11
Mentorship Monday - Discussions for career and learning!
(infosec.pub)
An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!
Enjoy!
It's an odd position to be in; I work in the private sector but my company deals almost exclusively with government and NGO contracts, so at times I feel like I'm public sector.
What I've noticed is that even though the desired outcome is nearly identical for both sectors, the buzz words associated with each is what determines who responds to my job applications. As an example:
Private: IaC and Policy-as-Code, supply chain and software composition analysis, SAST, DAST, etc.
Public: Compliance automation, risk management frameworks, risk quantification (this one has generated a lot of excitement recently), etc.
This is purely anecdotal, but you may find adjusting your resume to include some of these buzzwords as applicable to the industry to which you are applying may help you get your foot in the door.
To reiterate, yes I know in the end all of these companies strive toward the same goals, whether it be passing audits or being able to demonstrate prudent security practices to clients, sometimes the hiring manager is looking for specific terminology and will discard any applications that exclude it.