I’m at a bit of a cross roads and was just wondering if I could get some constructive input.
I’ve got 6 years IT experience behind me, 3 of that working in two different IT Security roles, I have PCNSA, SEC+ and MCSE.
My current role at the moment is a bit of everything, configuring and monitoring Palo Alto Firewalls, implementing a cloud proxy solution, some vulnerability management with Qualys and a bit of incident response but mainly assisting our outsourced SOC with investigations, it’s more of a Security Engineer role – implementing technical controls rather than responding to threats or doing any threat hunting, I look at it as a sysadmin role with a security focus. My old role was similar but a bit more hands on with incident response and proactively managing our SIEM.
I do a lot of Blueteam labbing on BTLO and feel like I’m quite strong in that area but those skills aren’t needed daily in my current role ( I do really enjoy this side of things) I also have a lot of general Sec knowledge and have a strong IT background – MSconfig mgr, powershell, etc.
Basically what I am asking is if it is worth looking for a SOC analyst role so I can start thinking about specializing or sticking with a more all rounder position? The problem is I’m paid quite well so I would maybe have to drop down to a SOC level 1 pay as I probably don’t have the out and out SOC experience to go in at the pay level I am at now which is probably not an option for me.
What would be a good direction to move forward in? And what roles are still technically stimulating that aren’t in the SOC.
Any advice welcome.