Intelligent Connections. Recruiting Integrity.
Call Us: 415-510-2973

Archive for the Blog Category

A Recruiter Comes Clean: If Your Résumé Misses These Four Points, I May Not Even Look at It

This blog originally appeared here and is republished with permission.

Your résumé is your agent, your professional avatar in the job market, but if it doesn’t follow these resume tips, it may not make it past a recruiter’s first review. Like everyone else, recruiters’ tactics and tools are geared for efficiency. If you know how things work, you can optimize your résumé to maximize your chances.

  1. The Ten-Second Rule

If you are lucky, that’s about how much time your résumé has to catch a recruiter’s attention; however, if I spot a few key things, I’ll spend more time with it and look deeper.

I do like to see a précis of what you offer, right at the top of the résumé. “Précis” is the perfect word. Think of it as a tweet and keep it under 500 characters. An added bonus is that this is a good place to list some key skills that may not be mentioned elsewhere in your résumé.

Here’s an example:

“Results-oriented professional with 10 years of experience leading successful cross-functional teams in critical IT operations. Track record of success developing and implementing innovative solutions and efficiencies. Senior level champion of change with the people skills to gain consensus and buy-in on new processes. Proven ability to build and lead high performance teams to achieve and exceed goals.”

  1. Help the Search Engines Help You

Recruiters use search engines extensively, and optimizing your résumé will help it climb to the top of the search results. Marketing uses search engine optimization (SEO) and you’re marketing yourself, right? Under your précis, put a list of terms that characterize your talents and experience. If your terms match those I’m using to find candidates, chances are good that I’ll be looking at your résumé. Repeating key terms is good, as long as it doesn’t become obviously repetitive. In this example, for a sales professional, “sales” appears four times.

Consultative Sales · Account Management · B2B Sales · Negotiations · Relationship Management · International Business · Enterprise Sales · Networking · Prospecting · Pipeline Management · Leading Sales Teams · Salesforce.com 

  1. Leave the Fancy Stuff to Iggy Azalea

When I download your résumé into my applicant tracking system (ATS), a machine scans it in. If the formatting is too complex, it can work against you. For example, please do not capitalize your name, and it may look good to put spaces between each letter (such as “D U N C A N   T A Y L O R”), but the ATS is unlikely to scan it correctly. Columns and text boxes are not database-friendly, either. Your résumé can still be attractive without the window dressing.

  1. “Don’t Mistake Activity with Achievement”

That’s excellent advice from record-setting coach John Wooden. Titles, education and training are all great, but nothing out-classes accomplishments. For each company you list, provide a brief summary of the company’s mission and size to set the context. Follow that with a sentence or two about your key responsibilities. Now the meaty part: list three to six key accomplishments — goals you achieved or exceeded.

Include real numbers rather than percentages to help me assess the level of responsibility you’ve held. “Increased revenue by $50,000” is more insightful than, “increased revenue by 20%.” Other helpful numbers: the size of the team you led, the extent of the budget you managed, the revenue targets for which you were responsible.

  1. Free Bonus tips

  • Keep your résumé to two pages. No recruiter will read past that.
  • Put your education at the bottom, unless it’s directly relevant to the position you seek, such as a degree in Mechanical Engineering or an MBA.
  • Some recommend that you “tailor” your résumé to each application. However, be careful about over-customizing it if you want the company to consider you for other positions.
  • Make sure that you have a full LinkedIn profile with dates and information that matches your resume, we do cross reference.
  • This should go without saying, but you might be surprised at how many résumés have typos. Real example: “Attention to detale.” Proofread it yourself and then ask a friend to proofread it.

In short, to set your résumé up for success, simplify and streamline the formatting, and let your accomplishments speak for themselves . . . but make sure the language is clear and succinct.

By Duncan Taylor, Senior Recruiter,  Decision Toolbox
With Tom Brennan, Master Writer, Decision Toolbox

Skills in demand: Information Security Architects

An Overview of the Role of Information Security Architects

Information Security Architects are the backbone of the design and strategy for strong information security organizations. While they can be focused in specific areas like application security or infrastructure security within very large companies, they often oversee the overall security strategy and determine delivery and implementation of security solutions. This is not only a subject matter expert with strong knowledge of many facets of information security programs, it is also a highly visible role within leadership and will often report directly into the CISO or CIO.

What it takes

Security architects often rise out of hands on engineering positions which gives them in-depth knowledge of implementation and configuration of security tools and best practices. The ability to utilize hands-on technical knowledge and translate that information into long-term security strategy is critical, as is the ability to collaborate and communicate effectively with senior leadership.

Compensation

Base compensation can range from $120K to $175K, often with additional incentives. Independent contract rates can be higher.

– Domini Clark, principal, Blackmere Consulting; founder and director of strategy, InfoSecConnect.com.

This was originally published in the March 2016 Issue of SCMagazine

Malware Evolution and the Cyber Talent Gap

InfoSec Connect founder Domini Clark contributed a feature article to the April 2016 edition of the Information Systems Security Association (ISSA) Journal.

In “Malware Evolution and the Cyber Talent Gap,” Domini delves into:

  • The origination and evolution of malware
  • The cost of malware breaches
  • The cost of attempted malware containment
  • Projections for the demand growth in the global cyber workforce
  • The current and future talent gap for cyber professionals
  • The impact on cyber salaries and the top five IT security salaries
  • The impact on women in cybersecurity
  • Tips for those considering a career in cybersecurity

To read the article, check out the PDF here.

This article by InfoSec Connect Founder Domini Clark originally appeared in the April 2016 ISSA Journal.  A PDF of the article is linked here with permission.

Skills in demand: Security engineer, identity management

An Overview of the Role of Security engineer, identity management

Understanding who your users are and what, exactly, they have access to within your system is critical for any enterprise. Identity and access management (IAM) engineers must have a strong understanding of the complex work flow within a system. In these roles, business acumen is just as important as technical acumen due to the interrelationship between the technology, business needs and overall corporate policy. This is a subject matter expert with strong knowledge of IT systems architecture, web security, identity and access management, public key infrastructure (PKI), single sign on (SSO), federating identity to cloud services as well as threats and vulnerabilities.

What it takes

Solid experience in configuration, administration and troubleshooting IAM technologies along with strong communication skills and the ability to work with internal and external customers. These roles often have a strong strategic component due to the ever changing tools, corporate policies and industry specific regulations.

Compensation

Base compensation can range from $120K to $175K, often with additional incentives. Independent contract rates can be higher.

– Domini Clark, principal, Blackmere Consulting; founder and director of strategy, InfoSecConnect.com.

This was originally published in the October 2015 Issue of SCMagazine

 

Skills in Demand: Incident Response Manager

An Overview of the Role of Incident Response Manager

Cybersecurity incidents are on the rise around the world and the need for experienced incident response professionals is outstripping the available supply of talent. The incident response manager role is responsible for managing high-impact incidents on a large, often global, scale. Responsibilities include developing IT security incident response process, collaborating with key stakeholders and finding unique security solutions for critical vulnerabilities. This is a technical expert, an intelligence expert and someone who has the ability to influence immediate change within an organization in the midst of high pressure situations. Read more

Skills in demand: Pen Tester

Recent breaches have highlighted the need for talented pen-tester technologists with the ability to assess vulnerabilities long before they are under attack.

Read more

Standing Out and Fitting in at DefCon

DefCon is a crazy and unique experience and, admittedly, it’s not extremely welcoming to the outsider.  The Vegas regulars whisper about all of the hackers as if they’d just walked into a band of terrorists and in one day, the inside of the Paris hotel turns from a sampling of middle America into a sea of black t-shirts, mohawks and tattoos.

To be honest, my first DefCon a few years ago was super intimidating.  I was new-ish to the industry and feeling the pressure of being the least knowledgeable person in a room of BRILLIANT people.  This year, several DefCons in, I had a notably different experience:  I was overwhelmed by an incredible sense of inclusion and community. This is my tribe.

Just to paint the picture since most of you haven’t met me already, I’m a corn-fed, mid-western girl who sort of hovers in some strange space between preppie and hippie – I’ve never even gotten a tattoo.  I’m not your typical DefCon attendee and my mainstream vibe sticks out like a sore thumb in certain circles.  In fact, my first mentor told me that no one would talk to me at DefCon if I dressed so much like a corporate mom.

Fast forward several years later to a personally challenging year which has changed my world view dramatically. Instead of donning my black shirt and pulling my hair back in a tight ponytail so that I fit in better, I decided to go au natural.  Not the way you’re thinking – get your mind out of the gutter.  Instead, the first morning, I pulled on my navy capris and corporate mom top and headed out the door with a smile.

The strangest things happened.  As I started talking to people I would have been intimidated to approach five years ago, people smiled and talked back! It soon became clear that Defcon is like everything else.  Most of us are a little self-conscious about what we don’t know and whether we’re fitting in – even when we’re amongst a group of professed individualists!  The more I shared my authentic, if not traditional DefCon self, the more fun I had.  I was open about what I don’t know, confident about what I do know, and others were far more comfortable creating a true connection with me in return.

Through all of the incredible technical talks, challenges, networking events, and crazy parties, the best thing I learned this year is that we are one.  We are one community coming together to solve some of the world’s most challenging problems.  We all bring our different talents, styles and ideas to the table in one hot soup of messy humans.  That is what DefCon is to me and I can’t wait for next year!!

Skills in demand: Information security analyst

Overview of the Information Security Analyst

As global organizations work to stay ahead of cyber attacks, they require information security analysts to help steer them through risk assessment, vulnerability assessment and defense planning. The role of information security analyst is growing and can provide a strong path for upward mobility.

Read more

Cyber Candidates Say: You Snooze, You Lose!!

Increase Your Success Rate of Hiring Infosec Candidates

Okay, we all get it, it’s a tight labor market and information security and the demand for infosec talent is far outstripping the supply of information security professionals available.  This is causing a huge shift in mindset for many HR departments round the globe.  No longer can you run a candidate through 5 interviews over 2 months and expect them to be sitting on the sidelines patiently waiting for you to make a decision.

Smart companies are making BIG changes.  After losing top tier candidates to competitors, one company decided to speed up the process and take more risks in order to hire more, better candidates.  What had been at least a three-month interview process with a consensus hiring posture involving four different Directors, has become a two-week process from interview to offer.

In this case, one Director is in charge of the process and the timing is closely monitored by the CEO, who is deeply invested in making hiring work.  Once a candidate is presented to the Director, the clock starts.  Initial interviews are held within days, an onsite interview is scheduled for the next week and the offer is prepared and available for delivery at the time of the second interview with the hope that there is mutual interest.

Here is the skinny on what makes this work:

  • Executive buy-in (this cannot be stressed enough)
  • Flexibility in HR process
  • Risk tolerance
  • Team participation
  • Candidates are prepped for a swift hiring decision
  • Firing decisions with “bad hires” are handled swiftly

Without all pieces in place, this process does not work.  Leadership MUST take the lead in a cultural/process shift of this nature.  Everyone in the organization must know that the risk of losing top tier talent is far more caustic than the possibility of a making a bad hire. Most of us have policies in place that afford us the ability to remove bad hires from our organizations, yet we are loathe to utilize them.

Take a risk.  Your competition is starting to get the hint and you might get left behind!

Hiring in information security

In this tough information security market, many organizations make the mistake of approaching talent the same way they approach all other organizational hiring. The truth is, you can’t hire quality information security talent the same way you hire customer service reps. If you just run an ad pulled from the job description HR gave you, don’t be surprised when the top talent you’re searching for is not interested.

Read more