Professional development

Information security career resume tips

Christine McKenzie
May 30, 2019 by
Christine McKenzie

Introduction - Make the most of your six seconds of fame

When your resume hits a hiring manager’s desk, they’ll spend an average of six seconds reading it. Six seconds. That’s a tiny window of time you have to communicate a lifetime’s worth of work history, skills, education and more. But though it sounds like an impossible task, you can absolutely sell a hiring manager on your candidacy by following a few information security career resume guidelines.

Making a good first impression on the hiring manager is your first step towards getting an interview. While that may sound self-evident, it’s often easier said than done. It’s hard to know what to put on your resume since every hiring manager has different expectations. A one-size-fits-all approach just isn’t going to cut it. However, there are certain details that cybersecurity hiring managers always want to see, and listening to their cues will help your resume get the right kind of attention.

FREE role-guided training plans

FREE role-guided training plans

Get 12 cybersecurity training plans — one for each of the most common roles requested by employers.

At this point, some of you might be thinking, “but I already have a resume!” That’s awesome — you’re already ahead of the curve! But keep in mind that cybersecurity is a constantly evolving industry. If your resume hasn’t been updated in a year, it’s time to pop it open and freshen it up.

Take a look at these top tips for making an outstanding cybersecurity resume:

Keep your resume simple

Resume format is just as crucial as the actual content of your resume. Even if your headings and bullet points are written beautifully, they may not get read if they’re presented in a way that confuses the reader. The rule of thumb is to keep the format simple and easy to understand.

  • Use bolded section headings to let readers know exactly what to expect in that section (education, technical skills, work history and so on)
  • Stay away from big blocks of text or paragraphs — readers will glaze over them. Instead, break your accomplishments up into pithy, easily digestible sentences. Each sentence should start with a bullet point
  • Stick to one page for entry-level jobs. For middle-level and senior-level positions, you can go up to two pages. Make sure your content is concise and on-target; eliminate any fluff

The “plain and simple” rule also applies to the overall look and design of your resume. You don’t need graphics, bold colors or intricate designs to catch a hiring manager’s eye. In fact, a resume that looks too busy or exotic can backfire. According to Google’s head of HR, “Unless you’re applying for a job such as a designer or an artist, your focus should be on making your resume clean and legible.”

Soft skills are just as important as technical skills

Charles Gaughf, security lead at (ISC)2, explains that "cybersecurity is an interesting field — not only do you need to bring the technical skills to the table, you must be relatable, you need to be a people person. These skills all mixed with professional skills are ideal."

In other words, your knowledge of network security is just as important as your communication or problem-solving skills. Penetration testers, for example, need to break down technical concepts and explain them in layman’s terms to non-IT staff. Other examples of soft skills include problem-solving, attention to detail, collaboration and leadership.

Don’t throw spaghetti at the wall

If you’re unsure of how best to market yourself, you may feel the urge to pile information onto your resume with the hope that the hiring manager will sift through it and find what they’re looking for. Now think back to that six-second rule. They don’t have time to do a thorough line-by-line reading of your resume; instead, they’re looking for the nuggets of relevant information they need to confidently move you to the “interview” stack.

The best-written resumes will immediately demonstrate relevance to the position in a clear, concise way. “Content that does not relate to the job and does not address what qualifications a candidate has for a job can absolutely eliminate a candidate who may have accomplished many of the tasks that job is looking for, but was not articulated in the resume,” according to Elizabeth Harrison, Senior Recruitment Partner at Decision Toolbox.

Use active voice to play up your achievements

Your resume is all about shining a spotlight on your achievements and accomplishments. Despite it being the perfect opportunity to show off, we’re socially conditioned to downplay our achievements for fear of sounding like we’re bragging. This results in many people writing resume bullet points starting with “soft” words like helped, assisted with and handled. Erase those generic verbs and instead hook the reader with a strong action verb that showcases your skills.

Your accomplishments should be specific

Hiring managers hate vagueness and don’t like hypotheticals. The best way to build up their confidence in you is by giving them detailed, concrete proof of things you’ve done on the job. In other words, instead of writing a statement like “knowledgeable about incident response,” beef it up to read: “Perform real-time cyberdefense incident handling like forensic collections, intrusion correlation and tracking, threat analysis and direct system remediation to support deployable Incident Response Teams (IRTs).” You can find this example bullet point and more on CyberSeek’s Career Pathway Tool.

It benefits you to be as specific as possible when describing your experience and skills. Back up your claims by including measurements when possible — this builds up your credibility in the mind of the hiring manager.

Links to LinkedIn, personal GitHub, website and so on

It’s safe to say that social media is completely shaking up the hiring process. While certain age-old hiring traditions like the cover letter and suit-and-tie interview are still common, employers also have many more options at their disposal when it comes to getting to know their candidates. LinkedIn, personal websites and blogs are all fair game.

A 2018 CareerBuilder survey concluded that 70% of employers use social media to screen candidates. “It’s great to see LinkedIn profiles that are engaging and built out with lots of detail. Added bonuses are resume attachments, project work, videos or blogs,” says Karen Whyte, Senior Recruiter.

Keep hobbies focused

Hobbies are distracting and don’t do anything towards building a case for why you’re the best fit for the job. Activities you can include are ones directly related to cybersecurity like personal projects, professional organization memberships, articles or papers you published and blog posts you’ve written.

Keep your writing simple and straightforward

Avoid throwing out huge words or using complicated language to try to impress the manager. At many companies, especially the larger ones, your resume will have to get the green light from HR before it’s passed on to the cybersecurity hiring manager. Keep in mind that HR reps are not experts in your field and instead rely on the job description as a benchmark for how well your resume lines up with the role. To avoid confusion, take cues directly from the language used in the job description and keep your language simple and straightforward.

Proofread and spell-check

Once you’re done writing your resume, the last step is to proofread it, since spelling and grammatical errors hurt your credibility. It may sound self-evident, but minor errors easily slip past even the sharpest set of eyes. Before you apply for a job, have a friend or colleague read your resume in case they catch something you didn’t. Or you can use a free proofreading tool like Grammarly.

Submission time!

Once you’ve run through this checklist, you’ll have an eye-catching new resume to share with hiring managers and recruiters. Don’t let the resume writing process intimidate you. By investing just a little bit of time, you can transform a basic list-style resume into a well-organized document packed full of your achievements.

Your new, upgraded resume will have a huge positive impact on your job search. And when a hiring manager is skimming through literally hundreds of resumes, standing out is the key to getting an interview!

What should you learn next?

What should you learn next?

From SOC Analyst to Secure Coder to Security Manager — our team of experts has 12 free training plans to help you hit your goals. Get your free copy now.



  1. How to make your cybersecurity resume stand out: 5 tips, TechRepublic
  2. This Is Exactly What Hiring Managers & Recruiters Look For When Scanning Resumes, Glassdoor
  3. 5 Things People Reading Your Resume Wish You Knew, The Muse
  4. Keep It Clean: Social Media Screenings Gain in Popularity, Business News Daily
  5. 185 Powerful Action Verbs That Will Make Your Resume Awesome, The Muse
  6. Cybersecurity Career Pathway, CyberSeek
Christine McKenzie
Christine McKenzie

Christine McKenzie is a professional writer with a Master of Science in International Relations. She enjoys writing about career and professional development topics in the Information Security discipline. She has also produced academic research about the influence of disruptive Information and Communication Technologies on human rights in China. Previously, she was a university Career Advisor where she worked extensively with students in the Information Technology and Computer Programming fields.