All Articles

Security Pros Guide to Optimizing LinkedIn

I’m a big believer in managing your own brand. Part of that brand is your LinkedIn profile. While this post will help you with job searches, it’s also a good idea to establish your brand. Everyone can be a security analyst but what makes you different? How can you stand out from the crowd? This guide is specifically for those in the security industry and want a better LinkedIn profile.

Make sure you have the basics

Look at your profile. Is all of the information correct? Do you have a photo? Have you filled out all of the basic fields? This is a specific guide to optimizing your profile for security professionals, so I skip the basics. If you still think you need help with the basics, start here.

Review Your Summary

Most people who see your profile will see your summary. I would write three paragraphs:

  1. What you do. This can be as simple as a brief description of your current role. Given that many security titles are generic, you should make sure that people understand what you actually do on a day-to-day basis.
  2. **Your Journey. **This is a quick summary showing your career progression. If you’re pretty early on in your career, it’s a good opportunity to talk about internships, speaking engagements, projects, etc. that you may have done prior to your first role.
  3. What makes you unique. Again, with so many people filling generic roles, this is your opportunity to bring in information that has nothing to do with the first two. If you are a trained Ruby developer who picked up security and is now an Application Security specialist, that is great information for here. Anything that gives the reader color as to what your background and interests may be. I also add in a couple of philosophy statements in mine. It’s risky, but it’s also exactly the person who shows up.

Use Good Skills

I hate endorsements for skills. My gym trainer endorsed me for cryptography. It’s too easy to endorse someone for a skill they may not have. But it’s a primary means for finding you in

LinkedIn search. Couple of important tips:

  • Be very specific. Security is an awful skill. We all have it. When I added Medical Device Security, my profile lit up with people looking for that skillset. Don’t be afraid to get very specific. Again, these are keywords that will drive people to your profile so think about what skills make you unique.
  • Off to the right, you’ll see my skills. There are some unhelpful skills in there — Information Security, Security, Computer Security. But there are also some great skills. Web Application Security is a great skill. A majority of people reaching out to me are usually due to my identity management keywords.
  • You get 50 skills on your profile. Make sure you have at least 25. Don’t be afraid to put certifications, tools you use, or even algorithms (AES is a common skill aparently).

Incorporate your Non-Work Life

The reason github is replacing LinkedIn for a lot of developer (and some security) jobs is that what we do outside of work is often just as important as what we do at work.

If you have hobbies, volunteering, or side projects that in any way relate to your skills, make sure they are reflected somewhere in your profile. If your profile is supposed to show your brand, then it needs to be more than just your resume.

Don’t be afraid to add videos, presentations and other artifacts.

The Profile For What You Want

So what do you want? A new job, networking, or brand improvement? Read through your profile and see if it represents your goal. Read through my profile. I’m specifically trying to build a brand with my profile. Through that brand, I hope to network with people and drive people to contact me for my day job at Cigital.

For the Paranoid Security People

It’s not unusual to see people list “Financial Institution” as their company. They don’t have a picture or their titles are so bland, you’re not sure what they do. I’ve specifically heard some companies’ warning their employees about phishing scams related to LinkedIn information.

I say you’re misguided. Go google yourself. LinkedIn is but a very small footprint of what the world knows about you. I’d rather have control over that data (by having a well done LinkedIn profile) than have no profile or a bare minimum profile which forces people to google further.

You think I’m nuts to be a security guy with a rich LinkedIn profile? [E-mail me](mailto = [email protected]) so we can debate.