Careers in Cyber Security - CV Advice

I manage the Cyber Recruitment team here at Outsource, so review cvs every day from candidates of all levels – from Grads looking for their first roles to experienced Pen Testers, Cyber Security Architects, Project Managers and CISOs. I regularly get asked what makes a good cv, or for help reviewing a cv, particularly for candidates looking for their first role after uni, or who want to cross train to Cyber.

I can imagine for anyone writing a CV after a long period of employment it is a daunting prospect – where on earth do you start? For others, it may be that your CV is not getting you the interviews that you deserve, and it may be time for an update, or you may be looking for your first commercial opportunity.

So, here are my top tips for writing an effective CV.

Always start with an appealing personal profile
This should be the first thing that the reader sees. Summarise your experience, and what you are now looking for from your next role. If you are applying for different roles, you can tailor this every time to the job. For example if the spec is asking for a Project Manager with experience of SIEM implementations, and this is what you have done – make sure this is in here. If all of your experience has been within corporate organisations or within a certain industry, put this in here. Don’t be afraid to list your career aspirations. If you are a Senior SOC Analyst with six years’ experience with Arcsight who is looking to make the next step into a Team Leader role, then put this here. (And if this is you – please contact us as we have permanent roles!)

Think about the terminology and phrases to use 
Have a look at the job adverts that you are currently looking at. What phrases and terminology are being used? For example, if you have spent 10 years as an Ethical Hacker, you may find that you are applying for Check Team Leader or Pen Tester roles. Make sure you refer to your skills in Ethical hacking as well as Penetration Testing and finding and exploiting vulnerabilities in your CV to ensure that when recruiters (both in-house recruiters for clients and recruitment agents) can find your CV when they are searching on job boards for your details.

Use career history to show achievements and what makes you different 
Start with your current role first in your Career History section. Think – how would I describe to my partner what I do? Every Security Consultant does the same role day to day. What makes you different are the specifics, for example:

• What projects am I working on? What will this achieve i.e. looking for vulnerabilities within hardware, software, modem ports, preparing for compliance / GDPR etc  
• What technologies am I working with every day? Are these SIEM tools, Forensics, Pen Test tools etc.
• What am I trying to achieve – i.e. is this a compliance project, assurance, securing software or technology, responding to threats

• What are the timescales? Was the project on time?
• If applicable, am I managing a specific budget / a team? Again, give details – i.e. managing a budget of £1 million and a team of 12 Cyber Security Analysts, 3 Vulnerability Researchers and a Security Architect. It is these specifics that make you stand out.
• Am I interacting with other departments or 3rd party suppliers? If so, name these i.e. managing the 3rd party pen testers (NCC) or Working closely with the security architecture team to assure new applications.
• If you were working on multiple projects with conflicting deadlines – put this in. Lots of retail and ecommerce organisations like candidates to have worked in a similar environment.

For the past five years career history do the same, then for anything older than five years you don’t need to put as much detail- maybe a paragraph of the work that you have done. Anything over 10 years you can just put the dates, company and career history.

Keep education / qualifications brief and relevant
List any technical qualifications that are relevant. If you have over 10 years’ commercial experience you don’t need any older qualifications than your degree (if applicable), although for a graduate role do put your full education history.

Be specific with contact details
Don’t forget your phone number!! And feel free to put if you can only take calls after 5pm, or you prefer a text message or email first. Good recruiters will call you after 6pm or over a weekend if this is what you need.

Keep your CV to an appropriate length
If you are a graduate, don’t worry if your CV is only 1-2 pages. If you have over 20 years in the industry, we know you can’t keep you CV to two pages – It isn’t possible. 3-5 pages is perfectly fine so don’t try and cram it all in to a few pages and do yourself a disservice. 

Use the correct file format
Save your CV as a Word document as some agency databases won’t accept PDF. Make sure that the entire font is the same throughout your CV and make sure you spell check your CV thoroughly.

I hope you’ve found this helpful, and do feel free to Download our CV Template here

Do have a look at our website, and see who regularly recruits for the types of roles you are looking for, to see who you should email your CV to.

If you are looking for work in the cyber space, feel free to email my team on and our recruiters here will give you a call about roles.