Managing Your Career and Job Search

Posted by Bob Wheeler

Presentation given at BSides Augusta.

It’s important to know how the hiring process works. Every community is different and the hiring process will vary, but understanding certain elements will benefit your job search. We will address how to build a network, write a resume, handle an interview, and the benefit of attending job fairs.

Current Landscape

Understand your place in the landscape. It’s said there is 0% unemployment in the infosec industry. But still, being an infosec job seeker isn’t easy. It’s important not just to be smart, but to understand job market as well.

US based respondents listed the following skills scarce:

  • Software development (77%)
  • Intrusion Detection (74%)
  • Attack mitigation (74%)
  • Communication skills (70%)
  • Fluency in Programming Language (64%)
  • Ability to collaborate with team (56%)
  • Ability to manage team (55%)

If you have these skills, you need to be talking about them. You want to find out more about what’s going on at the companies that need these skills.

Know the Market

The share of job seeker interest in Chief Information Security Officer (CISO) positions in the US is more than double the share of employer demand for the position.

However this doesn’t mean that there is a vast pool of highly qualified but chronically underemployed CISOs in the US. More likely, there is a great deal of interest in these positions due to their high salaries and high prestige.

You need to understand the hiring process and trust it. Use momentum to maximize effectiveness. Understand how the machine is operating. Don’t bang your head against the wall by applying for positions that don’t match your qualifications.

Who’s Who in the Zoo and What Do They Do

Hiring Manager

The person who is doing the business, running the team. Their real job is to accomplish the work, but they are looking for someone to fill an open position. They pass their needs on to the recruiter.


The person who goes out looking for the right candidate to fill the job.


Spends their time running through the internet/job sites looking for people who might have the qualifications, sifting thru keywords. Then they pass along the information they’ve gathered to the recruiter.

Each Job/Process Is Unique

A recruiter could be looking to fill fifteen jobs for three different hiring managers. That could be one reason why recruiters don’t always work as fast you want them to. Many times internal communication breaks down. Some hiring managers are better at this process than others, but if doesn’t necessarily reflect on how they do their job. The recruiting part can be different.

Understanding can help you manage the process.

Preferred Source of Hires

Internal Promotions (#1 way).

Internal Referrals.

People They Find

  • Resumes from job boards
  • People at job fairs
  • Professional conferences

People Who Find Them

  • Applications through website – this is maybe 10% of what a job seeker should be doing

Networking Is Not Just Talking to Lots of People

Don’t wait to network until you are out of the service or out of college. Best put, networking is marinating in your profession. Always be engaged.

Networking is:

  • Professional development
  • Teaching others
  • Accepting help from others
  • Volunteering
  • Asking questions
  • Being engaged
  • Being curious

It’s not what you know, it’s who you know.

  • And who knows you
  • And how well they know you and remember you

Social Media – Twitter, Linked In, Facebook

  • Follow companies
  • Follow events
  • Follow people

Be active on these platforms now. Make yourself aware of the industry and companies. Don’t wait until you plunge into a full-on job search to get up and running on social media.

Niche Job Boards/Niche Job Fairs

Job Boards

  • Used as sourcing tool (find the skills and the clearance)
  • Searching for resumes is the primary feature for recruiters
  • Based on keywords (helps recruiters to be more effective in their search)

Job Fairs

  • Typically looking to hire now
  • Excellent place to learn more about specific jobs
  • Operational people (hiring managers!) frequently attend

How Job Fairs Work

Job fairs will list companies who are going to be represented but also what jobs they are looking to fill. So when you are planning to attend a job fair look at the opportunities available. If you see a position that looks like a good fit for you, do some research on that company before you attend the job fair. Then when you walk up to the company rep at the job fair you can speak to your qualifications, ask specific questions about the company, and present yourself as a strong candidate.


  • They don’t get jobs, they get interviews.
  • Don’t tell your life story.
  • Focus on the job.

If you know a company is looking for a specific position, scale down your resume to talk about the stuff the hiring manager will care about. Too much information on non-required qualifications can confuse a recruiter and muddle your strengths.

You may have done some amazing things and it will hurt your soul not to talk about it, but it doesn’t belong on a targeted resume if it’s not relevant. Recruiters want to know that you can do the job.

Resume Tips

  • Focus resume on a single job when applying.
  • List key skills and certs right up front.
  • “Responsible for” is not an accomplishment.
  • Tell the story of what you did, what tools you used, and the result.

Common thought is that a recruiter will look at a resume and draw a conclusion on fit in six seconds or less — that’s why key information front and center is necessary. If you don’t have the appropriate experience for a position, then don’t try to bluff your way in. Target your search to appropriate opportunities. If you’re just out of college, look for entry level positions.

  • Distill your skills vs. dilute.
  • One or two pages when focused on a single job/position.
  • May be a bit longer for a job board or job fair use.

If a recruiter responds to a general or networking version of your resume and has a specific position available, tell the recruiter you will send a new resume that is written to highlight the qualifications for that specific position.

  • Education on bottom if you have the experience.
  • No need to list references.
  • Cover letters are only useful if they have a purpose.

Lead with your experience. If you’re right out of college and your education is the best qualification you have to offer, then it can be placed at the top of your resume. But if you have appropriate experience, the education details go at the bottom.

All recruiters and hiring managers have different opinions on cover letters, but think of them as a way to convey purposeful information that’s not covered in your resume. For example, if you are applying for a job in a new city, explain why. Otherwise the recruiter might not understand why someone in Georgia is applying for a job in Oregon. Another good reason for a cover letter is to explain that you are interested in switching industries or wanting to transfer skills to a new role. Or if it’s a requirement to apply for the job.

Interview Tips

  • Keep it real.
  • Focus on the job.
  • Ask questions.
  • Follow up.

Always follow up after the interview. Send a note to everyone you spoke with. Tell them your impressions and how your qualifications are a fit. It’s very important to tell them you want the job.

You Got the Job, Now What?

Don’t stop networking. Keep building and maintaining your network. You never know when your job environment might change. Keep in touch with the industry. Your company might ask you to refer someone for a position and they will give you a $1,000 bonus. Being knowledgeable pays off.

You can watch the video of this presentation at BSides Augusta, here:


This entry was posted on Friday, September 29, 2017 11:07 am

Leave a Reply

Your email address will not be published. Required fields are marked *

Notify me of updates to this conversation