Hello! My name is Mike and I am an infosec engineer with 10+ years experience. I’ve worked in GRC, Vulnerability Management, PenTesting & AppSec. I have 17 SANS certs (I have a serious problem) and I’m also an infosec community enthusiast and creator/mod for /c/cybersecurity. AMA!

  • iamak@infosec.pub
    link
    fedilink
    English
    arrow-up
    3
    ·
    1 year ago

    I’m new to the field (I’ll start masters in Sept). What all topics should I focus on to improve my resume? My previous exposure to the field is 1 ctf competition that’s all.

    • shellsharks@infosec.pubOPM
      link
      fedilink
      English
      arrow-up
      4
      ·
      1 year ago

      Having a CTF on your resume and being able to speak to that experience is great imo. Early-career is always a bit difficult for resumes since you wanna beef it up but you don’t want to fill it with things that don’t matter. CTFs, trainings, content you’ve created (blog, podcast, write-ups, GitHub), etc… are all great things to put on there imo. If you have any coding projects or cloud experience (easy enough to get) you can put that on there too. Will you be looking to get a job while pursuing your masters?

      • iamak@infosec.pub
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        I’ll go for something like a TA maybe. I have some job experience already (sde, not cybersec) so idk if it counts.

        things that don’t matter

        Can you give some examples so that I can avoid that

        • shellsharks@infosec.pubOPM
          link
          fedilink
          English
          arrow-up
          3
          ·
          1 year ago

          Mostly non-tech experience. This is subjective and will vary hiring team to hiring team but in this field I have always glossed over any non-tech things on a resume. There’s so much opportunity for people to learn and get involved with IT/security that there’s no excuse to not just focus on those competencies on the resume. Just my opinion.

          • iamak@infosec.pub
            link
            fedilink
            English
            arrow-up
            2
            ·
            1 year ago

            Okay. So my experience as a software developer while not the main thing being judged will still be relevant?

                • shellsharks@infosec.pubOPM
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  ·
                  1 year ago

                  Kinda depends what you want to get into. If you’ve let to land your first security job maybe something like Sec+ to help get your foot in the door. If you know what discipline you want to get into (appsec, endpoint-sec, etc…) this could help further filter down what cert/training might be best to shoot for. Do you know what you think you want to do?

                  • iamak@infosec.pub
                    link
                    fedilink
                    English
                    arrow-up
                    1
                    ·
                    1 year ago

                    I was thinking Network Security. But I’m not sure about it. Sec+ will help me decide that?