Cybersecurity Skills to Include on a Resume

"How do I get experience without a job?" This is the million-dollar question that pops up on my feed more times than I can count and it is one that I asked myself when I was first trying to get a job in #cybersecurity. The usual answer is "Build a home lab and put it on your resume." Looking on here you may think "Everyone has one, there is no way that is going to help me stand out..." You would be mistaken my friend! Not everyone has a home lab. I have gotten to speak to numerous people who are either looking to break into the industry or are already in the industry but do not have a home lab whatsoever. When I interviewed for my current position one of the things I got told made me stand out was my home lab! It was nothing super fancy or impressive, just a couple of VMs that I used to understand different concepts better for myself. I wanted to do something on my own outside of training on platforms like Try Hack Me, Lets Defend, Hack the Box, etc. What made mine stand out? I described what business cases I did in my home lab and not just the technology that was in there. My resume bullet points showed not just what tools i used, but what skills I was practicing and showed their relevance to the position I was applying to. Instead of just bullet points with the tools in my lab like: -Kali Linux -Splunk -Microsoft Active Directory -Phishing analysis I used something similar to: - Created a personal SOC environment utilizing Splunk to monitor a Windows environment including workstations and an Active Directory server. - Simulate attacks with Kali Linux against Windows environment and reviewed network traffic to generate alerts for attacks, harden environment, and write analysis of findings. - Perform analysis of potential phishing emails by investigating emails sent to my personal email address. Investigated email headers, sender domain and IP reputation, and investigating links in a sandbox with any.run. This is how you show experience! You can even take it a step further by writing a blog post, LinkedIn article, or record a video of you working in your lab that shows each task in your lab. (Videos are a bonus as they can show your soft skills as well!) This worked really well for me, just remember what you do in your lab should be relevant to the role you are trying to land. I wanted to be a SOC Analyst so all of my labs were geared towards blue teaming. You can easily change it up for whatever role you are seeking, just remember to explain the business cases you are solving in your lab! #cybersecurity #homelab #learningeveryday #jobadvice

10 Free Cybersecurity Tools for Hands-on Experience! Resume Ideas for each are listed below. ⬇ 1. Wireshark: https://www.wireshark.org/ -Resume Idea: "Used Wireshark to capture and analyze network traffic, identifying protocol misuse and detecting anomalies in smart devices, leading to improved network security monitoring." 2. Metasploit Framework: https://lnkd.in/gzebUBeE -Resume Idea: "Conducted penetration testing using Metasploit, successfully identifying and exploiting 3 vulnerabilities in a test environment, leading to detailed security assessments and patch recommendations." 3. OpenVAS: https://www.openvas.org/ -Resume Idea: "Executed vulnerability scans with OpenVAS, identifying and remediating 5 critical security flaws in a virtual network environment, reducing overall risk exposure." 4. Burp Suite: https://lnkd.in/g_qvp7H3 -Resume Idea: "Utilized Burp Suite to identify and exploit SQL injection and XSS vulnerabilities in a test web application, providing recommendations to improve web security." 5. Snort: https://www.snort.org/ -Resume Idea: "Configured and deployed Snort IDS, creating custom rules to detect and alert on suspicious network activity, improving network defense by preventing brute-force attempts and port scans." 6. Nmap: https://nmap.org/ -Resume Idea: "Performed comprehensive network scanning using Nmap, identifying 10 active services and recommending security hardening based on discovered vulnerabilities and misconfigurations." 7. John the Ripper: https://lnkd.in/ggq_B9_a -Resume Idea: "Conducted password cracking simulations using John the Ripper, analyzing password strength and providing recommendations for enforcing stronger password policies based on hash recovery results." 8. Maltego: https://www.maltego.com/ -Resume Idea: "Performed OSINT investigations using Maltego, uncovering hidden connections between domains, emails, and social profiles, contributing to enhanced threat intelligence." 9. The Sleuth Kit: https://www.sleuthkit.org/ -Resume Idea: "Utilized The Sleuth Kit to recover deleted files and analyze file system data from a disk image, identifying signs of potential malware and suspicious activity for a forensic investigation." 10. Steghide (Steganography Tool): https://lnkd.in/gsSAcEim -Resume Idea: "Used Steghide to conceal and extract sensitive data within image files, successfully preventing covert data transmission through steganography detection techniques." Note: These are just ideas, I would use concrete examples of what you've accomplished and how you solved a problem.