What it’s like being a SOC Analyst
By Lyan Ware Contributor
Security Operations Analysts, or SOC Analysts are regarded as the front line for triaging progressing cyber-attacks in real time. They are the watchdogs in cyber security, monitoring and detecting potential cyber-threats for their employers. The bulk of the work that a SOC analyst does is addressing tickets in their inbox or incident response ticket portal regarding cyber security threats and breaches within a company. A SOC analyst typically works with a team, collaborating on analysis and solutions for anomalies they might find using intrusion detection systems and SIEM tools. They also perform compliance audits and disaster recovery for businesses, providing accurate documentation of actions taken by the analyst and their team.
Security analysts might also find themselves working a lot with security engineers, making suggestions on things engineers can create to reinforce and improve on a company’s infrastructure. Apart from threat detection, SOC analysts also serve as security advisors for their employers. For this reason, it is advisable for prospective SOC analysts to follow cyber security news feeds like Feedly in order to get the scoop on the latest news regarding threat actors, as well as advice from white hat hackers. Social media platforms like Twitter and LinkedIn are also helpful resources to keep up with industry news and network with experts who can help to expand your industry knowledge.
Security operations analyst is generally an entry-level position in cyber security, so having a ton of experience is not required, but being good at solving puzzles and possessing strong critical thinking abilities are pre-requisite skills that are expected of any SOC analyst hopeful. While coding will not be an active part of the job, understanding how to read coding language will assist you in being successful as an analyst (with any role in the cyber security field, really). Much of your training and development will probably occur while on the job but having sysadmin skills on Linux, Windows, and Macs, as well as knowing how to use penetration testing tools will make you a better candidate. Since incident response will be a large part of your role as a SOC analyst, it is advisable to learn how to follow the proper incident response process.
Some companies might still require a bachelor’s degree, but with demand in the job market increasing, many companies are more interested in those with hands-on, more job-focused experience, which is what cyber security bootcamps and certification courses typically provide.
If you think you are interested in going this route for your cyber security career, letsdefend.io is a good resource for learning more about becoming a SOC analyst. Some other great tools for learning and practicing basic triage and malware analysis include Malware Bazaar, Oledump, and Any.Run.
Top Security Analyst Certifications:
- CompTIA Security+
- CompTIA CySA+
- Certified Ethical Hacker (CEH)
- Certified in Risk and Information Systems Control (CRISC)
- Certified Information Systems Auditor (CISA)
- Certified Information Systems Security Professional (CISSP)