Options
Resume Review after most recent certs.
Ertaz
Member Posts: 934 ■■■■■□□□□□
Posted this last year, got 0 response, so I thought I'd post it again this year after my most recent certs:
Just wanted your feedback. This is just the text. It looks a little better when formatted.
First M. Last
1234 Backroad Lane
Podunk ID 86753
Phone: (999) 555 1212
E-mail: personal.address@gmail.com
LinkedIn: https://www.linkedin.com/in/Dat.Profile.Tho.OU812
Summary
Certified Information Systems Security Professional (CISSP) with more than 15 years of experience and expertise in designing, implementing, securing and troubleshooting complex information systems. I am currently assessing system vulnerabilities, ensuring compliance, and recommending security improvements that strengthen business processes. I have a diverse background in telecommunications, network engineering, and system administration that serves as an exceptionally strong complement to my skill as a security and information technology professional. In general, I am a team player with strong management and technical skills able to see projects through from inception to completion
Technologies:
Rapid7 Nexpose vulnerability management, RSA Archer GRC, LAN, WAN, SAN, PIX/ASA firewalls, Fluke and Wireshark packet analysis, Cisco and Alcatel switching / routing, Microsoft Windows (7/10 and 2003/2008/2012 Server), VMWare, Microsoft SQL Server, Yokogawa DCS, DeltaV and numerous other manufacturing interfaces.
Certifications:
CISSP - (ISC)² Certified Information Systems Security Professional
CASP - CompTIA Certified Advanced Security Practitioner
GPEN - GIAC Certified Penetration Tester
CSA+ - CompTIA Certified Security Analyst+
MCP - Microsoft Certified Professional
SEC+ - CompTIA Security+
Experience
Vulnerability Management Engineer (7/2015 – Present)
Some Managed Service Provider (BackWater, ID)
Responsible for identifying and quantifying IT risk factors, recommending controls, determining remediation requirements, and mitigation to reduce security concerns. Collaborate and lead efforts to evaluate and prioritize vulnerabilities in infrastructure and software. Facilitate remediation efforts by compliance and operational personnel. Maintain a regiment of vulnerability assessments and regular reporting for regulatory and contractual compliance. Analyze business impact and exposure based on emerging security threats, vulnerabilities and risks. Provide assurance that quality and risks are effectively addressed in relation to services.
Senior Application Analyst (4/2011 – 7/2015)
Now Defunct Paper Mill, ( Lowdown, ID)
Responsible for support, identification, analysis and the implementation of secure manufacturing application solutions, working closely with the operational teams to optimize key processes, leveraging information technology and focused on driving value. Focus Areas: OSIsoft PI data historian, SCADA, business and process control network security/management, performance monitoring, and alerting. Analyze complex business processes or issues and provide recommendations/solutions. Perform project scoping, analysis and design recommendation for business manufacturing solutions. Platforms supported include Cisco IOS, Cisco ASA, OSIsoft PI System, PI interfaces include OPC, HTML, SNMP, Syslog, and ABB CNI.
Senior IP Operations Engineer (5/2009 – 4/2011)
Telecom Company, (BackWater, ID)
Responsible for complex IP routing, testing, troubleshooting and service provisioning of the IP, VOIP, and RF networks. Managed system access through TACACS. Platforms supported include Metaswitch, Cisco IOS, Motorola Canopy Wireless, Solarwinds, IP technologies (BGP/OSPF) and Open System platforms such as: DNS, DHCP, IP load balancing, VRRP, HSRP, GLBP, NTP, UNIX, Windows, and Nagios. Managed system access through TACACS. Facilitated accurate and timely implementation of new infrastructure, network elements, and complex projects. Coordinated and performed internal enterprise system maintenance, as well as maintenance for municipal partners.
Senior Technical Specialist/Process Control Engineer (9/2001 – 5/2009)
Chemical Manufacturer, (Lowdown, ID)
Responsible for computer network administration of multiple manufacturing facilities for a 24x7 Fortune 500 manufacturer. Duties included, but were not limited to security, project management, installation, maintenance, training, budget adherence, and troubleshooting for all aspects of computer data networks. Performed all UNIX and database administration for the site. Maintained all systems with a high degree of availability. Performed system monitoring and performance analysis on all systems. Provided technical support and consulting to other facilities within corporation regularly. Designed, managed, and documented voice over IP, wireless, process control, and firewall installation projects throughout the company. Performed systems management, traffic analysis and troubleshooting for ERP applications at multiple locations. Contained costs through strict budget adherence on projects and removed unnecessary services from existing locations. Lead project teams and resources to develop and implement new systems and applications. Performed server and application administration for document management, data historian, web, file, and directory services.
Education
Bachelor of Science, Business Management, Small Religious University (12/200
Summa Cum Laude, 3.97/4.0 GPA
Just wanted your feedback. This is just the text. It looks a little better when formatted.
First M. Last
1234 Backroad Lane
Podunk ID 86753
Phone: (999) 555 1212
E-mail: personal.address@gmail.com
LinkedIn: https://www.linkedin.com/in/Dat.Profile.Tho.OU812
Summary
Certified Information Systems Security Professional (CISSP) with more than 15 years of experience and expertise in designing, implementing, securing and troubleshooting complex information systems. I am currently assessing system vulnerabilities, ensuring compliance, and recommending security improvements that strengthen business processes. I have a diverse background in telecommunications, network engineering, and system administration that serves as an exceptionally strong complement to my skill as a security and information technology professional. In general, I am a team player with strong management and technical skills able to see projects through from inception to completion
Technologies:
Rapid7 Nexpose vulnerability management, RSA Archer GRC, LAN, WAN, SAN, PIX/ASA firewalls, Fluke and Wireshark packet analysis, Cisco and Alcatel switching / routing, Microsoft Windows (7/10 and 2003/2008/2012 Server), VMWare, Microsoft SQL Server, Yokogawa DCS, DeltaV and numerous other manufacturing interfaces.
Certifications:
CISSP - (ISC)² Certified Information Systems Security Professional
CASP - CompTIA Certified Advanced Security Practitioner
GPEN - GIAC Certified Penetration Tester
CSA+ - CompTIA Certified Security Analyst+
MCP - Microsoft Certified Professional
SEC+ - CompTIA Security+
Experience
Vulnerability Management Engineer (7/2015 – Present)
Some Managed Service Provider (BackWater, ID)
Responsible for identifying and quantifying IT risk factors, recommending controls, determining remediation requirements, and mitigation to reduce security concerns. Collaborate and lead efforts to evaluate and prioritize vulnerabilities in infrastructure and software. Facilitate remediation efforts by compliance and operational personnel. Maintain a regiment of vulnerability assessments and regular reporting for regulatory and contractual compliance. Analyze business impact and exposure based on emerging security threats, vulnerabilities and risks. Provide assurance that quality and risks are effectively addressed in relation to services.
Senior Application Analyst (4/2011 – 7/2015)
Now Defunct Paper Mill, ( Lowdown, ID)
Responsible for support, identification, analysis and the implementation of secure manufacturing application solutions, working closely with the operational teams to optimize key processes, leveraging information technology and focused on driving value. Focus Areas: OSIsoft PI data historian, SCADA, business and process control network security/management, performance monitoring, and alerting. Analyze complex business processes or issues and provide recommendations/solutions. Perform project scoping, analysis and design recommendation for business manufacturing solutions. Platforms supported include Cisco IOS, Cisco ASA, OSIsoft PI System, PI interfaces include OPC, HTML, SNMP, Syslog, and ABB CNI.
Senior IP Operations Engineer (5/2009 – 4/2011)
Telecom Company, (BackWater, ID)
Responsible for complex IP routing, testing, troubleshooting and service provisioning of the IP, VOIP, and RF networks. Managed system access through TACACS. Platforms supported include Metaswitch, Cisco IOS, Motorola Canopy Wireless, Solarwinds, IP technologies (BGP/OSPF) and Open System platforms such as: DNS, DHCP, IP load balancing, VRRP, HSRP, GLBP, NTP, UNIX, Windows, and Nagios. Managed system access through TACACS. Facilitated accurate and timely implementation of new infrastructure, network elements, and complex projects. Coordinated and performed internal enterprise system maintenance, as well as maintenance for municipal partners.
Senior Technical Specialist/Process Control Engineer (9/2001 – 5/2009)
Chemical Manufacturer, (Lowdown, ID)
Responsible for computer network administration of multiple manufacturing facilities for a 24x7 Fortune 500 manufacturer. Duties included, but were not limited to security, project management, installation, maintenance, training, budget adherence, and troubleshooting for all aspects of computer data networks. Performed all UNIX and database administration for the site. Maintained all systems with a high degree of availability. Performed system monitoring and performance analysis on all systems. Provided technical support and consulting to other facilities within corporation regularly. Designed, managed, and documented voice over IP, wireless, process control, and firewall installation projects throughout the company. Performed systems management, traffic analysis and troubleshooting for ERP applications at multiple locations. Contained costs through strict budget adherence on projects and removed unnecessary services from existing locations. Lead project teams and resources to develop and implement new systems and applications. Performed server and application administration for document management, data historian, web, file, and directory services.
Education
Bachelor of Science, Business Management, Small Religious University (12/200
Summa Cum Laude, 3.97/4.0 GPA
Comments
-
Options
jelevated
Member Posts: 139
Id get rid of that intro line in your summary. It looks cheesy. YOU are not a CISSP, you are Ertaz, infosec warrior, and being a CISSP is one of your many achievements.
Also your experience section tells me what you did but not how this impact your organization. -
Options
NetworkNewb
Member Posts: 3,298 ■■■■■■■■■□
Not of fan of the experience section where you just spit out each thing you do, one by one, into one big paragraph. Do you use bullet points?
Think it is harder to read resumes when just copying and pasting the text into here. Reason why you might not get more responses. -
OptionsErtaz
Member Posts: 934 ■■■■■□□□□□
Thank you guys for the feedback. I'm going to make a run at revamping it this weekend.
-
Options
kiki162
Member Posts: 635 ■■■■■□□□□□
Overall it's not bad - but you may want to consider putting bullet statements here OR keep the paragraphs but get rid of some of the fluff. Looking at the paragraphs, I feel like there's some jobs that do not stand out. Recommend you elaborate on specific duties, OS's, or applications used. Remember you can always have more than one resume, but tailor it to the job your are applying for.
Summary
Get rid of the "I". For the 2nd sentence...
I am currently assessing system vulnerabilities, ensuring compliance, and recommending security improvements that strengthen business processes
This can be revised a bit. When you say ensuring compliance, you are running Nexpose which has a lot of that built into the app. If there's a requirement at your job to ensure compliance using a specific framework, then I would put that in the summary. Someone may catch you on this statement, so be prepared just in case.
Also, take out the last sentence in the summary.
Technologies:
For VMWare - if you did something specific with VMWare, that should be reflected in your job duties
For "Yokogawa DCS, DeltaV and numerous other manufacturing interfaces. "
- I'd be specific here stating that it's a SCADA device. Again most HR rep won't know what those are unless you are applying for a SCADA job. I'd revise it to "Yokogawa DCS and DeltaV SCADA Devices" or something similar.
Certifications:
Take out MCP.
Job Experience
1st job: Here is another place you want to call out any compliance frameworks required in your scans. 3rd sentence needs to be revised (Maintain a regiment of ) change to (Conducted....)
2nd Job: The last sentence is confusing. If you are targeting a SCADA type job, then some of this may make more sense. I would tailor this paragraph and make it a little more generic. The 2nd sentence also needs to be revised and remove "Focus Areas: "
4th Job: Got a lot of fluff in there. Some of this duties can come out in a job interview. A couple of questions...
Performed all UNIX and database administration for the site. If you look at the last sentence in this paragraph, it ties together in your job duties.
Maintained all systems with a high degree of availability. Very Fluffy
Performed system monitoring and performance analysis on all systems. Very Fluffy
Provided technical support and consulting to other facilities within corporation regularly. I'd leave this here. It makes sense.
Designed, managed, and documented voice over IP, wireless, process control, and firewall installation projects throughout the company.
Here is where you can be more specific
Performed systems management, traffic analysis and troubleshooting for ERP applications at multiple locations.
Very Fluffy - unless you can provide more specific info here
Contained costs through strict budget adherence on projects and removed unnecessary services from existing locations.
Very Fluffy - this sounds more like management role where you were directed to remove some services.
Lead project teams and resources to develop and implement new systems and applications.
This must have been part of the "Process Control Engineer", however it sounds more like a Project Management role. Not sure if I would keep this one in or not.
Performed server and application administration for document management, data historian, web, file, and directory services.
Here is where you can be more specific. -
OptionsErtaz
Member Posts: 934 ■■■■■□□□□□
Thanks for the awesome detailed feedback kiki! I will post the rewrite on Sunday.
-
Options
yoba222
Member Posts: 1,237 ■■■■■■■■□□
More is better when it comes to work experience. Except you have far more work experience to describe than the average resume reader's attention span can hold. Need more Cliff's notes approach there.A+, Network+, CCNA, LFCS,
Security+, eJPT, CySA+, PenTest+,
Cisco CyberOps, GCIH, VHL,
In progress: OSCP -
Options
DatabaseHead
Member Posts: 2,753 ■■■■■■■■■■
Didn't want to say anything but the MCP needs to go. 100% with Kiki.
Brand yourself as security, not some JOAT. -
OptionsErtaz
Member Posts: 934 ■■■■■□□□□□
DatabaseHead wrote: »Didn't want to say anything but the MCP needs to go. 100% with Kiki.
Brand yourself as security, not some JOAT.
Noted. All this feedback really helps. -
OptionsErtaz
Member Posts: 934 ■■■■■□□□□□
(*Minor Bump*) Haven't had time to complete the revision yet. I'm about %60 there. I did get a call back and had a phone interview today on one I applied to with my current resume. Looks like an onsite interview the second week of June. My current salary +30K would be a nice bump.
-
OptionsITSec14
Member Posts: 398 ■■■□□□□□□□
Get rid of CISSP line in Summary and replace with "Security professional" or something along those lines. Also remove all the I's.
Certifications should be with education after experience. Also, remove MCP since you have a fair amount of advanced certs.
Try to use measurable goals in your experience. Something like "Reduced vulnerability count by 30% in X number of months" something like that.
Also...dont EVEERRRR include your street address in a resume. Only city, state and zip.
And yes...bullet points are your friend.
