This article explains the most effective process we’ve seen for building a winning entry-level cybersecurity resume. On a related note, we also cover our master list of cybersecurity interview questions and answers and our tips for cybersecurity interview success in these articles. Good luck!
When many of us start our cybersecurity careers, we focus so much on the certifications we’re trying to earn and the education we’re acquiring that we sometimes forget to focus on our resumes, and how well they represent our new skills to potential employers. Resumes are a challenge because there are is no textbook “right” way to write a resume, and employers will never give you honest feedback on your resume and why they didn’t hire you. The best resume is the one that gets you hired, and I have developed a resume template that has resulted in dozens of my students getting hired into a technical job very quickly.
So how do you write an entry level cyber-security resume? Your entry level cybersecurity resume should contain seven sections:
Ready to Start Your Cybersecurity Career?
If you're serious about starting your cybersecurity career, enroll in my FREE 5-part series "Strategies for New Cyber Careers". These strategies can help you determine your best path forward. I'll also send you my weekly cyber career newsletter with resources that every cyber professional needs to know.
- Contact Information
- Summary/Professional Skills
- Professional Experience
- Related Volunteer Experience
- Professional Associations
By having these seven sections and building qualifications in each area, your chances of landing an entry level cybersecurity or information technology job are very, very good.
Let’s take a look at this approach to resume writing and how to complete each of these seven sections.
Section #1: Appropriate Contact Information
It should go without saying, but even your contact information at the top of your resume is important and needs to be properly formatted and effective. When creating your contact information section, just simply center your information and avoid any overly large font sizes or unusual or hard-to-read fonts.
Be sure to list your name in the first line so that human resource databases can file and retrieve your resume by name easily, and follow that with your address, phone number and email address. If you feel your address location will harm your job search efforts, you can remove your address, but be sure to still include your email address and phone number. If you have an unsavory email address, or anything that may be seen as unprofessional, such as firstname.lastname@example.org or email@example.com, go get a free gmail account and make the account based on your name. In fact, if you’re using an older email service, such as aol.com, yahoo.com, or hotmail.com, you probably should create a gmail account anyway, because it just looks better.
Lastly, you should include a link to your LinkedIn profile, and be sure that your profile is updated and matches your resume. Also be sure that your LinkedIn profile has a professional photo of you.
Section #2: Summary/Professional Skills
Some people refer to the first section as an objective, and some people have both an objective and a summary on their resume. Our goal as entry level cybersecurity job seekers is to keep our resume as close to one side of one page as possible, so we don’t want to waste any space with things that are unnecessary or that don’t help us in our goal of getting a cybersecurity job.
An objective is often unnecessary because employers know your objective already – to get the job you’ve applied for. Because of this, we want to use this section to focus on our important skills, so I recommend you do three things here:
- List any soft skills you’ve obtained, such as management, customer service, sales, project management or military experience, if applicable.
- List out your technical skills and knowledge by going through the labs you have completed in your coursework and the topics you have learned.
- Do NOT list things that are not provable and that everyone would say about themselves, like “hard worker”, “quick learner” or “dedicated.” These are ineffective and a waste of space.
Here’s a basic example:
Cybersecurity professional with two years of customer service experience. Experience or familiarity with the following technologies:
- Computer Repair: Replacement of hard drives, RAM and expansion cards.
- Networking: Basic configuration of routers and switches. Understanding of DNS, DHCP and RIP.
- Security: Experience with switch port security and port scanners.
This is just a short example, so make sure you’re thorough with your list of technology skills. Also notice that I added in qualities where possible, such as the “two years of customer experience.” Quantities are always helpful on your resume whenever you can use them to show volume. In this section, you want to make sure you list what you know and also explain accurately whether you have experience with something, familiarity with something, or just an understanding of something.
Section #3: Education
Now it’s time to list your education, which we want to list before experience, unless your related work experience is strong. List your current educational program first and work backwards. List all college experience, and list any GPAs higher than 3.0, as well as any related accomplishments such as “dean’s list”.
If you have college or technical training experience (which you should), you don’t need to list high school experience unless it was recent and you had a very high GPA or some other amazing accomplishments, or you were in a technical high school program. The problem with listing high school is that it’s an easy way for an employer to determine your age, which we want to avoid. Here’s an example of education:
North-South Community College, 2019 – Present
- GPA: 3.2/4.0
- Dean’s List
- Member, Cybersecurity Student Club
You could also say a line like “completed coursework in…” if you wanted, but your summary should really be listing the skills you’ve learned, so we want to be careful to not list these things twice.
Don’t have college experience? Go sign up now. If you’re serious about entering the field of cybersecurity, you’ll need to be in a state of constant education attainment. Your resume needs to show employers that you are actively learning right now, and the best way to do that is to show them that you’re enrolled in college or a technical school. f you’re not enrolled, now might be the time to get off the fence and get serious about starting your cyber-security career.
Section #4: Certifications
List any related certifications in this next section after education. Certifications are important because they show employers you have a strong level of knowledge in a given area and you’ve gone the extra step to prove it. If you don’t have certifications yet, you should seriously consider pursuing them. Check out my other posts on certifications and the best certification path for beginners. If you do have certifications, just list them with a bullet point list, like this:
- CompTIA A+
- CompTIA Security+
Don’t list expired certifications or certifications you’re intending to get, unless you’ll be sitting for them in the next 3 – 4 weeks.
Section #5: Professional Experience
Notice that I called this section Professional Experience and not just Experience. In this section, we want to focus on any paid work or internship experience that is related to a technical field. You don’t need to list non-technical jobs or manual labor jobs from years ago unless they specifically tie to the non-technical but valuable skills we listed in the Summary section above, such as management, sales, or customer service. You should list your current employer, technical or not, just to show that you’re working, employable and not sitting at home.
Use the same formatting (font, bold, italics, alignment, etc.) you used in your education section to show the employer names, locations, dates and so on. That way both sections look similar and the whole resume is more readable. After each position, list a few bullet points that outline what you did. Do not start any bullet point with “Responsible for”, because being responsible for something doesn’t mean you did it. List quantities where you can. Start each bullet point with a verb. Here are some examples:
- Managed 20 Windows-based servers that supported over 500 employees.
- Installed Microsoft Windows updates on 50+ computers.
- Provided dedicated help desk support for 6 office staff and 3 executives.
Section #6: Related Volunteer Experience
Related volunteer experience is a great way to build a resume, and a secret weapon in getting our first technical job. Seek out a local nonprofit, church or other facility that has computer needs but does not have technical support, and offer them your help. You could volunteer to update computers at a synagogue, teach computer skills at a Boys & Girls Club, or provide basic computer help to non-profit employees. These organizations all have computer systems that they use, but in most cases cannot afford technical support on site.
Volunteering in this way helps to build your experience and makes you look like a good person and good citizen. Employers will notice this volunteer experience because almost all other applicants don’t have it. And it serves as a good start if you don’t have paid experience yet. Format your related volunteer experience in the same style as your work experience and education, and list what you did in bullet points.
Section #7: Professional Associations
Get involved and participate in local professional organizations and student clubs. Almost all towns have a chamber of commerce or professional technology association. Many will offer student rates which are cheaper than regular membership rates. Membership and participation in these types of organizations show employers you are serious about your career, passionate about cybersecurity, and puts you face to face with business people and employers that can hire you or refer you to available jobs. Here are a few examples:
- Member, BoringTown Chamber of Commerce
- Member, BoringTown Technology Council
- Member, North-South Community College Cybersecurity Club
- Member, Phi Phi Phi Honors Society
- Capture the Flag team member
You may be in a situation where several of your sections listed above are empty. The sections on certifications, related volunteer experience, and professional associations are specifically listed because they show an employer that you’re willing to go above and beyond just school and work. These three sections show the dedication to cybersecurity that employers want, and that separates you from every other applicant and college graduate resume they come across. Your dedication to these three sections will help you get your career started sooner, build your career faster, and get you paid more money. If you don’t have experience in those sections, I highly recommend you start on your path to building them. Having a balance of all six qualification sections is the key to landing your first cyber-security related job.
Best of luck!
Should I pay a resume service for resume help? Many resume services charge $200 to $300 to write and format your resume. A better use of that money may be to invest in a certification exam or professional association membership fee.
I’ve formatted my resume but am still not getting interviews. What should I do? A properly formatted resume, as we’ve described above, is still just a piece of paper. Most people will still get jobs from networking and who they know. People hire who they know and who they like. Fortunately, you’ve identified professional associations in your resume, and a great way to land your first cybersecurity job is to meet people through those professional associations and show them your skill set with your new resume.