Resume Brief: Web App Sec

We held our first session of Resume Brief on May 20th, 2021. There were just a few of use online to kick around the concept. As with most things we try we’re willing to jump and test it out on the way down. Resume Brief is a response to members asking for help writing portions of their resume. Our response is a short, 15 to 30-minute, open Discord screenshare voice discussion of how to craft a single item on the resume. We take one question and actively talk through it together why the host types it out on a sample resume.

Question: I use Burp Suite a bit in my current role. How do I show it and web application security experience on my resume?

The answer from those who attended came in the form of the following bullets.

• Reduce application security rework by 15% equating to $56,000 developer effort by performing web application security assessments during the development lifecycle
• Strengthen client network security by conducting four public web site security reviews a month and working with their development team to remediate detected vulnerabilities
• Assessed 85% of internal corporate applications for web application vulnerabilities
• Analyze web application security (too vague)
• Completed PortSwigger Web Security Academy using Burp Suite [Community or Professional or Enterprise]
• Collaborate with the development team to ensure web application security vulnerabilities are identified and addressed prior to launch to save developer time.