Cybersecurity Manager CV Sample

September 04, 2020

Over 50+ resume samples developed by our experts for various industries and job functions in Hong Kong. Scroll down to explore and download.

Here’s a sample resume we recently produced for a Cybersecurity Manager in Hong Kong.

In this article, you’ll learn:

  • About the Cybersecurity Manager Role
  • What Hiring Managers Look For In Cybersecurity Manager Resumes
  • Cybersecurity Manager Job Opportunities
  • Job Hunting Tips from our Resident Headhunter

Cybersecurity Manager CV [Full Sample]

Here’s a full Cybersecurity Manager resume sample, which we wrote for a client recently.

MANNY TAN
REGIONAL ICT MANAGER, SECURITY (CISM®, PMP®, ITIL®, CEH)
Email:  mannyt@email.com   |   Mobile:+852 1234 5678   |   Nationality: Hong Konger
EXECUTIVE SUMMARY
  • Accomplished and well-rounded regional ICT Professional with >5 years’ experience advising and developing IT solutions, deploying security and compliance requirements, leading productive and well-integrated teams within manufacturing, insurance business and petrochemical industries across APAC.
  • Demonstrable technical expertise and knowledge of best practices for IT risk assessments & concepts, core security monitoring & response services, regulatory compliance and security incident response management; proven track record of successful IT infrastructure and industrial project implementations and personalised stakeholder support models.
  • Adept in analysing high-level information and complex technical issues, effectively translating business/user requirements into actionable IT business cases, articulate project design recommendations and deliver continuous improvement.
Significant Achievements
  • Conceptualised 3-year Information Security strategic roadmap and ongoing action plans within 12 months for APAC subsidiaries, setting up and delivering ITIL best practices and governance.
  • Raised overall Information Security maturity level/capability rating (CMMI) for 12 APAC subsidiaries to Level 3 (Defined) from Level 2 (Repeatable) and within one (1) year.
  • Developed and implemented new 3rd party due diligence system and assessment framework for ~50 local entities/vendors.
[This section gives a good helicopter view of the candidate. Quantifying the current role helps to give scale to the current responsibilities.]
KEY SKILLS
Business Strategy   |   Information Security Management   |   IT Risk Assessment   |   IT Security, Monitoring & Response Services   |   Systems Rollout & Control   |   IT Operation & Support   |   Project Planning   |   Analytical Problem Solving   |   Project Management   |   Cyber Security   |   IT Governance   |   Security Architecture  
[Ensure the keywords here mirror those used in the job ad. The first round of vetting is often done by a software scanner. This section helps to pad the CV with key phrases, which is necessary to get past those scanners.]
PROFESSIONAL EXPERIENCE
REGIONAL MANAGER, INFORMATION SECURITY (IS) & ICT
Sep 2018 – Present
ABC Inc, Hong Kong
  • Provide consultation to drive implementation of IS, Risk Management and ICT strategic plans for sustainable execution across group subsidiaries in APAC region; formulate plans that align with Group IS Policy, and in collaboration with HQ Information Management. [Opening line perfectly summarizes the candidate’s current role as it speaks about the size of the team and primary responsibility.]
  • Establish internal audit and legal framework to assess APAC subsidiaries, escalating and tracking remediation progress of critical issues to improve overall IS posture.
  • Provide key advisory in establishing risk monitoring mechanism and reporting structure, ensuring APAC subsidiaries’ maturity level comply with HQ IS standards (mapped to ISO 27001), Personal Data Protection Act (PDPA) and Cybersecurity Act.
Significant Achievements
  • Conceptualised 3-year IS strategic roadmap and ongoing action plans within 12 months for APAC subsidiaries, setting up and delivering ITIL best practices and governance – Cybersecurity & Internal Audit framework, Risk Control Security Assessment (RCSA) and shared Managed Security Services (MSS). [Talk about your contributions (and the approaches you took on to achieve them) to the company and how it affected the operations in the relevant locations where possible.]
  • Raised overall APAC subsidiaries’ IS maturity level/capability rating (CMMI) for 12 APAC subsidiaries to Level 3 (Defined) from Level 2 (Repeatable) and within one (1) year; effectively streamlined process and efficient behaviors. [Cite quantifiable metrics to support your achievements. Do, however, be aware of your company confidentiality clause.]
RESUMEWRITER   |   ASIA
ASSISTANT MANAGER, IT RISK & COMPLIANCE
May 2016 – Aug 2018
AII Inc., Hong Kong
  • Managed organization-wide execution of IT risk strategies with changes to environmental practices, adhering to standards and regulations for highly complex portfolio IT systems and core infrastructure. [Simple, clear overview of the job you previously done. Notice also how the remaining bullet points are shorter. No need to go into deep detail about previous similar workscopes.]
  • Conducted IT security due diligence, 3rd party risk assessments and gap analysis on operations and policies, identifying and providing risk reporting to minimise business impact; directed policy and procedural reviews with key stakeholders and reported directly to Head of IT Risk & Compliance.
  • Performed regular reviews on change requests in Change Advisory Board (CAB), ensuring change implementation were aligned with organization IT security standards and risk tolerance; rolled out Vulnerability Assessment (VA) tests, proactively closing gaps in system security and managed cybersecurity risks.
  • Led onsite inspections and enforced KLB’ Technology Risk Management guidelines on interviews with suppliers to advise business on financial and operational viability; facilitated all technology-related audit engagement and dialogue events to raise employees’ awareness on risk management.
Significant Achievements
  • Developed and implemented new 3rd party due diligence system and assessment framework for ~50 local entities/vendors; reviewed alongside external consultants, enterprise and risk management teams, to establish outsourcing guidelines as aligned with KLB’.
  • Key contributor for successful group technology risk projects, effectively maintaining high risk and compliance data integrity by re-engineering manual process with business intelligence platforms and solutions (RSA Archer Governance, Risk & Compliance system).
INDUSTRIAL CONTROL SYSTEMS (ICS) SECURITY ANALYST
Jan 2015 – Apr 2016
ASD Co., Hong Kong
  • Coordinated local IT infrastructure and US teams to manage multiple security technologies in monitoring and fix IT security incidents, enabling development and implementation of six-figure projects across APAC. [Simple, clear overview of the job you previously done. Notice also how the remaining bullet points are shorter. No need to go into deep detail about previous similar workscopes.]
  • Evaluated and analysed current state of IT security threats across ICS environment, collaborating with HQ ICS Security Team and numerous plant sites to develop and roll out additional monitoring & IT security tools/systems, decentralized content processes & procedures and with proper business documentation best practices.
  • Built and maintained lifecycle plan for ICS network and computer infrastructure; participated actively in ICS audits and Cyber Security Vulnerability Assessment (CSVA).
  • Provided 24/7 operational support to petrochemical facility and Management of Change (MOC) processes through partnering both HQ ICS Security and Automation Teams.
Significant Achievements

Project: IT Infrastructure Enhancement (Project Lead)

  • Led diverse team and US counterparts, consolidating ICS systems and launched new IT server rack & power system.
  • Improved industrial system uptime relay at 99.9% by installing new failover site and overhauling centralized backup management system (Symantec Netbackup) preparing for disaster recovery and managed power redundancy.

Project: IT System Lifecycle Upgrade & Intrusion Detection System (IDS) Implementation (Project Lead, IT)

  • Drove system project scoping and review cadence on IT network infrastructure design to address functional requirements.
  • Spearheaded PCN IT system migration to new servers based on corporate ICS system security requirements; performed test cases (SAT, UAT), security source code review and documented IT configuration for go-live implementation.
  • Delivered integration project for IDS and IT environment within committed time, budget plan and defined specifications; partnered with vendor to configure IDS and perform sensitivity tuning.
RESUMEWRITER   |   ASIA
EDUCATIONAL & PROFESSIONAL QUALIFICATIONS
  • Bachelor of Information Technology Management | Murdoch University | Australia | 2015
  • Diploma in Engineering Informatics | Nanyang Polytechnic | Singapore | 2004
Professional Certifications
  • ISACA Certified Information Security Manager® (CISM®) | Aug 2019
  • Certified Ethical Hacker v8 | EC-Council | Nov 2015
  • Comptia Security+ce Certified | Sep 2015
  • Certified in Project Management Professional® (PMP® – #1000000) | Project Management Institute | Feb 2015
  • Business Analysis Certification Program (BACP™) | IIL | Nov 2010
  • Cobit v4.1 Foundation | Dec 2009
  • ITIL v3 Foundation | May 2008
  • Microsoft Certified Professional (MCP) | May 2008
  • Certified in Associate Project Management (CAPM – #000000) | Project Management Institute | May 2012
TECHNICAL SKILLS
  • Languages, Applications & OS (Operating System): C | C++ | AsP | .Net | VB | VB Script | Batch Files | MS Outlook
  • Platforms, Infrastructure, Data Protection & Anti-Virus: ERP SAP R/3 (Basis) | Wide Area Networks | IT Security Protocols | Symantec Backup Exec
  • Information Security Frameworks: ISO 27001/27002 – Information Security Management | Cobit | NIST SP 800-53 | CIS Controls
  • Others: IT Lifecycle Management System (IBM Endpoint Manager) | SAP R3 (Basis) | Tyco CEM system | OSI PI System | Rockwell Factory Talk
MISC. INFORMATION
  • Languages: Fluent in English, Bahasa and Chinese
  • Nationality: Hong Konger
  • Availability: 1 Month’s Notice

References available upon request

[There’s no need to list your references; if HR is interested in you they will ask you for them.]

RESUMEWRITER   |   ASIA

About the Cybersecurity Role

Cybersecurity is a niche but growing subsector in the Information Technology industry, with roles such as security engineers, testers and architects only set to become more in demand in the future.

With the seismic shift towards all things digital, online security is more important now than ever. These factors are driving demand for skilled Cybersecurity experts.

Cybersecurity professionals are frequently on the lookout for software and infrastructure vulnerabilities in company systems or technology. They adopt a proactive and preventive stance, designing tests and controls that guard against cyber attacks before they actually happen.

Seasoned Cybersecurity experts may even set up their own Cybersecurity consultancies or practices that work independently with corporate clients. While the field is niche, it is a high-growth sector with plenty of lucrative and exciting opportunities.

What Hiring Managers Look for in Cybersecurity Resumes

Cybersecurity is a niche sector in the IT Industry, so it is not uncommon for recruiters to be unfamiliar with the intricacies of the role. It is therefore important to ensure your resume succinctly and clearly conveys your skills and strengths, such that it is easily understandable even to a general IT recruiter. To best play up your resume:

  • Support your Achievements and Work Scopes with metrics. Cybersecurity professional typically have work KPIs that are highly quantifiable. Support your achievements and claims with numbers to effectively and clearly communicate the impact your work has made.
  • Add Professional Qualifications & Certifications. Boost your credibility with professional qualifications and certifications. They also demonstrate your drive for continuous learning and initiative to keep up with the always-evolving IT Industry.
  • If you are experienced or skilled in Change Management, do add this into your resume! The IT industry is always evolving, and new frameworks, languages and software seem to be entering the field every day! Change Management is a highly advantageous skillset that communicates to employers that you are highly adaptable and familiar with the latest happenings within your industry.

Cybersecurity Job Opportunities

  • Join LinkedIn groups or follow companies you wish to work for to keep abreast with new job openings.
  • Alternatively, you can reach out to these headhunters in Hong Kong to learn about any vacancies they may be trying to fill out.

Job Hunting Tips from our Resident Headhunter

Before You Go…

Be sure to download this resume sample, which uses our tested-and-proven resume writing techniques, as a guide for your own CV. Best part is, this sample is available for free 🙂

And before you start sending out applications, send us your resume for a free CV feedback analysis from our team. We’ll review your CV in detail, share personalised feedback on its strengths and weaknesses, and show you how you can improve it.

Free CV Feedback Form