Ready to Start Your Career?
May 3, 2018
Advance Your SOC Career
May 3, 2018
The Education/Experience Balancing Act: Advancing Your SOC CareerHard numbers make it clear: The cyber security skills gap is real — and growing. By 2020, estimates suggest an infosec shortfall of almost two million IT professionals as companies look to shore up network defenses and respond to emerging cyber threats.The good news? Now is a great time to consider shifting career tracks to find work as a security operations center (SOC) analyst. The more down-to-earth news? Companies recognize the value of both formal education and real-life experience; you need to both to advance your SOC career and break into this fast-growing market.Wondering how to get started? We’ve got you covered.Experience vs. EducationBrick-and-mortar IT experience is critical — knowledge of the real-world give-and-take that happens across corporate networks every day is essential for any IT pro considering the SOC analyst route. But experience alone isn’t enough; while companies typically want 1-3 years of field experience they also want credentials and coursework demonstrating a consistent interest and aptitude for security analysisIt makes sense: The estimated salary for SOC positions starts at just over $53,000 and reaches almost $150,000, which amounts to necessary spend if companies want to keep SOC analysts out of the lucrative job pool. But before signing new security pros to long-term contracts with significant wage boosts over time, businesses want to know they’re getting their money’s worth. The result? A great resume contains real-world experience, classroom learning, hands-on training and recognized certifications.Recruiting ReimaginedAlong with experiences on the front lines and accredited training, enterprises are now digging deeper into candidate personalities and traits. Consider: According to a recent study, 72 percent of IT security staff said that hiring experienced video gamers” could help close the cybersecurity skills gap, even if they don’t have previous infosec expertise. Why? Because gamers typically come with qualities such as resilience in the face of failure, creative problem solving and a drive to defeat potential adversaries.How this pans out in practice remains to be seen but the fundamental concept is relevant: Infosec recruiting is undergoing a shift as companies recognize the need for SOC pros with the complete package — experience, education and inherent ability.The New Skill SetSo let’s break it down: What general skills do you need to take on the challenge of a security operations center analyst? The job requires constant network monitoring, reports analysis and the ability to quickly respond (all day, every day) if IT issues emerge.Make sure you’ve got:
- “Hard” IT Skills — These include knowledge of web applications, systems administration, programming, debugging and threat identification. It’s a mixed bag, but necessary for SOC analysts to identify threats, handle threat reports and take immediate action.
- “Soft” Skills — This ties into the section above: You need better-than-average problem-solving skills and resilience when things don’t go your way. But this is just the beginning: With IT now a critical part of business ROI instead of a cost center and security the first line of defense against reputation damage or monetary loss, infosec pros must be able to effectively communicate with the C-suite to secure funding and implement company-wide policies.
- New Skills — Malicious actors are always looking for another way to compromise networks. And given the sheer amount of open-source code now used by organizations, even small vulnerabilities can evolve into large issues, meaning SOC analysts must be committed to regular training and skills updating to keep them on pace with emerging attack methods.