this post was submitted on 13 May 2024
11 points (92.3% liked)

cybersecurity

3249 readers
2 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Community Rules

Enjoy!

founded 1 year ago
MODERATORS
shellsharks@infosec.pub
tweedge@infosec.pub
11
Mentorship Monday - Discussions for career and learning! (infosec.pub)
submitted 6 months ago by shellsharks@infosec.pub to c/cybersecurity@infosec.pub
7 comments fedilink hide all child comments
 

Weekly thread for any and all career, learning and general guidance questions. Thinking of taking a training or going for a cert? Wondering how to level up your career? Wondering what NOT to do? Got other questions? This is the time and place to ask!

you are viewing a single comment's thread
view the rest of the comments
[–] lando55@lemmy.world 2 points 6 months ago

It's an odd position to be in; I work in the private sector but my company deals almost exclusively with government and NGO contracts, so at times I feel like I'm public sector.

What I've noticed is that even though the desired outcome is nearly identical for both sectors, the buzz words associated with each is what determines who responds to my job applications. As an example:

Private: IaC and Policy-as-Code, supply chain and software composition analysis, SAST, DAST, etc.

Public: Compliance automation, risk management frameworks, risk quantification (this one has generated a lot of excitement recently), etc.

This is purely anecdotal, but you may find adjusting your resume to include some of these buzzwords as applicable to the industry to which you are applying may help you get your foot in the door.

To reiterate, yes I know in the end all of these companies strive toward the same goals, whether it be passing audits or being able to demonstrate prudent security practices to clients, sometimes the hiring manager is looking for specific terminology and will discard any applications that exclude it.