Welcome to the
CyberIQs Knowledge Centre

Clear all

How to change careers and work as a SOC Analyst


Topic starter

I am currently employed in Distribution/Shipping for the last 6 years. I  hold my Associates degree (just gen ed classes) and I am currently studying for my Net+ and Sec+. I need something with stability, growth potential, and financial security. I’ve read and researched SOC Analyst and this is the job I want to begin my career with. I just need help in getting started. Where do I begin? Any suggestions?

4 Answers

In my humble opinion the next thing for you to do is to look into the MITRE ATT&CK and continue learning cyber, in this field you want to be always ready.

Also, try to research ahead of time the SOC you are getting into, just to avoid what I explained above. You want to get into a SOC which is serious about the value that provides to the company so you get a big deal of exposure. Banks and Financial institutions often have very good SOCs.


Good Luck!!!!



Sounds like you're on the right path. Keep in mind though. I've found info sec to be unique, I've seen people struggle because they're limited in understanding the basics of troubleshooting and how the technology works. Most of which comes from help desk experience, then sys/network admin, etc.


My other suggestion is for you to build a lab at home so you get hands-on experience. It's hard to demonstrate you understand security if you don't understand how the house is built; i.e. do you know how a computer on a domain operates?


What is Kerberos and how is it used? Do you understand how routers and firewalls operate? Why are rule ordering important for firewalls?


Good luck to you.


I cannot agree more with The_Eagle, the SOC role is a good start in cyber security. I am now working in my third SOC and I really enjoy the role. My advice is to try to get into a SOC which already has some good structure so you can progress moving from first line roles to more sophisticated positions such as intelligence, forensics or even engineering.




If you have an associates and you get the NETWORK+ and SECURITY+ I'd say you're pretty much already qualified to work in SOC. Since you said you're getting a degree in Computer Science, I'd say your talents would be wasted in a SOC (most of the work as an entry level SOC analyst is just being a ticket monkey, higher ranked SOC analysts are just going to be configuring rules and writing filters), unless you have a deep interest in security orchestration or intrusion detection and think that experience on the ground in a SOC would be beneficial to you.

If he wants to go into a SOC it is a perfectly good option for someone to get into the industry.
SOC jobs are not the most glamourous, but they will teach you and get you the real experience in the front lines. Operational experience is what every sec professional should have in the industry. So by the time they need to manage the sausage factory they know at least how sausages are made...

The description you provide about a SOC is not real at all. It looks more like NOC (Network Ops Center). I have been in various SOC's and while it is true that some of them are compliance SOC with loads of tickets, there are also other SOC's where you get to breath and live the real experience from fighting APT's to Cyber crime.