CYBERSECURITY JOB HUNTING GUIDE
  • Home
  • Introduction
    • Things you should know
    • The strategy
  • Paths into Cybersecurity
    • First steps
    • SWOT Analysis
    • How much time do you need?
    • Calculate& Evaluate Knowledge
    • Imposter syndrome
    • Time Management
    • Cybersecurity Domains
    • Cloud Security
    • Financial advice >
      • Credit score
    • The salary
    • Advocacy for underrepresented groups
  • Goal Setting & Career paths
    • Find your career in 5 steps
    • Cybersecurity career options
    • Career finding with LinkedIn
    • Transferable Skills (general)
    • Transferable IT Skills
    • Find a path with job descriptions
    • The I do not know path
    • Do you know “garbage” jobs?
    • “Bonus” knowledge
    • Learning & Motivation
    • Particular vs. any job
    • Pentester path (start)
    • Pen Testing as Career
    • SOC Analyst as career
    • Security Engineer as career
    • Compliance & Risk as career
    • How to find a career (IAM Engineer)
    • Find a company
  • Networking
    • Networking like a pro
    • LinkedIn
    • Referrals & Skills
    • LinkedIn Recruiters >
      • Working with a recruiter
    • Cyber Community
    • Networking University
    • Mentoring
    • Build your personal brand
    • Goal of Networking
  • Hands-on
    • The home lab >
      • Designing a home lab
      • Ways to create a home lab
      • Hypervisors >
        • VirtualBox
        • VMWare Player
        • QEMU/KVM
      • Docker
      • Operating Systems >
        • Kali Linux >
          • Installing Kali with VirtualBox
        • Parrot
        • BlackArch
        • Red Hat Enterprise Linux >
          • RHCSA
        • Security Onion >
          • Installation Security Onion
        • Metasploitable2
        • Ubuntu
        • Windows >
          • Windows in a VM
          • Windows with Virtual Machine Manager
          • Preparing Windows logging
          • John Strand's ADHD VM
      • Firewalls >
        • pfSense Installation
        • pfSense configuration for Security Onion
    • Volunteer Work
    • Note Taking
    • Red labs >
      • Cyberseclabs
      • HackTheBox >
        • HackTheBox Academy
      • INE red side
      • RangeForce
      • Offensive Security
      • TryHackMe
      • Virtual Hacking Labs
    • Red tools & techniques >
      • Atomic Red Team
      • DVWA
      • Metasploit
      • OSINT tools
      • OWASP Juice Shop
    • Blue labs >
      • Blue Team Labs Online
      • DetectionLab (free)
      • INE
      • Letsdefend >
        • LetsDefend password stealer
      • Opensecuritytraining (free)
      • PurpleLabs
      • RangeForce
    • Blue tools >
      • Install a Canary Token
      • CyberChef
      • EDR Lima Charlie installation
      • EDR LimaCharlie configuration
      • EDR Velociraptor (free)
      • EDR Bluespawn (free)
      • DeepBlueCLI (logs Powershell, free)
      • Raccine (ransomware protection, free)
      • Install RITA (detects C2 traffic, free)
      • Sandboxes >
        • Joe's Sandbox
      • SIEM ELK Stack
      • SIEM Graylog >
        • Getting started with Graylog
        • Install Graylog
        • Graylog Windows agent
        • Graylog Linux agent
        • Graylog as application
      • Suricata with RangeForce
      • Identifying IoCs with RangeForce
      • What2Log
  • Certifications, Degree & Courses
    • Overview
    • Free & Affordable Resources
    • Pick your cert
    • Skill Assessment
    • Get a cheap degree
  • (Employment) fraud & scams
    • Suspicious Offer
    • Second Offer
    • Certification Scams
    • Fraud with courses
  • Analyzing a job ad
    • The Header
    • Building a Bridge
    • The Responsibilities
    • Desired Skills
    • Preferred Qualification
    • Benefits
    • Own skills vs job ad
    • Dealing with poorly written job ads
  • Resume writing
    • Templates
    • Building a draft
    • Resume in Detail
    • Understand the company
    • ATS and tailoring
    • Last Step
  • Cover letter
    • Writing a cover letter
  • Preparation & Interview
    • Organize your job hunt
    • SWOT Again (interview)
    • Twitter
    • The interview
    • Interview Questions Designed To Trick You
    • Post interview tasks
  • I did it all, but...
    • You are not alone
    • Try Something New
    • Why You'll Fail in Cyber Security
  • Yes, I got a job!
    • Two, or more offers?
    • Continued learning
    • Moving up
    • Lessons learned
  • Conclusion
  • Additional things
    • Reviews (labs, courses, certs) >
      • CompTIA A+
      • CompTIA Network+
      • CompTIA Security+
      • CompTIA Server+
      • CompTIA PenTest+
      • DroneSec DSOC
      • Defensive-Security Purple Labs
      • FAA Part 107
      • INE eCPPT & PTP
      • Letsdefend review
      • Microsoft AZ-500
      • RangeForce SOC 1
      • RangeForce SOC 2
    • Work In A Different Country >
      • The Work Permit
      • Working in the US
      • Studying in the US
      • Studying in Germany
      • Work in a different country
    • Other Resources >
      • Useful Links >
        • All about careers
        • Red resources
        • Blue resources
      • YouTube
      • Twitch
      • Podcasts
      • Books
      • Udemy
      • Thanks
    • Contributors
  • Stefan Waldvogel, where can I help?
  • Home
  • Introduction
    • Things you should know
    • The strategy
  • Paths into Cybersecurity
    • First steps
    • SWOT Analysis
    • How much time do you need?
    • Calculate& Evaluate Knowledge
    • Imposter syndrome
    • Time Management
    • Cybersecurity Domains
    • Cloud Security
    • Financial advice >
      • Credit score
    • The salary
    • Advocacy for underrepresented groups
  • Goal Setting & Career paths
    • Find your career in 5 steps
    • Cybersecurity career options
    • Career finding with LinkedIn
    • Transferable Skills (general)
    • Transferable IT Skills
    • Find a path with job descriptions
    • The I do not know path
    • Do you know “garbage” jobs?
    • “Bonus” knowledge
    • Learning & Motivation
    • Particular vs. any job
    • Pentester path (start)
    • Pen Testing as Career
    • SOC Analyst as career
    • Security Engineer as career
    • Compliance & Risk as career
    • How to find a career (IAM Engineer)
    • Find a company
  • Networking
    • Networking like a pro
    • LinkedIn
    • Referrals & Skills
    • LinkedIn Recruiters >
      • Working with a recruiter
    • Cyber Community
    • Networking University
    • Mentoring
    • Build your personal brand
    • Goal of Networking
  • Hands-on
    • The home lab >
      • Designing a home lab
      • Ways to create a home lab
      • Hypervisors >
        • VirtualBox
        • VMWare Player
        • QEMU/KVM
      • Docker
      • Operating Systems >
        • Kali Linux >
          • Installing Kali with VirtualBox
        • Parrot
        • BlackArch
        • Red Hat Enterprise Linux >
          • RHCSA
        • Security Onion >
          • Installation Security Onion
        • Metasploitable2
        • Ubuntu
        • Windows >
          • Windows in a VM
          • Windows with Virtual Machine Manager
          • Preparing Windows logging
          • John Strand's ADHD VM
      • Firewalls >
        • pfSense Installation
        • pfSense configuration for Security Onion
    • Volunteer Work
    • Note Taking
    • Red labs >
      • Cyberseclabs
      • HackTheBox >
        • HackTheBox Academy
      • INE red side
      • RangeForce
      • Offensive Security
      • TryHackMe
      • Virtual Hacking Labs
    • Red tools & techniques >
      • Atomic Red Team
      • DVWA
      • Metasploit
      • OSINT tools
      • OWASP Juice Shop
    • Blue labs >
      • Blue Team Labs Online
      • DetectionLab (free)
      • INE
      • Letsdefend >
        • LetsDefend password stealer
      • Opensecuritytraining (free)
      • PurpleLabs
      • RangeForce
    • Blue tools >
      • Install a Canary Token
      • CyberChef
      • EDR Lima Charlie installation
      • EDR LimaCharlie configuration
      • EDR Velociraptor (free)
      • EDR Bluespawn (free)
      • DeepBlueCLI (logs Powershell, free)
      • Raccine (ransomware protection, free)
      • Install RITA (detects C2 traffic, free)
      • Sandboxes >
        • Joe's Sandbox
      • SIEM ELK Stack
      • SIEM Graylog >
        • Getting started with Graylog
        • Install Graylog
        • Graylog Windows agent
        • Graylog Linux agent
        • Graylog as application
      • Suricata with RangeForce
      • Identifying IoCs with RangeForce
      • What2Log
  • Certifications, Degree & Courses
    • Overview
    • Free & Affordable Resources
    • Pick your cert
    • Skill Assessment
    • Get a cheap degree
  • (Employment) fraud & scams
    • Suspicious Offer
    • Second Offer
    • Certification Scams
    • Fraud with courses
  • Analyzing a job ad
    • The Header
    • Building a Bridge
    • The Responsibilities
    • Desired Skills
    • Preferred Qualification
    • Benefits
    • Own skills vs job ad
    • Dealing with poorly written job ads
  • Resume writing
    • Templates
    • Building a draft
    • Resume in Detail
    • Understand the company
    • ATS and tailoring
    • Last Step
  • Cover letter
    • Writing a cover letter
  • Preparation & Interview
    • Organize your job hunt
    • SWOT Again (interview)
    • Twitter
    • The interview
    • Interview Questions Designed To Trick You
    • Post interview tasks
  • I did it all, but...
    • You are not alone
    • Try Something New
    • Why You'll Fail in Cyber Security
  • Yes, I got a job!
    • Two, or more offers?
    • Continued learning
    • Moving up
    • Lessons learned
  • Conclusion
  • Additional things
    • Reviews (labs, courses, certs) >
      • CompTIA A+
      • CompTIA Network+
      • CompTIA Security+
      • CompTIA Server+
      • CompTIA PenTest+
      • DroneSec DSOC
      • Defensive-Security Purple Labs
      • FAA Part 107
      • INE eCPPT & PTP
      • Letsdefend review
      • Microsoft AZ-500
      • RangeForce SOC 1
      • RangeForce SOC 2
    • Work In A Different Country >
      • The Work Permit
      • Working in the US
      • Studying in the US
      • Studying in Germany
      • Work in a different country
    • Other Resources >
      • Useful Links >
        • All about careers
        • Red resources
        • Blue resources
      • YouTube
      • Twitch
      • Podcasts
      • Books
      • Udemy
      • Thanks
    • Contributors
  • Stefan Waldvogel, where can I help?
  CYBERSECURITY JOB HUNTING GUIDE

Understand THE company

Author: Stefan Waldvogel

To write an effective resume understand the company.

Let us say you wrote the first draft but you do not feel very confident about it. You can do a lot more! Try to understand the company. The starting point is the web page. What is your first impression? Here you see bright colors and blue. The website is friendly, but you can get more out of it. This company works with two tools: Lexico and DNSense. I never heard these names before, but if I want this job, I have to know more about it. Maybe they are OpenSource or offer a free trial and I can test it? If you cannot find information about them, ask employees maybe there is a similar product and you can brush up on your skills.
​
This company is a consulting company and the customer is the center. If you go into an interview, you have to know this.
What else can you get? Install the browser extension Netcraft. You get details about how old the site is and other details. The site report is very useful if you are not sure about a web page. You want to see a hidden thing:
Picture
Former Hackers, Fighting Hackers. This is a hidden gem.  The Netcraft Risk Rating is 0 and smaller companies often have 1 or 2. Is this all? No! Install Wappalyzer to see more details.
Picture
If you get version numbers, google for vulnerabilities. A lot of companies use old jQuery versions with XSS vulnerabilities. Maybe this is a problem, maybe not, but if you see a 5-year-old Apache…. and this company sells security products? To me, this would be a huge red flag.
We can do more…
This company is small, but we can use google / LinkedIn to find some names. Remember, networking is big. Why can you not add some employees and the company to your professional network and start a talking to some of them?
If you do excellent research, you can find a lot of details about the people and the company. The web page does not mention a name, but most likely I know the author. One piece of advice: Do not dig too deep, business is business, but a full OSINT to get a private number is too much.
Next: ATS and tailoring
© 2021. This work is licensed under a CC BY-SA 4.0 license​