Monday, August 23, 2021

Resume Help! 185 Action Verbs

Phenomenal job whoever put this together. I found this here:

185 Action Verbs That'll Make Your Resume Shine | The Muse

Here's the list so that I can refer others to this... How often are you asked for help? Here's a great way to spruce up the old resume. Express yourself well. Tell the story. Don't bore me. There's a balance of too little and too much. Grammar-check and spell-check everything. Check your spacing, fonts, and use of bolding/italics/color to make sure you are consistent everywhere.

Your resume has to stand by itself without you there to explain away easy to fix mistakes. The last position we had for our team had 450 resumes submitted within days. I'm ruthless with reviews. You have time to work on your resume. It should be awesome. You can tell a difference between someone who cares and someone who doesn't.

Action Verbs 1-12: You Led a Project
If you were in charge of a project or initiative from start to finish, skip “led” and instead try:
1. Chaired
2. Controlled
3. Coordinated
4. Executed
5. Headed
6. Operated
7. Orchestrated
8. Organized
9. Oversaw
10. Planned
11. Produced
12. Programmed

Action Verbs 13-33: You Envisioned and Brought a Project to Life
And if you actually developed, created, or introduced that project into your company? Try:
13. Administered
14. Built
15. Charted
16. Created
17. Designed
18. Developed
19. Devised
20. Founded
21. Engineered
22. Established
23. Formalized
24. Formed
25. Formulated
26. Implemented
27. Incorporated
28. Initiated
29. Instituted
30. Introduced
31. Launched
32. Pioneered
33. Spearheaded

Action Verbs 34-42: You Saved the Company Time or Money
Hiring managers love candidates who’ve helped a team operate more efficiently or cost-effectively. To show just how much you saved, try:
34. Conserved
35. Consolidated
36. Decreased
37. Deducted
38. Diagnosed
39. Lessened
40. Reconciled
41. Reduced
42. Yielded

Action Verbs 43-61: You Increased Efficiency, Sales, Revenue, or Customer Satisfaction
Along similar lines, if you can show that your work boosted the company’s numbers in some way, you’re bound to impress. In these cases, consider:
43. Accelerated
44. Achieved
45. Advanced
46. Amplified
47. Boosted
48. Capitalized
49. Delivered
50. Enhanced
51. Expanded
52. Expedited
53. Furthered
54. Gained
55. Generated
56. Improved
57. Lifted
58. Maximized
59. Outpaced
60. Stimulated
61. Sustained

Action Verbs 62-87: You Changed or Improved Something
So, you brought your department’s invoicing system out of the Stone Age and onto the interwebs? Talk about the amazing changes you made at your office with these words:
62. Centralized
63. Clarified
64. Converted
65. Customized
66. Influenced
67. Integrated
68. Merged
69. Modified
70. Overhauled
71. Redesigned
72. Refined
73. Refocused
74. Rehabilitated
75. Remodeled
76. Reorganized
77. Replaced
78. Restructured
79. Revamped
80. Revitalized
81. Simplified
82. Standardized
83. Streamlined
84. Strengthened
85. Updated
86. Upgraded
87. Transformed

Action Verbs 88-107: You Managed a Team
Instead of reciting your management duties, like “Led a team…” or “Managed employees…” show what an inspirational leader you were with terms like:
88. Aligned
89. Cultivated
90. Directed
91. Enabled
92. Facilitated
93. Fostered
94. Guided
95. Hired
96. Inspired
97. Mentored
98. Mobilized
99. Motivated
100. Recruited
101. Regulated
102. Shaped
103. Supervised
104. Taught
105. Trained
106. Unified
107. United

Action Verbs 108-113: You Brought in Partners, Funding, or Resources
Were you “responsible for” a great new partner, sponsor, or source of funding? Try:
108. Acquired
109. Forged
110. Navigated
111. Negotiated
112. Partnered
113. Secured

Action Verbs 114-122: You Supported Customers
Because manning the phones or answering questions really means you’re advising customers and meeting their needs, use:
114. Advised
115. Advocated
116. Arbitrated
117. Coached
118. Consulted
119. Educated
120. Fielded
121. Informed
122. Resolved

Action Verbs 123-142: You Were a Research Machine
Did your job include research, analysis, or fact-finding? Mix up your verbiage with these words:
123. Analyzed
124. Assembled
125. Assessed
126. Audited
127. Calculated
128. Discovered
129. Evaluated
130. Examined
131. Explored
132. Forecasted
133. Identified
134. Interpreted
135. Investigated
136. Mapped
137. Measured
138. Qualified
139. Quantified
140. Surveyed
141. Tested
142. Tracked

Action Verbs 143-161: You Wrote or Communicated
Was writing, speaking, lobbying, or otherwise communicating part of your gig? You can explain just how compelling you were with words like:
143. Authored
144. Briefed
145. Campaigned
146. Co-authored
147. Composed
148. Conveyed
149. Convinced
150. Corresponded
151. Counseled
152. Critiqued
153. Defined
154. Documented
155. Edited
156. Illustrated
157. Lobbied
158. Persuaded
159. Promoted
160. Publicized
161. Reviewed

Action Verbs 162-173: You Oversaw or Regulated
Whether you enforced protocol or managed your department’s requests, describe what you really did, better, with these words:
162. Authorized
163. Blocked
164. Delegated
165. Dispatched
166. Enforced
167. Ensured
168. Inspected
169. Itemized
170. Monitored
171. Screened
172. Scrutinized
173. Verified

Action Verbs 174-185: You Achieved Something
Did you hit your goals? Win a coveted department award? Don’t forget to include that on your resume, with words like:
174. Attained
175. Awarded
176. Completed
177. Demonstrated
178. Earned
179. Exceeded
180. Outperformed
181. Reached
182. Showcased
183. Succeeded
184. Surpassed
185. Targeted

Wednesday, August 4, 2021

[Comment Period] Draft SP 800-53A Revision 5

 Tags: NIST, Draft SP 800-53A Revision 5, Comment Period, assessment objectives, determination statements, assessment methods, assessment objects

Source: SP 800-53A Rev. 5 (Draft), Assessing Security and Privacy Controls in Info Sys and Orgs | CSRC (nist.gov)

Control assessments are not about checklists, simple pass/fail results, or generating paperwork to pass inspections or audits. The testing and evaluation of controls in a system or organization to determine the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome are critical to managing and measuring risk. Additionally, control assessment results serve as an indication of the quality of the risk management processes, help identify security and privacy strengths and weaknesses within systems, and provide a road map to identifying, prioritizing, and correcting identified deficiencies. 

 

Draft NIST Special Publication (SP) 800-53A Revision 5, Assessing Security and Privacy Controls in Information Systems and Organizations, provides organizations with a flexible, scalable, and repeatable assessment methodology and assessment procedures that correspond with the controls in NIST SP 800-53, Revision 5. Like previous revisions of SP 800-53A, the generalized assessment procedures provide a framework and starting point to assess the enhanced security requirements and can be tailored to the needs of organizations and assessors. The assessment procedures can be employed in self-assessments or independent third-party assessments.

In addition to the update of the assessment procedures to correspond with the controls in SP 800-53, Revision 5, a new format for assessment procedures in this revision to SP 800-53A is introduced to:

  • Improve the efficiency of conducting control assessments,
  • Provide better traceability between assessment procedures and controls, and
  • Better support the use of automated tools, continuous monitoring, and ongoing authorization programs.

NIST is seeking feedback on the assessment procedures in this publication and in electronic versions (OSCAL, CSV, and plain text), including the assessment objectives, determination statements, and potential assessment methods and objects. We are also interested in the approach taken to incorporate organization-defined parameters into the determination statements for the assessment objectives. To facilitate their review and use by a broad range of stakeholders, the assessment procedures are available for comment and use in PDF format, as well as comma-separated value (CSV), plain text, and Open Security Controls Assessment Language (OSCAL) formats.

 

The comment period is open through October 1, 2021. See the publication details for a copy of the draft and associated files, and instructions for submitting comments. We encourage you to submit comments using the comment template provided.

 

Please submit inquiries and comments to sec-cert@nist.gov.

 

NOTE: A call for patent claims is included on page vii of this draft.  For additional information, see the Information Technology Laboratory (ITL) Patent Policy--Inclusion of Patents in ITL Publications.

 

Publication details:

https://csrc.nist.gov/publications/detail/sp/800-53a/rev-5/draft  

ITL Patent Policy:

https://www.nist.gov/itl/publications-0/itl-patent-policy-inclusion-patents-itl-publications

 

Friday, July 16, 2021

Creating Professional Velocity

The Simple Formula

  1. Increase your professional education.
  2. Increase your social education.
  3. Increases your value.
  4. Increases your desirability.
  5. Increases your opportunities. 
  6. Increases your earning potential.
  7. Increases your velocity towards financial goals.
  8. Establishes financial freedom to focus on other goals. 

Trade-Offs

  1. Time.
  2. Energy.
  3. Sacrifice.

Considerations

  1. Timing of when to invest where. Invest early for greater dividends later.
  2. Take care of your physical self to be your best mental self. A strong body reduces mental fatigue and enables a strong mind. 
  3. You get to balance your investments. Keeping all of them healthy is work that requires intentionality. Family. Friends. Personal. Professional.
  4. Avoid instant gratification. Exercise your patience. Grow that muscle.
  5. Coaching, Mentoring, and Counseling. Surround yourself with advocates. 

Monday, May 17, 2021

June 3-4: Register for Security Connect 2021, VMware's annual cybersecurity conference!

Tags: VMware, cybersecurity, conference

Here’s a compiled list of all 59 sessions for VMware’s own annual cybersecurity conference:

Link: Signup Here for VMware’s Security Connect (vmware.com)

Compiled List of all 59 Sessions:

Tuesday, March 16, 2021

Summary Statistics for NIST SP 800-53r5

Very interesting statistics, particularly around the related and cross-referenced controls. These counts are related to the Top Level controls. While certainly not an absolute flag, these counts are an interesting indicator of the importance of each of the controls. 

Also, note the count of controls in the baselines, including the incremental jumps from LOW to MOD and MOD to HIGH. Note that these totals include controls and enhancements. 

Thursday, February 25, 2021

VMware OCTO is Hiring!!!

Interested in joining VMware OCTO? GREAT people. GREAT mission. Join us! I really do love it here. 

Visit https://rolp.co/4babk and type JoinOCTO in the search.

OCTO’s mission is to create a future of disruptive technologies for VMware and enable a culture of perpetual innovation. We are thought leaders and trusted advisors who collaborate with our entire VMware ecosystem—co-innovating cross-company and with technologists from academia, our customer and partner communities. We invest in people, nurture their ideas, and embrace acceptable risk. Obstacles don’t stop us. We run past them because shifts in direction can lead to new insights and innovations, and to places we never would have otherwise gone.

We are actively seeking inclusive people who bring diverse skills, backgrounds, perspectives, and ideas to the table; people who can transcend limits and always have their eyes on the future. This is how great advances are made, how contributions are valued, and how innovation thrives.

Hope to see you here!!

Thursday, February 11, 2021

Corrected and Compiled NIST SP800-53r5

Congratulations to the collaborators on the updated NIST SP800-53 Revision 5. There are many improvements in this version which seeds several standards efforts around the globe. 

Please find on the www.compliancequickstart.com downloads page a compiled and slightly corrected version of the downloadable excel files from NIST located here

The corrected version is titled NIST sp800-53r5.ver.01a and found here. I've also added a few details that I find helpful. 

Updates/Corrections

  1. Corrected withdrawn column which had one control mismarked and another not marked.
  2. Added 2-digit Control ID which enables proper sorting on control identifiers. Current published version is incorrectly sorted.
  3. Added column named PK (Primary Key) for proper sorting
  4. AU-5(4) references AU-15 which is withdrawn into AU-5. Updated to reflect AU-5.
  5. AU-9 references AU-15 which is withdrawn into AU-5. Updated to reflect AU-5.