The main task of the cybersecurity analyst is to analyze the threats faced by the organization’s network. It is also referred to as SOC analyst in some sources, so you can think of the security analyst on the rest of the article where you see SOC Analyst.
What is a SOC Analyst?
SOC Analysts are the first responders to the cybersecurity threats and make the first analysis of the incidents. The SOC Analyst evaluates the situation and, if necessary, performs escalation to senior analysts.
What do SOC analysts do?
In general terms, it performs analysis using various security solutions (SIEM, SOAR, EDR, Log Management, etc.) and clarifies whether the alarm from SIEM is suspicious.
It requires a broad perspective as it has to analyze many different situations.
Steps to Become a SOC Analyst:
- Learn fundamentals
- Create portfolio
- Blue team certification
- Find job
A successful SOC analyst should have a basic knowledge of computer science. Some of these topics: Networking, operating systems, programming fundamentals, cybersecurity, etc.
To acquire these skills, you can study Computer Science at a university and get a graduation certificate. But this is not the only way, you can learn from various books and videos by researching these topics separately. The important point here is that we cannot ensure security if we don’t know its foundations.
Once you’ve completed the first stage and have the basics in place, you should now be able to show them to people. The easiest way to do this is to write a blog. By opening a free blog page on platforms such as WordPress and Medium, you can share blog posts that will show that you are interested in cyber security. It doesn’t matter at this stage that the subject you will write about has been written by 1000 people before, our aim is to clearly show that we are interested in this field. Some topics to write about:
- OWASP Top 10
- Red team vs Blue team
- Why blue team is important in cybersecurity
Using your programming skills, you can develop some tools and publish them on Github or contribute to open source projects.
Additionally, you can use your LetsDefend profile, the SOC analyst training platform. Thus, you can easily show which types of cases you have studied and with what success rate.
An internship in the field of Blue team will make this process easier. If you are a college student, you can make it clear that you really want to make a career in the blue team by doing your internship in this field.
Blue Team Certification
Getting certified at this stage may not always make sense. Because getting certified is expensive and time consuming. Despite all this, having a certificate will make you stand out.
The following website will assist you in choosing a certificate.
Now that we have completed the beginning stages, we can now look for a SOC analyst job. First, we can start with a carefully prepared resume.
The best way to find a job is to use our existing networking. In cases where our circle is not large enough, we can make applications by searching on LinkedIn or similar platforms. Afterwards, you can find the relevant manager, team leader and write to him/her why you are suitable for this position via e-mail or LinkedIn.