Hello! My name is Mike and I am an infosec engineer with 10+ years experience. I’ve worked in GRC, Vulnerability Management, PenTesting & AppSec. I have 17 SANS certs (I have a serious problem) and I’m also an infosec community enthusiast and creator/mod for /c/cybersecurity. AMA!

  • shellsharksOPM
    link
    fedilink
    English
    41 year ago

    Having a CTF on your resume and being able to speak to that experience is great imo. Early-career is always a bit difficult for resumes since you wanna beef it up but you don’t want to fill it with things that don’t matter. CTFs, trainings, content you’ve created (blog, podcast, write-ups, GitHub), etc… are all great things to put on there imo. If you have any coding projects or cloud experience (easy enough to get) you can put that on there too. Will you be looking to get a job while pursuing your masters?

    • iamak
      link
      fedilink
      English
      21 year ago

      I’ll go for something like a TA maybe. I have some job experience already (sde, not cybersec) so idk if it counts.

      things that don’t matter

      Can you give some examples so that I can avoid that

      • shellsharksOPM
        link
        fedilink
        English
        31 year ago

        Mostly non-tech experience. This is subjective and will vary hiring team to hiring team but in this field I have always glossed over any non-tech things on a resume. There’s so much opportunity for people to learn and get involved with IT/security that there’s no excuse to not just focus on those competencies on the resume. Just my opinion.

        • iamak
          link
          fedilink
          English
          21 year ago

          Okay. So my experience as a software developer while not the main thing being judged will still be relevant?

            • iamak
              link
              fedilink
              English
              11 year ago

              Thanks a lot! Also any certifications I should start doing rn?

              • shellsharksOPM
                link
                fedilink
                English
                11 year ago

                Kinda depends what you want to get into. If you’ve let to land your first security job maybe something like Sec+ to help get your foot in the door. If you know what discipline you want to get into (appsec, endpoint-sec, etc…) this could help further filter down what cert/training might be best to shoot for. Do you know what you think you want to do?

                • iamak
                  link
                  fedilink
                  English
                  11 year ago

                  I was thinking Network Security. But I’m not sure about it. Sec+ will help me decide that?

                  • shellsharksOPM
                    link
                    fedilink
                    English
                    11 year ago

                    Depends what you mean by “Network Security”. A lot of companies have adopted cloud-first environments so traditional netsec is more so cloud infra. In this case there are cloud-specific certs from Azure, AWS, GCP you can take that would be great. If you’re considering traditional network security it may be different. (Though a lot is very much shared).