How to Get a Cyber Security Job with No Direct Experience

Posted by Bill Branstetter

how to write my resume with no cyber security experienceA few times per year, I have the privilege of working with the team at to host world-class career fairs for some of the top companies in the cyber security industry. My role is to provide resume coaching and career advice to the hundreds of job seekers who come to these events. Many of those who attend are either in school pursuing a cyber security degree or are in an entirely different career field and are trying to transition over. I’m writing this article with those people in mind to answer a few of their frequently asked questions.

I’m going to school for cyber security, but I don’t have any experience. What should I do with my resume? 

If you are in school for a cyber security degree and don’t have any relevant experience, you should have a one-page resume with the bulk of it being about your education. I recommend structuring your resume to look like this:


Keep it short and simple. “Cyber security professional seeking an internship or entry level position.”  If you have certifications or a security clearance, you can include those here.


List cyber security tools you’ve used in school, in a home lab, or in a volunteer role. You should also list hardware, software, and programming languages you have experience with.


Aside from your degree, school name, graduation date and GPA (only if it’s good), you should list some of your relevant classes, internships, projects, labs, extracurricular activities (capture-the-flag competition, ISSA member), volunteer work (installed antivirus software on church computers), awards and achievements.


If your work history is comprised of short-term or unrelated jobs (WalMart stocker, McDonald’s cashier, Uber driver), you don’t need to list those on your resume. There are only three reasons why I would still include them:

  • You can show significant job tenure (2+ years) – tells me you’re not a job hopper
  • You have leadership experience (managed a team of 10) – tells me someone else found you trustworthy enough to supervise others
  • You have a significant accomplishment (selected out of a team of 20 to receive the annual President’s award) – tells me you did more than show up to work and not get fired

I have 20+ years in a different career field. What should I do with my resume?

I like a one-page resume for this situation too. You can collapse your previous career into a single job under your experience section, only listing your most relevant and impressive responsibilities and accomplishments.  For example, someone retiring from the military might show it this way:

Medical Service Corps Officer, United States Army, 1998-2018

  • Led teams up to 120 personnel and co-authored a book on leadership that is now part of the West Point curriculum
  • Managed budgets up to $10M and reduced technology expenses by 10% by identifying more cost-effective solutions
  • Recognized by the Commanding General for increasing quality of care metric by 30%

If you’ve done anything related to IT or cyber security in your previous career, those are the bullets you should focus on. Otherwise, use the common sense test by asking yourself, “Will this bullet help me land a cyber security job?”  If the answer is “no,” then leave it off.

I’ve applied to countless cyber security jobs, but no one will interview me. What else can I do?

Some experts say that up to 85% of jobs are filled through networking. Combine that statistic with the tremendous competition for entry level cyber security jobs and that easily explains why you aren’t getting calls for interviews. There are plenty of articles out there about how to network your way into a job, so I won’t go into much detail here. But here are four networking ideas for your consideration:

  • Attend career fairs and meet with the companies who set up booths. In addition to asking about job openings, ask each representative about their cyber security initiatives and challenges.
  • Join a local cyber security association with regular meetups and be intentional about getting to know the people you sit with. Look for ways to volunteer or to contribute to the local chapter.
  • Join relevant groups on LinkedIn, participate in discussions, and ask great questions.
  • Participate in capture-the-flag competitions. You’ll meet others in the industry (including hiring managers) and will have the added benefits of growing your technical skills and giving you something else to put on your resume.

Another strategy is to transfer into a cyber security job within a company you already work for. This means you might have to take a job outside of cyber security that you’re better qualified for just so you can get a foot in the door. Then, once you have proven yourself in that job, let the manager of the cyber security team know you are interested in transferring into their department. Look for opportunities to cross-train with the cyber team or to pick up some additional cyber responsibilities. Take someone from that team out to lunch and learn about their job and how they got it. You want an advocate on the inside who will recommend you when an opportunity comes open.


Bill BranstetterBill Branstetter is the Recruiting Manager for Abacus Solutions Group, an IT services and solutions company.  He lives in San Antonio, TX and is also the author of The Six Second Resume.




This entry was posted on Friday, December 28, 2018 12:01 pm

4 thoughts on “How to Get a Cyber Security Job with No Direct Experience”

  1. Nice tips, I’ve never seen this in this context. I’m creating a new resume tonight using this. Should I include my courses with their focus?
    Mr. Branstetter, are you available via LinkedIn for coaching/mentoring?
    I have a weird circumstance which doesn’t fit into a specific bucket.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.