So I am a network engineer by trade at my work however over the last few years the company has realized that they can no longer just ignore cyber security. Through luck and placement I have become the “cyber” person as I showed interest in cyber and hacking and my work was looking for an inside hire.
They have sent me on some SANS courses as that was what was recommended to them to create cyber personnel.
I have been tasked with setting up a small SOC. We have ok funding and so have most of the equipment we need however what we are low on is man power (and we are not going to get any more). We are essentially no documentation / procedures and are making it up as we go along.
Does anyone have any documentation / tutorials / guides about how a SOC should be run. Anything from “day in the life of SOC analysis” or standard operating procedures would be amazing or links would be great.