January 11, 2021

Real Truths of SOCs and being a SOC analyst


All, I interviewed a long time SOC Analyst (Brandon Poole) for SimplyCyber (YT Channel). He provided a wealth of answers on working in a SOC, the problem with SOCS, and (the most important) questions to ask at a SOC analyst interview that may help you identify red flags that may indicate its not the best career move to work at that SOC.

Here is the detail and minute markers LINKS for the questions so if you want you can see what the questions were and you could get only those answers if interested.

Full Video: [https://youtu.be/7LY-zLpx_48](https://youtu.be/7LY-zLpx_48)

Questions:

[0:20](https://www.youtube.com/watch?v=7LY-zLpx_48&t=20s) Show Intro

[2:52](https://www.youtube.com/watch?v=7LY-zLpx_48&t=172s) Interview Start

[3:20](https://www.youtube.com/watch?v=7LY-zLpx_48&t=200s) What is the difference between a runbook and a playbook

[5:20](https://www.youtube.com/watch?v=7LY-zLpx_48&t=320s) How are SOCs treated like the helpdesk of cybersecurity?

[6:17](https://www.youtube.com/watch?v=7LY-zLpx_48&t=377s) Why are tiered SOCs the old way of running a SOC and what is bad about them?

[8:03](https://www.youtube.com/watch?v=7LY-zLpx_48&t=483s) What questions should you ask during a SOC interview to identify red flags?

[14:50](https://www.youtube.com/watch?v=7LY-zLpx_48&t=890s) What are different types of SOCs?

[20:18](https://www.youtube.com/watch?v=7LY-zLpx_48&t=1218s) What are the challenges of not having an IT background and working in cybersecurity?

[23:05](https://www.youtube.com/watch?v=7LY-zLpx_48&t=1385s) How to avoid not being taken seriously?

[24:00](https://www.youtube.com/watch?v=7LY-zLpx_48&t=1440s) Real life SOC horror story

[36:19](https://www.youtube.com/watch?v=7LY-zLpx_48&t=2179s) GRC v. SecOps people

[39:28](https://www.youtube.com/watch?v=7LY-zLpx_48&t=2368s) Why is it ok not to evict a malicious actor in your network environment?

[44:37](https://www.youtube.com/watch?v=7LY-zLpx_48&t=2677s) Why do SOC analysts need to think slow and smooth?

[50:05](https://www.youtube.com/watch?v=7LY-zLpx_48&t=3005s) What is the value of detection engineering?

I hope this helps you along your cybersecurity career journey.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: By filling this form and submitting your commen, you acknowledge, agree and comply with our terms of service. In addition you acknowledge that you are willingly sharing your email address with AiOWikis and you might receive notification emails from AiOWikis for comment notifications. AiOWiksi guarantees that your email address WILL NOT be used for advertisement or email marketting purposes.

This site uses Akismet to reduce spam. Learn how your comment data is processed.