Enhance Your IT Security Resume in 7 Steps
Existing for many years as a side project of systems administration, IT security has finally graduated into its own specialization. The outlook for security professionals has never looked better, however, the competition for positions has intensified.
The interviews will go to those who can impress potential employers with an up-to-date skill set and credentials. There are a number of ways a diligent security pro can emphasize their security skills, ensuring their resume ends up in the "To Interview" stack.
1. Brush Up On Compliance Requirements
In recent years, compliance has become an IT security necessity. PCI, HIPAA, and SOX all have their own requirements, and staying safely out of the compliance spotlight has become a major goal of all companies.
To get up to speed on the challenges and requirements of compliance, you could train for a certification as a Compliance and Ethics Professional (CCEP). While not necessarily a technical certification, the training for this cert can prepare you to implement the necessary technical procedures to ensure the highest level of information privacy. Potential employers will be highly impressed by your show of dedication to this issue.
2. Practice Securing the Cloud
Most organizations will be looking for a security pro who can implement a defensible security perimeter in the cloud. Yesterday's security skills are inadequate for the challenge of securing a computing environment that is, by its very nature, global and shared.
As a Certified Cloud Security Professional (CCSP), you can demonstrate your mastery of security best practices in both Azure and AWS environments. Please note this is an advanced cert, so here's some advice for working your way up toward the CCSP.
3. Develop a Risk Assessment Strategy
No company wants to learn about their vulnerabilities from an actual attack. It's important for IT security pros to be able to define and execute a comprehensive risk-threat testing process. If you lack experience with risk-threat assessment and mitigation, training to become a white hat hacker will quickly bring you up to speed on how to execute and evaluate a full security scan of a company's systems. It's also a good idea to build experience with threat audit and vulnerability scanning software.
4. Define Mobile and BYOD Policies
As employees increasingly use their personal devices to do their work, IT security must meet the challenge of protecting the exchange of data, whether at the office or on the go. Employers want to know that you have the capacity to
1. Implement and enforce policies regarding the types of devices that may be used.
2. Determine specific software packages, protocols, and encryption levels that are allowed to connect through your Intranet.
3. Train employees to install and maintain any required security software on their devices.
Completing a BYOD training course will help demonstrate your focus on this critical security issue. A number of policy templates are available online for study, as well.
5. Fill Your Security Toolbox
Employers want to know that you can identify appropriate utilities to help manage and automate many of the common IT security tasks. Round out your list of technical skills by developing a working knowledge of the most popular security apps, such as:
1. Nessus and Whisker: Provide comprehensive audits and risk assessments with minimal setup.
2. Wireshark: Analyzes live or captured network traffic with support for hundreds of protocols.
3. Snort: Automatically monitors the network for intrusions and sends alerts when there is a breach.
Sectools.org provides a listing of both free and commercial security utilities. Be sure to stack the technical skills section of your resume with a handful of the best options.
6. Earn Your Security+ and CISSP Certifications
These certs serve as a broad introduction to IT security principles. All HR managers will be looking for the CompTIA Security+ and/or (ISC)2 CISSP certs on any security resume. The training required for both certs is similar, although most pros agree that the CISSP requires more hands-on experience so that you develop a deeper understanding of security principles.
Consider watching CompTIA Security+ training. CBT Nuggets trainer Keith Barker's course covers everything you need to pass your exam with ease and add this important credential to your resume. And if you have five or more years of experience in IT security, you can add the CISSP cert to your resume with the (ISC)2 CISSP 2015 training course.
If you are interested in learning more about other IT security certifications to build your resume, you can explore our Unlocking Your IT Security Career Pathway post.
7. Hone Your Soft Skills
The best IT security pros know that project management and end-user training skills both help to ensure that security best practices are being implemented and adhered to by all parties. Be sure your resume can point to some PM expertise. Or complete the Project Management for the Real World training and add this important bullet point to your resume.
Employers are interested in IT security pros who stay up-to-date and have the ability to take on a wide range of related projects such as compliance and user training. Armed with these seven resume-enhancing skills, you can have confidence that you will stand out as someone who can be counted on to remain at the forefront of IT security innovation.