Search for advice on writing a CV and one of the first things you will read is that it should be no more than two pages long. The last thing a hiring manager wants to do is read through reams of paper detailing your every project and anything else you’ve ever done or thought about doing in your life; brevity is encouraged, you must engage your reader to keep their attention.
Much of this advice is good. CVs should be succinct, on-topic, and objective. Follow the old mantras about CV writing down to the line though and you are left with a document that will look pretty uploaded on your favourite job boards, but will often see you overlooked for roles for which you are perfectly suitable. A CV is no longer a record of your most worthwhile achievements; it is now a digital resource, a way of indexing your experience.
Ask most jobseekers what they do with their CV once they have finished writing it, and I doubt many will tell you that they print it off, read the advertising section of the newspaper, and then start sending out copies in the post. Typically you will upload it to your favourite job board or send it across to a trusted recruiter. That’s the hard part done, you’ve ‘got yourself out there’, now it’s just a waiting game until the right role comes along, right?
Wrong. Too many candidates fail to consider how life is on the other side of the fence, how we engage with their CVs. This is particularly true when recruiting information security and risk management professionals, who can have very niche skills and responsibilities. So here it is…
Whether it be sat on Monster.co.uk or a recruitment database, it is important to consider how it is accessed. I can tell you that if I know you as a information security candidate, I might search for you by name, but otherwise your suitability for the roles I am working on depends completely on your CV’s ability to match my search. Any recruiter with a little training will understand Boolean search strings, and now in order to ensure you are considered for the most relevant jobs, candidates must too.
CV writing should now be seen as SEO. Consider the meta keywords that will bring you up in the searches for the roles you’re interested in and consider the search hits that will display your profile above your competition. It’s also important to understand the value of your skills, too often I learn about a candidate’s experience with an in-demand technology only when I have invested the time to speak to them. All recruiters know those calls when a candidate will phone in and enquire as to why they haven’t been contacted about a role for which they believe they are perfect, considering the above, the reason for this becomes quickly apparent.
CVs aren’t telling us enough. For example, a candidate might simply mention ‘security monitoring’ in one of their roles, when actually they have good knowledge of IDS, IPS, and SIEM systems – which are highly sought at the moment as they tick a few of the required boxes for PCI compliance. Or what about the information risk hot topic of the day, application security, expertise in this area can see some candidates command impressive increases in their salary. Whilst ‘application security expert A’ gets his pay rise, ‘expert B’ is failing to get interviews. I bet you know by now which candidate has written their CV with search terms in mind, who has discussed their experience in a way that makes it clear what they have been doing, and who details their specialisation most effectively.
Ultimately, your hiring manager or recruiter only knows what you tell them, and your CV is your primary form of communication. Your job search may end up a success but think about the exciting opportunities you might have missed out on due to an inability to consider what happens to your CV once it leaves your hard drive. Whilst a strong understanding of the market is going to help, overcoming this is relatively easy – technical skill profiles or project overviews are certainly one way to progress yourself up the search results, particularly in product heavy roles such as IT security engineering. For some, particularly technical security contractors, you might consider writing a version of your CV that is considerably longer than you would normally like, with a simple disclaimer that it is a keyword-optimised document. Another useful measure to take when uploading your CV to a job board is to utilise ‘personal summary’ or ‘about me’ sections to search optimise your profile.
It’s time to stop thinking about how your CV looks, but rather how people will find it.
– Ryan Farmer