I work as an incident coordinator in an in-house CERT. This is indeed a stressful and at times unforgiving job. I think many people will get overwhelmed and start focusing on just closing alerts rather than correctly triaging and escalating them. It is okay to take a breather, and then go back looking at the alerts with a fresh set of eyes - because even worse than a bunch of open alerts, are closing true positives without escalation or containment. However, for us, it's also very important that the SOC don't escalate false positives, as that in turn gives us much more to do.
After researching this career thoroughly I decided to not go into the cyber route, but I appreciate youtubers like yourself who are telling the truth and not just glamorizing it.
Anytime! I should note that the SOC is not the only route into cybersecurity as it is quite a large field. But I am sure you have learned that from your research. Good luck in your endeavours!
@@MyDFIR Is it realistic to get a career in cybersecurity without IT undergraduate degree etc. , or individual certificates/courses,/self studies (and experience) would be enough?Thank you.
@@bagabrielor there's probably a person who has done it by working in IT for years and started as help desk. It's not ideal if you want to get noticed as soon as possible.
00:04 Teammates in a SOC can have a significant impact on shift performance 01:12 Working as a tier one cyber security SOC analyst may not initially pay as much as you expect, but it provides valuable experience. 02:19 Working in a cybersecurity SOC involves working in shifts that has pros and cons. 03:23 Working as a SOC Analyst in an MSSP environment can be highly stressful due to workload and lack of process. 04:35 High priority tickets in cybersecurity can be stressful due to client interaction and fear of mistakes. 05:41 Working in a SOC environment can be stressful but rewarding 06:48 Clients often have unrealistic expectations from SOC analysts and may not understand the limitations. 08:00 Working in a SOC environment can be stressful, but it offers great networking opportunities and potential for career growth.
Great video! The SOC is great in that you see new types issues all the time. Your teammates and previous cases/tickets are invaluable. The stress is real however for the queue floods, viewed properly, these are an opportunity to tune, tune, tune. One valuable insight you will have as a Analyst 1 is that you will be able to see with fresh eyes where process and procedures are not current for the environment. Use this to build your personal brand within your company. One important aspect to this to always come to management with a solution(s) to the problem you are pointing out. This is channel is a great resource for those starting out!
Thanks! Absolutely, one thing I miss about working at an MSSP is experiencing new issues ALL THE TIME. You really do learn so much and touch a bunch of tools. I like to call it a “boot camp” at times because that is how it feels like in most environments.
Thanks again Brother, for posting these videos. May you continue to post informative, realistic and down to earth videos. You are definitely underrated. I have been in the WGU cyber bach program and started to dig deeper into this career and what is the reality of it. More cons than pros in my opinion. From short staff, to alert fatigue, high stress rate, on calls, etc. I do say the world of IT is interesting. When I learn about these things I do experience a sense of being a smarty pants (hidden knowledge that others are clueless to) in my self. IT is vast and interesting which I like. I do plan to stay in IT, leaning towards Coding(CSS HTML), since thats what I started working on when I had a interest in tech a self learner before college. For everyone reading this, Don't make the mistake in being infatuated with the fun and cool things you like too much but also consider the hard and boring things, it does make a difference in your life. Choose wisely.
Thanks for the kind and wise words! I absolutely agree and try to make it a point where you gotta love what you’re doing to survive in this industry otherwise good luck!
All these things are part of life like you said it’s all about your mindset more work to me makes the time goes by faster and it’s a blessing in disguise imo take advantage of that experience and control what you can remember life is always about continuous growth your goal should always be in front of you All these situations are temporary
Awesome video man. This reminds me alot of my time in a NOC. I worked in the NOC for one of the major US ISPs as a Tier 1 tech for about 2 years before I became a Network Engineer for an adjacent team as a fix agent that I used to engage for outages/impairment problems.The initial investigation, event triaging and escalating notifications are something that's a major part of that NOC job and seems to have a decent translation to your overall experience in the SOC. Great stuff man.
Thanks for the video I’m glad it was on my feed. I’m at the point in my computing degree where I need to make the decision between cyber, electronics or software. I really like the idea of cyber security but the 24/7/365 work pattern and being worried about going to the toilet and missing something just isn’t for me I would hate that pressure I’d like to be given a project and work on it in my own time as long as it’s on time 👍
Yeah I don’t miss the 24/7 at all haha - you should have teammates to help you so you can step away though. (I say “should” as this is not always the case. I was alone during overnight shifts)
Well disappointed is Greg area to the scheduling. I’ve been studying for my sec+ and doing TryHackMe SOC analyst 1 room but I also have 2 young kids and a baby boy that should be here in January. Not saying it’s impossible but if I can’t get that 8-4 shift or even doing overnight shift when little man is older and not likely to wake up in the middle of the night then it would be doable. Might have to forget SOC and go for an engineer role???
I’ll be honest with you, it will be difficult. BUT it is temporary that I can promise you. In the beginning you *may* get 9-5 for the initial shadowing period (~3 months) but you’ll eventually transition into shifts (at least from my experience) but after a year or 2 you can transition into permanent 9-5 or 8-4 which you mentioned. But in the beginning, that rarely happens unfortunately. As for forgetting the SOC and go for an engineer role, although possible, unless you are skilled in coding/architecture it may be more difficult getting into compared to a SOC. Hope that helps!
As an L2 SOC Analyst myself I couldn’t not agree more on the topic, these are my exact thoughts that I have had since I started as a L1 Analyst, kind of unfortunate to see that this is the norm even abroad 😂😂
huh, sounds like something exactly for me heh. Hope i get the chance to become a SOC analyst in the future. Really want to experience what you've listed
Would CySA+ be beneficial to have working in a SOC? I already have Sec+ & PenTest+ & PenTest THM, and I’m thinking because there is lots of crossover of topics between the 3 certs it wouldn’t take much to knock off CySA+ 🤷♂️ I’m doing Blue Team Level1 next as well. Great channel. Thank you 👌
Great question - Beneficial? IMO, good to have but not needed - You are correct that there is a lot of crossover, however I would suggest not “chasing” certificates for the sake of obtaining certificates. Instead I would recommend you spend your energy and time into hands on labs and network with others. Attend conferences, webinars & CTFs - I am confident you already have the knowledge to excel in this field, just need to start showing others that you are capable and networking should help you with that. Great job on enrolling into Blue Team Level One btw - Provides you with that hands on experience that is definitely needed in this field. Good luck with your studies & thanks for your support!
Great video 🎯, what will you recommend to a fresh CS graduate SOC or full stack web development? Specially in long-run , in terms of money 💰as well, who makes more ? Specially when moving to US from india in future is a goal as well. Thanks
I hate to be THAT person but it all depends on you, what do you enjoy most? I am biased towards a SOC because that is where Is started and unfortunately I do not have much experience within the full stack web development realm. Nonetheless, these two fields should provide you with valuable skills. The money portion will depend on how you will utilize those skills. Hope that helps!
@@MyDFIR thank you so much, i enjoy and hate both, i have little experience as administrator of local network of a educational institute. I enjoyed it But this is very basic i mean i need more intense learnings if i set my goal as SOC analyst, On the other hand i have very little experience in development, i am full of dedication to learn, but actually i am poor at both side, mentally not that sharp i loved computers which makes me fall into this field, i am more kind of writer/poetic personality. personally i prefer independence, flexible working hours, work from home, and to fullfil responsibilities i have to look for money as well. So i am stuck in deciding....
😢 Great video! Not so many blue teamers talk about it. If you were to choose between a job at MSSP or a company that has their own SOC which one would you choose?
That is a great question! My views are this: what do you value more, time or experience? Time = In-house SOC - you are limited to detecting & responding to attack vectors targeting your single organization. Once you fine tune you will be in a good spot which will give you TIME to breathe. Experience = MSSP - you detect & respond to many different attack vectors. Everybody is attacking everybody and you get to see all that and you’re not limited to 1 single organization but that means you will likely have 0 time to breathe but you’ll gain valuable EXPERIENCE.
Great question, all jobs will have some level of stress but I thought of a system administrator as they would still have some of the SOC duties which are detect, monitor & respond to threats but they are not tied down to that. However with system admins, they have a different kind of stress haha
Not sure if youvemade a video on this as I've just subscribed but what certifications pathway would you recommend for getting that entry level job? I'm about yo check your video on the projects below
Hey! There is no “correct” pathway per se, but a lot of organizations tend to love Security+ so it won’t hurt to go after that. I would then go for either BTLO or CCD (CyberDefenders) as they both provide topics that focuses on analysis. The trajectory is pointing towards automating out the Tier 1/ junior SOC position where it will reduce the work they typically do so you will need to start focusing on “deep-dive” investigations, typically what a Tier 2 would do. In order to focus on that, work on labs, learn what data sources are and which ones are more “useful”, and understand how the Operating System works.
Hello SIR, I hope you're well, very good video... Can you give me some examples of processes and documentation that need to be included in an MSSP SOC base to ensure it works properly? Thank you in advance for your feedback.
Not sure what you mean when it comes to "ensure it works properly" however, some of the documentation that I noticed that were lacking or non-existent when I worked in a SOC were the following. 1) Updated client information. - This includes how to escalate, what are their SLAs, what do we manage or what services are they enrolled in and most importantly, who are the contacts that we should call when an incident occurs? 2) SOPs on how to access certain tools or request access to these tools. 3) Usecase knowledge base. - If applicable, it is important to have something similar as this should explain to the analyst what this use case means and what are some pointers to investigate it. It should also include the trigger actions to show WHY it triggered. Hope that helps.
Great question - it was a mix of both. Employers & myself. Although the price is insane, I always tell myself that the best investment you will ever make, is in yourself.
i could be ready for such a thing, my worry is how long could you be stuck in a tier 1 analyst job? I am currently trying to get out of tier 1 service desk and seems impossible, i passed a few certs, studying here and there, but still nothing comes up..
@@MyDFIR feels strange with all of those attacks happening everyday that big company do not extend their security team. I spoke to my manager to swap position due to have opening in the IAm team but also as a AD specialist but, they do not care much. they like me where i am
Good video... Some people just work better alone... Being part of a team can be a drain if your team mates are slackers or don't have soft skills like time management and dealing with prickly clients.... Thanks.
I simply use a website called Indeed or use LinkedIn and search for SOC jobs. Those offering a role, I would search up and learn more about the company and look for services/words around “managed”
Yea for sure! Will it be difficult? Maybe, but you’ll likely won’t be diving straight into pentesting depending on how/what you define pentest as. You would likely start out as a vulnerability analyst who will run scans and provide reports.
Great video Just one question from you, I recently certified In cybersecurity field after finishing ISC2 CC certification and I now study Splunk, Do you think after finishing Splunk, Am I ready to apply for job as a Junior SOC analyst?
Are you comfortable explaining technical terms? What about experience with hands on labs? As long as you are confident in your capabilities and have a good understanding of cybersecurity fundamentals, you can give it a try!
Great question, foot in the door for Security was via a colleague of mine, he referred me to a SOC position when I said I was interested, which is why I stress the importance of networking with others! Prior to that, I started my career in IT helpdesk and got in by applying to helpdesk roles simply accepting anything in terms of compensation. My mindset was experience > money.
THe MSSP i work for use a follow-the-sun model so no one is has to work night shifts which is excellent. They also do well hiring for culture so that weeds out the dickheads. I've yet to meet someone I don't like in the global SOC team
@@MyDFIR i have you to thank for! It was because of those lab projects you did, i was able to replicate and understand SOC in a real way and showed it in my interview!
I work as an incident coordinator in an in-house CERT. This is indeed a stressful and at times unforgiving job. I think many people will get overwhelmed and start focusing on just closing alerts rather than correctly triaging and escalating them. It is okay to take a breather, and then go back looking at the alerts with a fresh set of eyes - because even worse than a bunch of open alerts, are closing true positives without escalation or containment. However, for us, it's also very important that the SOC don't escalate false positives, as that in turn gives us much more to do.
Absolutely! Thanks for sharing ❤️
After researching this career thoroughly I decided to not go into the cyber route, but I appreciate youtubers like yourself who are telling the truth and not just glamorizing it.
Anytime! I should note that the SOC is not the only route into cybersecurity as it is quite a large field. But I am sure you have learned that from your research.
Good luck in your endeavours!
@@MyDFIR Is it realistic to get a career in cybersecurity without IT undergraduate degree etc. , or individual certificates/courses,/self studies (and experience) would be enough?Thank you.
@@bagabrielor there's probably a person who has done it by working in IT for years and started as help desk. It's not ideal if you want to get noticed as soon as possible.
How come?
00:04 Teammates in a SOC can have a significant impact on shift performance
01:12 Working as a tier one cyber security SOC analyst may not initially pay as much as you expect, but it provides valuable experience.
02:19 Working in a cybersecurity SOC involves working in shifts that has pros and cons.
03:23 Working as a SOC Analyst in an MSSP environment can be highly stressful due to workload and lack of process.
04:35 High priority tickets in cybersecurity can be stressful due to client interaction and fear of mistakes.
05:41 Working in a SOC environment can be stressful but rewarding
06:48 Clients often have unrealistic expectations from SOC analysts and may not understand the limitations.
08:00 Working in a SOC environment can be stressful, but it offers great networking opportunities and potential for career growth.
Yeah the SOC pay went way down with the flood of 1-3 year Security experienced people over last 3-4 years.
Great video! The SOC is great in that you see new types issues all the time. Your teammates and previous cases/tickets are invaluable. The stress is real however for the queue floods, viewed properly, these are an opportunity to tune, tune, tune. One valuable insight you will have as a Analyst 1 is that you will be able to see with fresh eyes where process and procedures are not current for the environment. Use this to build your personal brand within your company. One important aspect to this to always come to management with a solution(s) to the problem you are pointing out. This is channel is a great resource for those starting out!
Thanks! Absolutely, one thing I miss about working at an MSSP is experiencing new issues ALL THE TIME. You really do learn so much and touch a bunch of tools. I like to call it a “boot camp” at times because that is how it feels like in most environments.
Thanks for the honest info, this made me fairly sure I DON'T want to work in an SOC tbh, but it could be great for others.
Glad it was helpful! I wanted to be transparent as possible. Do keep in mind that not all SOCs are the same, some are great.
Thanks again Brother, for posting these videos. May you continue to post informative, realistic and down to earth videos. You are definitely underrated. I have been in the WGU cyber bach program and started to dig deeper into this career and what is the reality of it. More cons than pros in my opinion. From short staff, to alert fatigue, high stress rate, on calls, etc. I do say the world of IT is interesting. When I learn about these things I do experience a sense of being a smarty pants (hidden knowledge that others are clueless to) in my self. IT is vast and interesting which I like. I do plan to stay in IT, leaning towards Coding(CSS HTML), since thats what I started working on when I had a interest in tech a self learner before college. For everyone reading this, Don't make the mistake in being infatuated with the fun and cool things you like too much but also consider the hard and boring things, it does make a difference in your life. Choose wisely.
Thanks for the kind and wise words! I absolutely agree and try to make it a point where you gotta love what you’re doing to survive in this industry otherwise good luck!
All these things are part of life like you said it’s all about your mindset more work to me makes the time goes by faster and it’s a blessing in disguise imo take advantage of that experience and control what you can remember life is always about continuous growth your goal should always be in front of you All these situations are temporary
Absolutely! Take advantage and “be a sponge” as they say. 100% agree you with, all these situations are temporary.
Awesome video man. This reminds me alot of my time in a NOC. I worked in the NOC for one of the major US ISPs as a Tier 1 tech for about 2 years before I became a Network Engineer for an adjacent team as a fix agent that I used to engage for outages/impairment problems.The initial investigation, event triaging and escalating notifications are something that's a major part of that NOC job and seems to have a decent translation to your overall experience in the SOC. Great stuff man.
Thanks! Hopefully I did not give you terrible flashbacks 😂 - alerts…so many alerts!!
Thanks for the heads up without the sugar coating.
Thanks for the video I’m glad it was on my feed. I’m at the point in my computing degree where I need to make the decision between cyber, electronics or software.
I really like the idea of cyber security but the 24/7/365 work pattern and being worried about going to the toilet and missing something just isn’t for me I would hate that pressure
I’d like to be given a project and work on it in my own time as long as it’s on time 👍
Yeah I don’t miss the 24/7 at all haha - you should have teammates to help you so you can step away though. (I say “should” as this is not always the case. I was alone during overnight shifts)
Another gem of a video from you, man. I really appreciate this.
Thank you! Appreciate the support
Well said I had that experience working as a Tier 2 Technician
Thanks for watching!
I totally agree with your views , according to me I feel the cons outweigh the pros :D
😂 At the end of the day, a SOC although hectic provides valuable skills ESPECIALLY if you are at an MSSP.
Well disappointed is Greg area to the scheduling. I’ve been studying for my sec+ and doing TryHackMe SOC analyst 1 room but I also have 2 young kids and a baby boy that should be here in January. Not saying it’s impossible but if I can’t get that 8-4 shift or even doing overnight shift when little man is older and not likely to wake up in the middle of the night then it would be doable. Might have to forget SOC and go for an engineer role???
I’ll be honest with you, it will be difficult. BUT it is temporary that I can promise you. In the beginning you *may* get 9-5 for the initial shadowing period (~3 months) but you’ll eventually transition into shifts (at least from my experience) but after a year or 2 you can transition into permanent 9-5 or 8-4 which you mentioned. But in the beginning, that rarely happens unfortunately.
As for forgetting the SOC and go for an engineer role, although possible, unless you are skilled in coding/architecture it may be more difficult getting into compared to a SOC.
Hope that helps!
As an L2 SOC Analyst myself I couldn’t not agree more on the topic, these are my exact thoughts that I have had since I started as a L1 Analyst, kind of unfortunate to see that this is the norm even abroad 😂😂
Haha yeah… After being in a couple SOCs, they pretty much are universal. Just different tools
huh, sounds like something exactly for me heh. Hope i get the chance to become a SOC analyst in the future. Really want to experience what you've listed
You’ll get there! I see your initiatives and your drive.
@@MyDFIR Thanks! I'll try my best to be helpful to everyone!
Would CySA+ be beneficial to have working in a SOC?
I already have Sec+ & PenTest+ & PenTest THM, and I’m thinking because there is lots of crossover of topics between the 3 certs it wouldn’t take much to knock off CySA+ 🤷♂️
I’m doing Blue Team Level1 next as well. Great channel. Thank you 👌
Great question - Beneficial? IMO, good to have but not needed - You are correct that there is a lot of crossover, however I would suggest not “chasing” certificates for the sake of obtaining certificates. Instead I would recommend you spend your energy and time into hands on labs and network with others. Attend conferences, webinars & CTFs - I am confident you already have the knowledge to excel in this field, just need to start showing others that you are capable and networking should help you with that.
Great job on enrolling into Blue Team Level One btw - Provides you with that hands on experience that is definitely needed in this field.
Good luck with your studies & thanks for your support!
@@MyDFIR Thankyou, much appreciated.
If you have an interest in getting it do it! More education is better right? It’s not necessary though. It can help you move up
Extremely useful information. Thank you so much.
Glad it was helpful!
Great video 🎯, what will you recommend to a fresh CS graduate SOC or full stack web development? Specially in long-run , in terms of money 💰as well, who makes more ?
Specially when moving to US from india in future is a goal as well.
Thanks
I hate to be THAT person but it all depends on you, what do you enjoy most? I am biased towards a SOC because that is where Is started and unfortunately I do not have much experience within the full stack web development realm. Nonetheless, these two fields should provide you with valuable skills. The money portion will depend on how you will utilize those skills.
Hope that helps!
@@MyDFIR thank you so much, i enjoy and hate both, i have little experience as administrator of local network of a educational institute. I enjoyed it But this is very basic i mean i need more intense learnings if i set my goal as SOC analyst,
On the other hand i have very little experience in development, i am full of dedication to learn, but actually i am poor at both side, mentally not that sharp i loved computers which makes me fall into this field, i am more kind of writer/poetic personality.
personally i prefer independence, flexible working hours, work from home, and to fullfil responsibilities i have to look for money as well.
So i am stuck in deciding....
😢
Great video! Not so many blue teamers talk about it.
If you were to choose between a job at MSSP or a company that has their own SOC which one would you choose?
That is a great question! My views are this: what do you value more, time or experience?
Time = In-house SOC - you are limited to detecting & responding to attack vectors targeting your single organization. Once you fine tune you will be in a good spot which will give you TIME to breathe.
Experience = MSSP - you detect & respond to many different attack vectors. Everybody is attacking everybody and you get to see all that and you’re not limited to 1 single organization but that means you will likely have 0 time to breathe but you’ll gain valuable EXPERIENCE.
@@MyDFIR Thank you! Yes, I have no doubt that working for MSSP you can learn much more than working at in-house SOC..
@@MyDFIRI hate working at an MSSP, it moves so fast, no time to breathe and no time to thoroughly learn anything😔
very informative. Thank you.
Glad it was helpful!
What role would be similar to SOC but without the high level stress and unrealistic expectations?
Great question, all jobs will have some level of stress but I thought of a system administrator as they would still have some of the SOC duties which are detect, monitor & respond to threats but they are not tied down to that. However with system admins, they have a different kind of stress haha
What made you quit the SOC position and what are you doing now for work?
Great question, many reasons but mainly I wanted to specialize and to DFIR. I am now a DFIR consultant but still do SOC work on the side.
@@MyDFIR is there a road map to get into DFIR since it's so niche? Even finding that kind of work on LinkedIn or indeed is still far and few between.
Not sure if youvemade a video on this as I've just subscribed but what certifications pathway would you recommend for getting that entry level job? I'm about yo check your video on the projects below
Hey! There is no “correct” pathway per se, but a lot of organizations tend to love Security+ so it won’t hurt to go after that. I would then go for either BTLO or CCD (CyberDefenders) as they both provide topics that focuses on analysis.
The trajectory is pointing towards automating out the Tier 1/ junior SOC position where it will reduce the work they typically do so you will need to start focusing on “deep-dive” investigations, typically what a Tier 2 would do. In order to focus on that, work on labs, learn what data sources are and which ones are more “useful”, and understand how the Operating System works.
Hello SIR,
I hope you're well, very good video...
Can you give me some examples of processes and documentation that need to be included in an MSSP SOC base to ensure it works properly?
Thank you in advance for your feedback.
Not sure what you mean when it comes to "ensure it works properly" however, some of the documentation that I noticed that were lacking or non-existent when I worked in a SOC were the following.
1) Updated client information. - This includes how to escalate, what are their SLAs, what do we manage or what services are they enrolled in and most importantly, who are the contacts that we should call when an incident occurs?
2) SOPs on how to access certain tools or request access to these tools.
3) Usecase knowledge base. - If applicable, it is important to have something similar as this should explain to the analyst what this use case means and what are some pointers to investigate it. It should also include the trigger actions to show WHY it triggered.
Hope that helps.
How did you manage to get your GIAC certifications? Did you pay for them or did the employer pay?
Great question - it was a mix of both. Employers & myself. Although the price is insane, I always tell myself that the best investment you will ever make, is in yourself.
i could be ready for such a thing, my worry is how long could you be stuck in a tier 1 analyst job?
I am currently trying to get out of tier 1 service desk and seems impossible, i passed a few certs, studying here and there, but still nothing comes up..
The market isn’t that great right now, have you talked about your next steps/interests with your manager?
@@MyDFIR feels strange with all of those attacks happening everyday that big company do not extend their security team.
I spoke to my manager to swap position due to have opening in the IAm team but also as a AD specialist but, they do not care much.
they like me where i am
Good video...
Some people just work better alone...
Being part of a team can be a drain if your team mates are slackers or don't have soft skills like time management and dealing with prickly clients....
Thanks.
Agreed! It is nice to have teammates to bounce ideas off of but I definitely work best alone.
you make me nervous now 🙂 thanks for sharing. I think because you work for a company that offers SOC as a service, you get more stress.
Haha that was not my intentions! Thanks for watching!
Great video!
How do you go about finding SOC jobs in a MSSP?
I simply use a website called Indeed or use LinkedIn and search for SOC jobs. Those offering a role, I would search up and learn more about the company and look for services/words around “managed”
Is there a chance to land a pen tester job as your first job in cyber security?
Yea for sure! Will it be difficult? Maybe, but you’ll likely won’t be diving straight into pentesting depending on how/what you define pentest as. You would likely start out as a vulnerability analyst who will run scans and provide reports.
Great video
Just one question from you,
I recently certified In cybersecurity field after finishing ISC2 CC certification and I now study Splunk, Do you think after finishing Splunk, Am I ready to apply for job as a Junior SOC analyst?
Are you comfortable explaining technical terms? What about experience with hands on labs? As long as you are confident in your capabilities and have a good understanding of cybersecurity fundamentals, you can give it a try!
Is there a monthly subscription for his website?
Im assuming you mean my mentorship? If so, nope - just trying to help where I can!
why not mention the starting salary/pay you had for the first job?
I do in later videos but the first job I made 45k
Great video ❣
Thank you!!
Where can I apply for SOC? I have done a lot of CTFs on THM and reached top 1%
I personally look for positions on LinkedIn/Indeed as my go to source.
Great Video🔥
Thanks!
Hey mind telling me the Mssps that hire globally
Off the top, I recall the bigger consulting firms such as Deloitte, PwC, Accenture to name a few, provide an MSSP service that hires globally.
How did you get your foot in the door .
Great question, foot in the door for Security was via a colleague of mine, he referred me to a SOC position when I said I was interested, which is why I stress the importance of networking with others! Prior to that, I started my career in IT helpdesk and got in by applying to helpdesk roles simply accepting anything in terms of compensation. My mindset was experience > money.
@@MyDFIR thanks bro. I might have to take the hit financially .
carry on bro
nice video dude
Thanks!
Thanks I have become a husk of a person
Stress free job is worth double salary in 2024
THe MSSP i work for use a follow-the-sun model so no one is has to work night shifts which is excellent. They also do well hiring for culture so that weeds out the dickheads. I've yet to meet someone I don't like in the global SOC team
That is awesome! I wish I worked in a follow-the-sun model. Sounds like a great work environment. Super happy for you ♥
@@MyDFIR i have you to thank for! It was because of those lab projects you did, i was able to replicate and understand SOC in a real way and showed it in my interview!
I so want to do this for a living.
You can do it!