s that?”), and, yes, action (“The man in black fled across the desert, and the gunslinger followed,” an action-oriented line from Stephen King’s novella, “The Gunslinger”).

Slaying the Dragon and Rescuing the Town

With your resume, this looks like an active voice sentence that immediately spells out to the reader why they need to hire you and what you can do for them. To help you format that action-packed, powerful first sentence, answer these questions:

  • What was a key problem that you addressed for a previous company and/or client (i.e., cyber breach, malicious insider, out-of-control spammers)?
  • What action did you take to address said problem (i.e., run more penetration tests; train company employees about cyber hygiene; install, update, and monitor antivirus and anti-malware programs)?
  • What effect did your action have on the previous company and/or client (i.e., reduced likelihood of a cyberattack by a specific percentage, increase company morale)?

What we’re doing is breaking down a major “slay-the-dragon” cyber victory, identifying how you conquered (tools, knowledge, the action you took) the dragon (problem) to save the town (company or client), delivering specific results. Here’s what this may look like in a cybersecurity resume example:

Cybersecurity resume example

Experience Matters

Noted psychologist Hermann Ebbinghaus is known to have discovered the serial position effect. In a nutshell, if you read a list of words, you’ll most likely remember and recall the first couple (primacy effect) and last couple of words (recency effect). The order of words determines how likely we’ll remember them—placing more importance on first and last words versus middle words, aka the serial position effect.

Research shows that the serial position effect doesn’t just apply to a list of words, but also recalling TV commercials. And it’s a huge marketing strategy companies use when listing products on their websites. Which brings us back to your cybersecurity resume; typically, after the About Me section comes the Experience section, a list of past job experiences, usually ordered by date. What happens when you have relevant job experience that’s chronologically in the middle?

Yes, you can list it at the top—prospective employers may overlook (or not care too much about) dates, as long as it’s fairly recent. You can also insert a phrase—”as you’ll see from my experience in X company (Job Experience: third from top)”—to direct prospective employers to a specific past job experience you wish to highlight. Doing this will give that relevant job experience a fighting chance of standing out from the middle.

Shining a Light on Your Job Experience

Your job experience is the proof that supports how awesome you are (which you mentioned in the About Me section). As we’ve said before, normally, this is ordered chronologically, but—and this may be controversial—it doesn’t have to be.

Remember the serial position effect? Especially if there’s very relevant past job experience you want to point out, instead of letting it hide in the middle chronologically (by time), organize your job experience by relevance. You may want to briefly mention this at the beginning of this section, clarifying to the reader why you’re making this organizational choice: “Job Experience (in Order of Relevance).” If not, you can always briefly mention a specific job experience in the About Me section.

Each Job Experience Is a Story in Itself

Each short blurb underneath each job experience is a mini slay-the-dragon moment. Highlight your main job responsibilities, as well as how you used them to slay the dragon (solve the problem) and rescue the town (company or client). Then, highlight the significance of this job experience at the end: what specific skills and lessons did you learn? How does this experience make you a good candidate for the job? How can you use this experience to help the company get the results it wants?

Skills and Education: What You Need to Know

Go beyond the standard “expert in Microsoft” and “good social skills.” Yes, these are important and useful, but get specific: which programming languages do you know? What malware and antivirus programs are you familiar with? Now’s the time to list these skills out. Bullet points will do. And consider noting expert, proficient, and beginner status.

The education part is your chance to show off the cybersecurity courses you’ve taken and degrees you’ve earned. Be sure to include any certifications. A simple set of bullet points will work here.

Related: Our free cybersecurity analyst training is perfect for establishing (or refreshing) your foundational knowledge.

Be Proactive: List References Before You’re Asked

Instead of waiting for prospective employers to ask you for references, offer them up. At the bottom in the References section, add three or four professional references who can vouch for the incredible work you do. List their full name, job position, contact information, and relationship to you. Be sure to contact them beforehand—you (and they) don’t want any surprises.  

Some Extra Cybersecurity Resume Pointers

Want some extra tips that’ll boost your resume game?

  • Have a “them” mindset: How can you help them (the company)? Tie back skills and experiences to how they benefit them.
  • Explain gaps: What experiences and skills did you learn as a stay-at-home parent or career-changer? And how do they help the company get the results it wants?
  • Research, research, research!
  • Insert appropriate cybersecurity resume buzzwords (or keywords) so prospective employers can find you online.
  • If you’re short on skills and education, take a cybersecurity course.

Finally, keep this infographic handy as you put together your cybersecurity resume:

Cybersecurity resume infographic

So, hoping to beef up your resume? Springboard’s Cybersecurity Career Track is a mentor-guided online bootcamp designed to get you certified and hired for software/application security analyst roles. Find out more!