Hiring experts share the keywords you must use to rise to the top of LinkedIn searches for security professionals. Credit: Steve Johnson When hiring managers find you on LinkedIn, it’s not by chance.The social network, with more than 400 million users worldwide, is the go-to resource for many companies looking for talent. Rising to the top of these search results happens when your profile complete, specific, detailed—and chock full of the right keywords.“It’s all about searchability on LinkedIn. You want to make it easy for recruiters and hiring managers to find you,”says Matthew Ripaldi, senior regional vice president at talent firm Modis. “You do that by loading your profile with words and phrases that they would use to find people with your experience.” But not all keywords are created equal. According to LinkedIn, “motivated, passionate and highly creative” infosec professionals are a dime a dozen. Those descriptors, along with “driven”and “extensive experience” topped the social network’s list of most-overused keywords last year. [ ALSO ON CSO: 10 Tough Security Interview Questions, and How to Answer Them ]Instead, professionals should look to words and phrases commonly listed in job descriptions, Ripaldi says. “This will help you get an understanding about what particular companies are looking for, which helps you bring out that experience in your profile.” Security professionals, however, are a special breed of LinkedIn users because not everyone wants to be found, he cautions. “Posting tools and technologies you use could be a threat to your organization, as it may create a technology map for hackers,”he says.For security professionals without boundaries on LinkedIn, experts say honing in on both complete phrases and acronyms, along with industry details, help hiring managers more easily find you. Some might search for professionals with a CISSP certification, for example, while others might search “Certified Information Systems Security Professional,” including both in your profile increases the odds that your profile appears in search results.“While a job’s responsibilities might be similar from one company to another, hiring managers want candidates to have experience in their particular industry,”says Ken Daubenspeck, CEO of recruiting firm Daubenspeck and Associates. “If you’ve been working in healthcare, list that, but also list related phrases like ‘hospital’ and ‘healthcare provider ’to cover your bases.” Experts shared their top keywords for CSOs, security analysts, penetration testers, security auditors and security architects. Here’s what topped their list and why.CSOKeywords: CISO, director of security, compliance, security strategy, forensics, penetration testing, vulnerability assessment, threat modeling, cybersecurity, information security Chief security officers manage enterprisewide security policies and systems. These professionals develop, implement and monitor long-term information security and privacy strategy, and ensure the firm meets all mandated security and compliance standards.Because of their roles and responsibilities, these professionals should pad their LinkedIn profiles with keywords related to information security, compliance and privacy, Daubenspeck says.[ ALSO ON CSO: ] In particular, hone in on specific policies, systems and responsibilities, such as vulnerability assessment and threat modeling, he says. Companies may refer to this position differently; CSO is often interchangeable with CISO, director of security or director of information security, so include a combination when possible.Security AnalystKeywords: Security information and event management, SIEM, type of SIEM, log analysis, packet analysis, intrusion detection, IDS Security analysts create, test and implement network disaster recovery plans; perform risk assessments and test data processing systems; install firewalls and data encryption; and recommend security enhancements and purchases.Hiring managers often value candidates with a professional certification, such as the Certified Information Systems Security Professional (CISSP). And because this job title is often interchanged with data security analyst, information system security analyst and IT security analyst, it’s wise to include a combination of those phrases in your profile, as well.Other important keywords include specific security information and event management technologies, Modis’ Ripaldi says, so include a comprehensive list. These may include AlienVault, Arcsight, Qradar or Envision, to name a few. Penetration TesterKeywords: Network/application, vulnerability, exploit, penetration testing, pen test tools, Burp Suite, Kali Linux, MetasploitA penetration tester is a type of network security consultant tasked with breaking into or finding potential exploits in computer systems and software. Penetration testers need a balance of expert technical skills—as they work across physical security, computer systems and networks—and creativity, as some professionals design their own tests to conduct. [ ALSO: Penetration tests: 10 tips for a successful program ]Penetration testers should include abbreviations and nicknames for responsibilities, such as “penetration testing”and “pen test tools,” since hiring managers may also search for these phrases, Ripaldi says.And don’t forget listing specific tools and technologies — so long as it doesn’t conflict with your company’s LinkedIn policy — such as Burp Suite, Kali Linux and Metasploit, he says. Security AuditorKeywords: Forensics, penetration testing, White Hat, ethical hacking, vulnerability assessmentSecurity auditors generate reports on whether a company’s security systems run efficiently and effectively, and may review or interview staff members to learn about security risks or other complications within the company. These professionals often work on a contract basis. Security auditors, who may be limited by naming specific clients, should focus keywords associated with roles and responsibilities, such as penetration testing and forensics. Include, too, keywords associated with the nature of your profession, Daubenspeck says, such as “white hat”and “ethical hacking.”Security ArchitectKeywords: Specific certifications, especially CISSP; big data; threat analysis; architecture/design; compliance and regulatory controls; penetration testing Security architects are responsible for maintaining the security of a company’s computer system. These professionals think like hackers and must stay current on the latest developments in security.“You must list all the certifications you have, especially CISSP,” says Allison Hutton, chief talent officer at talent acquisition firm Allavanti Group. “Also, focus your keywords on the areas you’re experienced in, such as threat analysis, architecture and design, policy writing, network security, systems security, database, and applications or software.” Related content feature The biggest data breach fines, penalties, and settlements so far Hacks and data thefts, enabled by weak security, cover-ups or avoidable mistakes have cost these companies a total of nearly $4.4 billion and counting. By Shweta Sharma and Michael Hill Apr 26, 2024 16 mins Data Breach Security news New CISO appointments 2024 Keep up with news of CSO, CISO, and other senior security executive appointments. By CSO Staff Apr 26, 2024 14 mins CSO and CISO IT Jobs IT Governance news Top cybersecurity product news of the week New product and service announcements from Forcepoint, Ionix, Amplifier Secutiry and Torq. By CSO staff Apr 26, 2024 81 mins Generative AI Security feature Looking outside: How to protect against non-Windows network vulnerabilities Security administrators who work in Windows-based environments should heed the lessons inherent in recent vulnerability reports. By Susan Bradley Apr 25, 2024 7 mins Windows Security Network Security Security Practices PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe