The Education/Experience Balancing Act: Advancing Your SOC Career
Hard numbers make it clear: The cyber security skills gap is real — and growing
. By 2020, estimates suggest an infosec shortfall of almost two million
IT professionals as companies look to shore up network defenses and respond to emerging cyber threats.The good news? Now is a great time to consider shifting career tracks to find work as a security operations center (SOC) analyst. The more down-to-earth news? Companies recognize the value of both formal education and real-life experience; you need to both to advance your SOC career and break into this fast-growing market.Wondering how to get started? We’ve got you covered.Experience vs. Education
Brick-and-mortar IT experience is critical — knowledge of the real-world give-and-take that happens across corporate networks every day is essential for any IT pro considering the SOC analyst route. But experience alone isn’t enough; while companies typically want 1-3 years of field experience they also want credentials and coursework demonstrating a consistent interest and aptitude for security analysisIt makes sense: The estimated salary for SOC positions starts at just over $53,000 and reaches almost $150,000, which amounts to necessary spend if companies want to keep SOC analysts out of the lucrative job pool. But before signing new security pros to long-term contracts with significant wage boosts over time, businesses want to know they’re getting their money’s worth. The result? A great resume contains real-world experience, classroom learning, hands-on training and recognized certifications.Recruiting Reimagined
Along with experiences on the front lines and accredited training, enterprises are now digging deeper into candidate personalities and traits. Consider: According to a recent study
, 72 percent of IT security staff said that hiring experienced video gamers” could help close the cybersecurity skills gap, even if they don’t have previous infosec expertise. Why? Because gamers typically come with qualities such as resilience in the face of failure, creative problem solving and a drive to defeat potential adversaries.How this pans out in practice remains to be seen but the fundamental concept is relevant: Infosec recruiting is undergoing a shift as companies recognize the need for SOC pros with the complete package — experience, education and inherent ability.The New Skill Set
So let’s break it down: What general skills do you need to take on the challenge of a security operations center analyst? The job requires constant network monitoring, reports analysis and the ability to quickly respond (all day, every day) if IT issues emerge.Make sure you’ve got:
- “Hard” IT Skills — These include knowledge of web applications, systems administration, programming, debugging and threat identification. It’s a mixed bag, but necessary for SOC analysts to identify threats, handle threat reports and take immediate action.
- “Soft” Skills — This ties into the section above: You need better-than-average problem-solving skills and resilience when things don’t go your way. But this is just the beginning: With IT now a critical part of business ROI instead of a cost center and security the first line of defense against reputation damage or monetary loss, infosec pros must be able to effectively communicate with the C-suite to secure funding and implement company-wide policies.
In practice, this means the ability to frame tech-driven decisions in business-friendly language which details potential ROI, total cost of ownership and long-term impacts of adoption. In addition, infosec pros can no longer rely on break/fix IT ticketing systems; improved employee tech savvy requires give-and-take to establish secure behaviors.
- New Skills — Malicious actors are always looking for another way to compromise networks. And given the sheer amount of open-source code now used by organizations, even small vulnerabilities can evolve into large issues, meaning SOC analysts must be committed to regular training and skills updating to keep them on pace with emerging attack methods.
The right attitude and abilities? Check. Real-world experience? Check. But what about classroom training? What do you need to get noticed by SOC management?First up is a Bachelor’s degree in Computer Science (or a related field) along with an existing IT job. Next are technical skills such as security information and event management (SIEM), SQL database
, TCP/IP, C and C++ programming, penetration and vulnerability testing and familiarity with multiple operating systems such as Windows, UNIX, and Linux.When it comes to certifications, meanwhile, start with Security+ to get your foot in the door. From there consider more advanced options such as certified ethical hacker (CEH)
, GIAC, and CISSP.Landing the Job
You’re interested in the challenge of SOC analysis. You’re ready to shore up experience with new skills and show your best self to infosec recruiters. The last hurdle? Mapping out the best path from here to there — it’s easy to get caught up in taking courses and planning for certifications without knowing if (or when) they’ll pay off and land you a job
.Best bet? Take that drive and combine it with a SOC career path guide
that helps you identify key skills gap, provides industry-leading mentorship and makes sure you’re ready to step into the role of SOC analyst.