Ready to Start Your Career?

By: Olivia
August 9, 2017
SOC Analyst: Interview Preparation

By: Olivia
August 9, 2017

What type of questions should I expect?
Sample Linux-related questions:- Do you have experience with Linux? Describe the extent of that experience.
- What are the steps to securing a Linux server?
- How do you change your DNS settings in Linux?
- Where do you get your security news?
- What is your analytical background?
- Who do you admire in the industry and why?
- Explain phishing and how it can be prevented.
- List the steps to data loss prevention.
- Explain how TCP works in detail. How is it different from UDP?
- Which Incident Response methodology do you prescribe to? Explain it and why you use it.
- We’re looking to implement a new security event manager. Describe your approach.
- How would you validate false positives and false negatives?
How should I prepare?
Preparation is critical before any interview, but with the depth of topics covered in a security analyst screening require plenty of research and review is necessary. Not only should you research the company, key people in the organization and have a solid understanding of your would-be role specific to that organization, but you should also take the time to understand the OS, applications, and security tools they use.Joe Moles of Red Canary says, “Open-source intelligence (OSINT) and its use is an important skill, so put it to use before you even submit your resume. Research the company and understand what they do, how they do it, what is important to them, who the people are. The amount of information that can be found about a person or organization on the Internet anymore is astronomical. Even those dedicated tinfoil hat wearers have some presence on the Internet or in the InfoSec community.”In addition to company-specific knowledge, be ready to discuss industry-specific news, such as your thoughts on the latest breach or law. Demonstrate that you stay updated on the latest happenings and technology. Know the key players, the impact points, and your thoughts on prevention/ methods.Even if you consider yourself an expert who could detail TCP or phishing in their sleep, practice reciting your explanations aloud. Ask yourself, is there a better, simpler way this could be described? But, in doing so, do not try to sell yourself on what you don’t know. Memorizing information of which you have no genuine understanding of will not help you on the job.Additional Tips
- Soft skills matter, even for a technical role. Make sure your personality shines through
- Don’t just answer questions intelligently, ask them intelligently as well
- Dress the part. Even if your day-to-day work attire will be casual, show you care about the position by keeping it professional
- Align your skills to the job description using examples of work you’ve done or knowledge you have
- Acknowledge skills/ training gaps when applicable and provide that you desire to or are working to address them.
