You’ve seen all the James Bond movies and you’ve always dreamed of being a spy. Sure, you’re not a very techy person, but you know you have other skills to make up for it.
After all, persuading others to do your bidding is second nature to you. You’re able to wriggle out of sticky situations.
And it comes as no surprise when people share deep personal secrets with you. Seemingly out of the blue.
But above all, you have the moral compass to decide if and when to use your abilities.
If this is you, now is the perfect time to make your dream come true.
Why?
Cyberattacks are on the rise and this means more experts are needed to tackle these issues.
All you need is an outstanding social engineering resume to wow hiring managers.
How do you do that?
The Enhancv team is here to help you out! We’ll guide you through every step of the resume-building journey.
Our social engineering resume guide is full of tips and hacks
- How to decipher job descriptions and use them to tailor your resume
- What to take into account when choosing which experiences to share
- How to choose the best resume format for your level of expertise
- How to talk about your hard, soft, and transferable skills
- Which work experiences are relevant, even if you don’t have a cybersecurity background
- Whether you need formal education to apply for a social engineering position
- Which certifications can boost your chances of getting hired
Looking for related resumes?
How to build your social engineering resume: testing your skills
How does a resume test your professional talents?
Simple.
Persuasion is a key social engineering skill. And the main purpose of a resume is to convince recruiters that you’re the right person for the job.
But instead of doing it in person, you’ll have to do it on paper. Just like a phishing scheme.
The only difference is that many other people are trying to do the same thing at the same time.
So how do you stand out?
A successful phishing scheme relies on your attention to detail. Social engineers take time to make each email section perfect. The same logic applies here.
Ensure you make the most of each resume box - from the header to the certificates section. Show the versatility of your social engineer toolkit!
Don’t worry if you haven’t had much practical experience. Compared to other industries, there isn’t a set professional route to follow.
Many of the current industry experts have started from related fields. Such as IT, Security and Law Enforcement, or Psychology.
It’s important to highlight your transferable abilities and share any relevant experiences.
While it’s preferable for social engineers to have tech skills, much of your toolkit is psychology-based.
As such, remember that hiring managers and employers are interested in results. So the best way to grab their attention is to link your skills to verifiable outcomes.
But before we dive into the finer details, let’s discuss resume formats.
Why does the layout matter?
Different formats allow you to mix and match your professional achievements. The way they make sense not only for the available position, but for you too.
All without the risk of submitting an “empty” resume because you lack work experience. Or haven’t been actively employed in the last few years.
So, how do you select a resume format?
If you’re already in the industry, use the reverse-chronological resume.
This is a recruiters’ favorite because it:
- Starts with your most relevant experiences
- Is easy to skim through
- Leaves enough room to add extra information which will make you stand out
But what if you’ve only dabbled in social engineering? Or want to switch careers?
Then your best option would be the hybrid resume. It provides plenty of space to feature your experience and your professional skills.
If you’ve done some social engineering on the side, add the experience to your resume. Even if it was a side gig. Just make sure you don’t break any NDAs.
And if you’re changing career paths, focus on the resume’s talent section. Explain why your transferable skills are valuable. And how they will benefit your future employer.
What about the work history section?
Take into account what hiring managers are searching for in an ideal candidate. Although your experience may be different, your achievements can be relatable.
For example, can you think of any company who would frown upon increase in revenue? We thought so.
Think of past situations where you’ve helped your employers reach their goals. Do they relate to the job description? Add them.
And what if you don’t have any work experience under your belt?
Opt for the functional resume. It concentrates solely on your talents. But it also gives you the chance to expand on what you’ve accomplished so far.
Again, make sure you tailor your resume to the job description and the company’s future plans. Describe how your mindset and skill set will benefit your potential employer.
Going into a little more detail, which sections are a must-have for your resume?
Core sections to add to your social engineer resume
- A header where you state who you are and link to your portfolio
- A resume objective or summary to highlight relevant industry achievements
- An experience segment where you feature the scope of your expertise
- A skills box to emphasize your strongest social and technical talents
- An education and certifications section to display your professional credentials
Use this cheat sheet in case you:
- Get stuck and have no idea what to add and what to discard
- Hesitate whether to include a specific piece of information
- Think you’ve lost focus and need a reminder on what each section is about
Ideally, you should be able to convert each resume entry into a conversation starter. Not only will this get you noticed, but recruiters will know you’re ready for a callback.
To give you an idea of what to expect once you get selected for an interview, check out the questions below:
How to leave a lasting impression on hiring managers
- How did you get involved with social engineering? Why?
- Why do you want to start your career in social engineering now?
- What types of penetration testing are there?
- Describe the stages of a penetration test.
- How would you describe information security?
- What do you do before approaching a potential target?
- What is your favorite technique to use when engaging targets? What do you gain by using it?
- Describe a scenario where you had to manage a critical team member.
- Tell us about a situation where you disagreed with your supervisor and your hunch turned out to be true. How did you approach your supervisor? What happened?
- What is your most memorable pen testing case?
- Have you ever worked in different penetration testing teams? Which one is your favorite and why?
- Are you familiar with the OSI layer model?
- Do you have any cybersecurity-related certificates?
- Imagine I’m a 5 year old. Explain what is an SSL/TSL connection?
- Which threat analysis tools are you familiar with?
- What was the greatest challenge you’ve ever encountered? What happened? How did you overcome it?
- What is your biggest weakness?
If you can touch on these subjects in your resume, you’re going to be one step closer to your dream job.
How to make your social engineering resume header stand out
This is just a box with your basic information, right?
Well, yes.
But there are still ways to make your resume header pop. Apart from listing your:
- First and last name
- Address
- Phone number
- Job title
…consider linking to your portfolio. And any professional business profiles you have, such as your LinkedIn.
Let recruiters learn more about you. You may not have a long work history. But if you’ve chronicled your social engineering endeavors, mention it.
Why is this important?
Generally, hiring managers test candidates for a company culture match. By checking your LinkedIn, recruiters can determine whether your professional conduct is acceptable.
By contrast, technical managers are the ones who test for the right skill set.
As a result, hiring managers make sure to share portfolios with the more tech-savvy people on their team.
2 social engineering resume header examples
Take a look at the following resume header sample:
Do you think this one pops for all the right reasons? Not really.
But why? Because:
- Keandra’s job title is misleading
- There is little to no personal information
- Links to a business social media profile or a portfolio is missing
On average, recruiters spend 6 seconds skimming through a resume.
Keandra can easily get mistaken for a Software Engineer, depending on the rest of her resume. Especially if she comes from a technical background.
Plus, a single phone number is not enough. Calls can be missed. That’s why Keandra should have added at least one more contact method.
Having these points in mind, notice the difference a few tweaks can make:
Regardless of Keandra’s industry experience, this resume header looks much more professional.
It shows that the candidate has put a lot of thought into their application. And it proves their enthusiasm to pursue a social engineering position.
Now that you’ve grabbed recruiters’ attention, it’s time to reel them in with your resume summary.
Crafting an enticing social engineer resume summary
Let’s use the email analogy again. Think of the resume objective or summary section as the email preheader. Or the snippet, if you will.
What’s the main purpose of the prehader? To give you a small preview of an email’s contents.
The same goes for the resume summary. This is a small paragraph which features a synopsis of your greatest achievements:
- Credits and awards
- Popular employers
- Your top skills
- Certificates and education
- Honorable mentions which don’t fit into any of the other categories
There’s so many things you can list in your objective or your summary. But wait, is there a difference between the two?
A tiny one.
While tenured professionals write summaries to showcase their experience.
Aspiring specialists use the objective to appeal to recruiters by emphasizing the benefits of their work.
2 social engineering resume summary examples
Have a look at the sample we’ve prepared below:
This is a good first attempt at a resume objective. But it’s obvious it was done in a rush.
Why?
The first sentence ends with a grammar mistake. Yet, more importantly, vital pieces of information are missing:
- What does the applicant’s practical experience encompass? What skills has the individual mastered?
- If the candidate is a NYIT graduate, what degree did they obtain?
- What makes the applicant qualified to seek a position as a Red Team member?
- How would this person help their future employer grow?
It sounds generic and self-centered. You need to be able to tell your story, but also stress on how you can help your employer achieve their goals.
Remember that it’s never a good idea to send the same resume. You need to appeal to each individual team you’re applying to.
Here is one way to upgrade your resume objective:
What a great way to present one’s credentials and scope of abilities!
Yes, this candidate is new to the industry. Yet, they are excited and determined to prosper as a social engineer.
Generally, this is more than enough to prompt the recruiter to call you back. So, if you have any fears you won’t be considered for the role, they’re unfounded.
How to exploit opportunities in the experience section of your resume
The good thing about having to create a number of resumes is that you get to experiment. And the segment which undergoes the biggest transformation is the experience section.
Why?
Because it usually takes most of the space on your resume.
This means you have the opportunity to shine in so many ways. It may take you more time than you initially anticipated. But it’s worth the effort.
So, if the job is more people-oriented and doesn’t require so much tech knowledge, emphasize your social talents.
Yet, if the role demands otherwise, highlight your hard skills. Share situations where your technical talents have helped your past employers reach milestones.
But what if you’re a college grad with little to no work experience?
We’ve got you!
Depending on the position you’ve chosen and the job description, you may want to reference:
- Relevant majors or courses you’ve taken
- College projects and club memberships
- Freelance projects you’ve done
It’s more important for hiring managers to see your approach towards the career you want to pursue. Even if you don’t have the practical experience yet.
Show them you have both the abilities and the mindset for the job.
2 social engineering resume experience examples
Check out the following two samples:
- •Added 50 pages to the company's guidelines document
- •Planned and proposed events
- •Boosted training requests
Does anything seem out of place?
The first mistake that sticks out like a sore thumb is the employer’s name.
Typically companies do have a few aliases. Some of them are used in a formal setting, others are reserved for marketing purposes.
Since this is the first time you’re presenting your professional self, it’s better to list the company’s legal name.
Plus, describe your past employers main business operations. You don’t have to go into detail. A brief description will do.
Finally, the experience entries in the sample don’t paint a good picture of the applicant’s expertise.
For instance, Keandra states that she added 50 pages to the company's guidelines document. Why?
Was there a need to do so? What was the result? Did this help anyone in the company?
These are the questions you need to be asking yourself when framing the experience section entries.
Bearing all this in mind, have a look at an updated version of the previous example:
- •Updated the company's cybersecurity guidelines by researching and expanding the documents with just over 50 pages of newly-identified vulnerabilities.
- •Planned, proposed and organized 10+ cybersecurity meet and greets with New York Institute of Technology students, which resulted in onboarding 5 team members.
- •Boosted training requests by 75% after assisting at company awareness events with solving basic technical issues and mentoring elderly visitors on how to protect themselves against cyberattacks.
What an improvement, right?
Notice the difference quantifying your actions can have. Results speak more than pretty words.
Now hiring managers will know Keandra is a proactive and results-driven specialist.
Want to learn how to describe your skills? Let’s go!
How to talk about your skills without actually talking about them
social engineering requires you to be jack-of-all-trades. But that doesn’t mean you have to be master of none.
Sure, you’ll always be better at some rather than others. But regardless of skill level, you must be able to describe them properly.
So, how do you do that?
Results.
Think about the second example from the experience sections. Each entry can be divided into three parts:
- Results
- Action taken
- Challenge
Share how your talents have contributed to resolving an issue. Or helped someone do their job.
But don’t forget to cite numbers and any data pertaining to the situation. They provide the much needed context which makes your accomplishments stand out.
More importantly, you must present a well-rounded story. Your toolkit should be a mix of hard and soft skills.
Yet, which are the most popular abilities for a social engineer?
How much weight you put on either social or tech skills will depend on the job description.
If you’re going to be the person who will intercept and interact with targets, your social talents have to take the spotlight.
But if you’re going to work side by side with techies, you must prove you know what their job entails, too.
What to keep in mind when listing your technical talents
social engineering revolves around, as its name suggests, soft skills. Yet, you mustn’t skim over the hard skills section.
Why?
There are two important points to keep in mind:
- Don’t lie about having mastered a tool or a skill.
- Get ready to be tested on any ability you have featured on your resume.
Be upfront and honest about your level of expertise. You may be able to get to the interview stage. But technical managers will definitely catch anyone trying to cheat.
Even if you’re a social engineer.
With this in mind, which hard skills will impress hiring managers? We’ve prepared a list to help you out:
Essential technical skills for social engineering professionals
- Windows
- Linux
- iOS
- Active Directory
- OSINT
- Research skills
- Vulnerability assessment
- Threat assessment
- Intrusion detection
- Physical pen testing
- Ethical hacking
- social engineering
- Vishing
- Phishing
- Smishing
- Water holing
- Risk and compliance
- Security policies and regulations
- Data collection and analysis
- Bash
- PowerShell
- Ruby
- C
- C++
- Python
- SQL
- VBScript
- POSTgres database
- MongoDB
- Maria DB
- MySQL
- PHP
- QA
- Network
- System administration
- Network administration
- Security administration
- Cloud services
- Splunk
- Metasploit
- Maltego
- Wifiphisher
- FISMA
- HIPAA
- SOX
- PCI
- NERC/CIP
How to flaunt your social talents through your accomplishments
Follow the same formula you used for your technical abilities. Take a look at the samples in the table below:
See, there are so many ways to talk about your skills! And you can put a number next to each and every one of them.
The context doesn’t always have to be work-related. You can reference:
- Hobbies and passions
- Situations which have had a great impact on your life
- Volunteering activities
- Side projects
As long as you can explain the results and impact of your work, you’re good to go. We’re aware of how difficult it is to think about what you do in terms of soft skills.
That’s why we’ve created another cheat sheet to get you inspired. And start building your resume of course. Check it out:
Indispensable social skills for social engineering experts
- Critical thinking and analytics skills
- Information gathering and organization
- Risk assessment and management
- Non-verbal communication
- Body language
- Impersonations
- Emotional intelligence
- Consulting
- Negotiation skills
- Building and nurturing relationships
- Adaptability
- Flexibility
- Personability
- Interpersonal skills
- Understanding
- Empathy
- Problem-solving
- Conflict resolution
- Acting
- Improvisation
- Communication skills
- Listening skills
- Resourcefulness
- Creativity
- Time management
- People management
- Mediation
- Behavioral psychology
- Troubleshooting
- Exploitation tactics
- Sleight of hand techniques
- Presentation skills
- Mentoring
- Team work
- Patience
- Deduction
- Observation skills
- Persuasion skills
- Rapport building
- Detail-oriented
- Trustworthy
- Dependable
What kind of academic background do social engineers have?
Take into account that social engineering is a relatively new profession. Current experts hold a wide range of degrees and specializations:
- BA/BS in Psychology
- BA/BS in Criminal Psychology
- BA/BS in Journalism
- Master's in Forensic Psychology
- BA/BS in Computer Science
- BS/MS in Cybersecurity
- BS/MS in Computer Engineering
- BS/MS in Network Engineering and Security
- BS/MS in Information Assurance and Security
- MSS (Master of Security & Intelligence)
There are also those who stumbled upon the industry almost by accident.
How does this happen?
These are usually combat veterans or former law enforcement in search of new opportunities. Or financial directors who have been tricked by other social engineers.
The list is endless. That’s why hiring managers tend to favor candidates with relevant certificates.
Which certificates will get you noticed by recruiters?
Many international organizations and private companies offer extra training. Depending on the career path you've chosen, you can specialize as:
Top 15 social engineering certificates to list on your resume
- SEC467: social engineering for Security Professionals
- Certified social engineering Prevention Specialist (CSEPS)
- Certified Social Engineer (CSE)
- CREST certifications
- CompTIA Network+
- CompTIA Security+
- CISSP (Certified Information Systems Security Professional)
- PNPT (Practical Network Penetration Tester)
- Offensive Security Certified Professional (OSCP) certification
- EJPT (eLearnSecurity Junior Penetration Tester)
- ECSA (EC-Council Certified Security Analyst ECSA)
- CEPT (Certified Expert Penetration Tester)
- LPT (Licensed Penetration Tester)
- CPT (Certified Penetration Tester)
- CEH (Certified Ethical Hacker)
Keep in mind to check the validity of your certifications.
You can also mention if you're currently undergoing training. But list this information in the resume summary instead of the certificates box.
What else can you list on your social engineering resume?
Having extra sections on your resume is not mandatory. But it’s preferable. If you have accomplishments which are relevant to the position, add them.
These can include:
- Conferences and presentations
- Books and papers
- Case studies and blog posts
- Association and computer club memberships
- Hackathons
- CTFs
- Side projects
Key takeaways: engineering your way to a cyber security career
- Treat resume writing as building a phishing scheme. But for hiring managers.
- Supplement your header by linking to your portfolio and your LinkedIn profile
- Mention notable cases or famous past employers in your resume summary. But don’t break NDAs.
- Craft an excellent experience section by leading with data, context and results
- Use the job description to find the perfect balance between social and tech skills
- Remember, your education can be useful and relevant. Even if at first this doesn’t seem the case.
- Show your passion and enthusiasm by adding extra sections to your resume.