Following a significant wave of job cuts in 2023, U.S. tech firms have still been trimming their payrolls over the first four months of this year, but not at the same pace. A recent Reuters report found that, of the 257,000 layoffs announced since January, the tech sector witnessed the most cuts, with more than 42,400 positions slashed.
At the same time, departments that appeared insulated from previous rounds of belt-tightening are no longer immune. After years of watching their budgets steadily increase as attacks and breaches proliferated, cybersecurity divisions have reported cuts and hiring freezes since the start of the year, according to the Wall Street Journal.
There are, however, opportunities for those looking to get back to work right away. In April, CompTIA crunched recent U.S. Bureau of Labor Statistics numbers and found that tech companies added 6,000 jobs over the last month, pushing the unemployment rate for the sector to roughly 3 percent.
For tech and cybersecurity professionals caught up in a cycle of layoffs and job hunting, getting a resume polished, reworked and revitalized is a significant first step in the process. Cybersecurity industry insights and experts who see multiple job candidates a week noted that merely reordering work history and adding details from the last position is not enough.
Insiders noted that certain in-demand skills and certifications require prominent placement on the updated resume. Some experts urge job seekers to rework their resume while increasing their networking opportunities. Others urge those laid off to think through their next opportunity and make sure that reflects in their resume and their search.
“First, I would take a step back and reflect: What did you love about your job? What didn't you love?” Kate Terrell, chief HR officer at Menlo Security, recently told Dice. “Spend time considering and prioritizing your values and what you are looking for in your next opportunity. Then I would spend time reflecting on your accomplishments and impacts.”
For cybersecurity or tech pros looking to rework and rewrite their resume as part of the job hunt – or even for those who want to prepare for their next opportunity – here is advice from practitioners and experts on how to prepare a CV or resume.
Certifications and Skills
In the cybersecurity field, certifications and skill sets are essential parts of a job seeker’s resume as many organizations require these as part of the hiring process. For example, cybersecurity analysts often ask for one or more of the following certifications:
- Certified Information Systems Security Professional (CISSP)
- Certified Information Systems Auditor (CISA)
- Certified Information Privacy Professional (CIPP)
- SANS/GIAC Certification
- CompTIA Security+
- Certified Information Security Manager (CISM)
- GIAC Certified Incident Handler (GCIH)
- GIAC Security Essentials Certification
Terrell added that if a recently laid-off tech pro has the financial ability to gain a certification while looking for work, it can increase the chances of landing a job or an even better position.
“If you are interested in continuing your education through certifications—excellent,” Terrell said.
Job seekers, however, must focus their resumes on specific results derived through these certifications and skills.
“So many resumes are activity-focused as opposed to results-focused,” Terrell noted. “Review your resume to ensure you are conveying the impact you made in each one of your roles. Focus on the last 10 years of experience and any other significant highlights or impacts before that timeframe. Use A.I. if needed to tailor your resume to specific job openings. And as you interview—think about how you will differentiate yourself from other candidates.”
Other experts see benefits in adding certifications and skills, but noted that there are other ways to rework a resume to highlight abilities and what cybersecurity and tech pros can bring to a new team.
“In the aftermath of a layoff, diversifying your strategy is key to enhancing your employability in the cybersecurity realm. Pursuing new certifications or further education is advantageous but should not be seen as the only avenue to showcase your skills and adaptability,” Michael Skelton—a.k.a. Codingo—vice president of operations and hacker success at Bugcrowd, told Dice. “It is also wise to update your resume to spotlight your most pertinent experiences and successes, particularly projects or roles that highlight your skill in making complex technical concepts accessible to non-technical audiences.”
There is also ensuring that the certifications and skills that tech and cyber pros highlight on the resumes reflect the type of job they are pursuing. A resume is best tailored to the job that a candidate wants to apply for, said Gareth Lindahl-Wise, CISO at security firm Ontinue.
“Once you have focused on a role with more potential, look around for people with similar roles, do some reconnaissance on LinkedIn—connect with those who are in or have been in similar roles,” Lindahl-Wise told Dice. “Your research should give you a steer on what relevant experience and qualifications or certifications look like and you should commit to certifications which could serve in lieu of experience.”
While this approach can help with entry- and mid-level positions, experts note that executives and CISOs looking for new roles need a specific approach.
“Certifications usually help roles below a CISO. It is good to upskill, because you get breathing time, not because it will get you a better job because a CISO will be evaluated on knowing a security topic conceptually and on being able to harness deep tech resources effectively,” Agnidipta Sarkar, vice president of CISO advisory at ColorTokens.
Don’t Forget That Networking Helps, Too
Several experts noted that while revamping a resume or CV following a layoff is critical, tech and security pros must also remember to ramp up their networking at about the same time.
By connecting with peers, job seekers can gain ideas of what works and doesn’t work when updating a cybersecurity resume.
“Networking is the mantra,” Sarkar told Dice. “Usually, the most networked are the ones that come across more opportunities. And it is never too late to begin.”
By focusing on networking, job seekers can maintain strong ties with past colleagues who can vouch for professional capabilities, endorse them for new roles and provide invaluable guidance. This dual emphasis on networking and nurturing existing relationships forms a robust strategy for navigating the job market, Skelton said.
“Following a layoff, a cybersecurity professional's top priority should be to extend and deepen their network. Actively participating in the community through Twitter, LinkedIn and Slack groups, and attending industry conferences is crucial,” Skelton added. “This proactive approach keeps you in tune with the latest industry developments and fosters opportunities for potential collaborations and job prospects, especially since many high-level and specialized roles are more commonly secured through networking than through job boards.”
Keep Adding Experience Even When Looking
Several experts noted that cybersecurity and tech professionals have unique opportunities to keep adding to their resumes even when looking for full-time work thanks to the ability to freelance or consult on projects.
“Venturing into freelancing or consulting not only showcases your expertise but also offers valuable hands-on experience. Furthermore, contributing to open-source projects, educating others, and producing content, whether through videos or articles that demystify cybersecurity issues for a broader audience, are excellent ways to demonstrate your technical acumen and effective communication skills,” Skelton said.
By taking on consulting work, Lindahl-Wise said that job seekers and those recently laid off can quickly add skills to their resume and avoid employment gaps. There are other benefits as well.
“Consulting skills are amongst the most important and transferable skills in a good cyber security professional – as a contractor or permanent employee. Take every chance to grow them and demonstrate them as possible,” Lindahl-Wise added.
If cyber and tech job seekers want to explore consulting or freelance work, Menlo Security’s Terrell advises they ask many of the same questions as they would before taking on a full-time position.
“This goes back to taking time to reflect, considering your goals and what makes sense based on your personal priorities,” Terrell noted. “It can be a great move for the right person, but there are many things to consider such as: What type of consulting? Would you be independent? Do you feel confident in selling yourself or your work? Do you need benefits? Are you ok with the unpredictability of consulting work versus a full-time job?”