How to get a Job as a SOC Analyst
By Lyan Ware Contributor
Cyber-security analysts or SOC analysts are part of the team that protects organizations from cyber-attacks. They function as cyber security advisers and watchdogs.
In preparation for applying for an entry-level position as a level one SOC analyst, be sure to have the correct certifications such as Security+. Practicing SOC skills with an open-source invasion detection system such as Sagan, Snort, or OSSEC, as a few examples, is also a very good way to prepare yourself for what you’ll be doing for your job. Be sure to keep yourself up to date with cyber security news by following blogs and trending cyber-related Reddit topics, since you will be expected to know the latest cyber-attacks and threats. You should also have at least a basic understanding of coding languages like HTML, Python, and Javascript.
Once you feel prepared skills-wise for an entry-level SOC analyst position, you’ll need to curate yourself into an ideal candidate for hiring managers. Since you’ll likely lack in cyber security experience, one thing you can do to help boost your resume is to create a cyber security plan for a non-profit organization. This work will be volunteer work, but the hands-on experience and networking opportunities will be sure to make you a stand-out from other applicants with zero experience. You can also highlight the skills section of your resume if you lack relevant job experience but be prepared to explain the basic fundamentals of each tool or skill you choose to list.
Using LinkedIn to network and study up on your desired company’s culture is another way to help you land a job because you can tailor your LinkedIn profile to appeal to hiring managers and recruiters for those companies. LinkedIn is a very useful and important tool in today’s job-hunting environment as a supplement to your resume to successfully market yourself for the jobs you want.
If you’re interested in establishing and expanding your connections in the field, looking for possible mentors to assist you in jump-starting your career, consider participating in local hacker conventions called Security BSides. Many of these conferences are hosted online, but if you’re able to attend them in person, it will be a helpful way to meet different people in the industry with tons of experience and advice.
Now, once you’ve landed an interview, what can you expect as far as questions go? How can you prepare yourself?
The main objective you want to accomplish in order to land the interview is to sell your capability in protecting an organization from cyber-attacks and be able to explain just how you would go about doing that. Expect to be able to demonstrate how you’ll keep server interruptions to a minimum and how you’ll prevent data loss, how compliance works and how it should be enforced. Make sure you can name and explain the most common cyber-attacks as well as the latest ones. Be able to name the tools you would use to secure a standard network and how you would go about securing a network.
You will probably be asked about different protocols, so be make sure you’re able to provide simple and concise explanations for them. What are some web server vulnerabilities? How would you prevent them? Know how to explain what a three-way handshake is. Know the components of a good penetration test report. These are just a few of the possible topics that a company might grill you on during an interview, but the main focus will likely be on how you intend on protecting an organization’s data and servers.
Best of luck out there! And remember not to underestimate the power of confidence!
What it’s like being a Penetration Tester/Ethical Hacker
What it’s like being a Cyber Forensics Investigator
Leave a Reply
You must be logged in to post a comment.