Eric provided me with a few great references if you want to take your research into what is a soc anlayst job like further. 1. If you want to see a 'hands-on keyboard' case study of what a SOC analyst would do, check out this video from RECON_INFOSEC. Its a video of Eric stepping through an incident. Imagine a SOC analyst gets an alert that a user in the environment has fallen for a phish. What would the SOC Analyst do first, second, so on. Its truly reflective of the job. czcams.com/video/bhTBbUW0Vu0/video.html 2. Recon Infosec hosts an event at conferences called "OPENSOC.IO". Its a simulation activity where you get a day in the life of a SOC analyst and actively have to work incidents. Its an amazing platform, and I may add a "BLACK BADGE" event at DEFCON. If you dont know the significance of the black badge event, it means its awesome. Google for more info. You have to go to an event that has the activity, but more info can be found here opensoc.io/
1. Expectation from SOC Analyst: Don't just rely on the sensors (IPS, IDS, SIEM) in the cooperation. You are there to make decisions. 2. SOC Analyst should follow the playbook but in real life, there's no playbook because every incident is so different. 3. Skills need to be a SOC Analyst: Critical thinking and feel comfy with not knowing things. 4. Career path: depends on what you like (a bit off the question) 5. Pros of the job: high salary and facing every different thing every day (not boring, haha) 6. Cons of the job: get overloaded easily by a ton of notifications every day 7. How to get this job? Keep pursuing the knowledge via opensource resources
This is good info. My parents keep on telling me I need to get a job and move out on my own, saying you're 36 years old, still living at home...blah blah blah. I overheard some guys at fence & feed supply talking about computer jobs being easier and paying better than a ranch hand. So I figured that'd be something to look into. I called on a job posting for a computer Pen Tester. The guy asked if I knew Kelly Linux, I was honest and told him I'd never met Kelly, and then we either got disconnected or he hung up on me. I think he hung up because he didn't answer any of the times I called back. Not sure what knowing that Kelly gal had to do with it. I like how Eric said we'll hire people who think about critical things, but don't have experience in the computers. I think a sock job with Eric's outfit may be something to consider to get my parents off my back.
This is wonderful advice. All I've been seeing on CZcams is how you need to have 5 or 6 Plus years of experience to get an entry level position. I'm confident enough to know that I will do well in this position. I am always willing and trying to learn new concepts. I'm ready to start in this field.
Most folks that find this video interesting also like this one I did a few months later on Malicious Network Traffic Analysis with Wireshark: czcams.com/video/M8yoYmiL7rA/video.html
Eric is awesome. I saw him speak at DakotaCon a few years back. First time I met him. Hes passion for the field and his command of blue teaming is next level.
This is a good discussion, i'm preparing an interview for soc analyst despite been working in accounting for past 8 years. This video interview give me more interest toward cyber security. Thank you
Best wishes on the interview. Its a great field to be in. May be able to parley your accounting experience also in the interview. SOC work involves looking at data and finding patterns, similarities, anomalies, etc. Maybe thats more forensic accounting, but I'd highlight attention to detail.
@@Worldgonemad i found a guy that specialist in threat hunting and i just put him as my mentor. it may be my luck, as for today i havent got any cert yet. probably going to take BTL1 since the company now required the staff to take certificate
@@neorezz how long did it take him to mentor you? I take my sec+ next week but have no hands on technical experience. How do you like the job and can you give an idea what entry level pays
Great interview. I currently have a SOC Analyst interview tomorrow and I dropped by for some knowledge. I got more than I thought I would. Thank you for sharing this and for sharing a managerial point of view.
Heck yeah. Thats what its here for. May I also suggest the SOC Interview Q&A video and SOC Life video from last week. Brandon offered up questions you can ask in your SOC interview that would be very valuable. Best wishes.
@@SimplyCyber Thank you, I'm just about to "devour" the other ones also. And about questions, I have too many, but loads of them are answered by you or your or guests. Thank you again
@@jiurecciprian6331 Devour away, but heres a direct link to the segment in the SOC life video where he shares questions to ask the interviewer (to sniff out red flags) czcams.com/video/7LY-zLpx_48/video.html
@@redbetta2191 Hello and YES! Since February I got my dream job! I hope one day I can thank properly to Gerald for all the help and positive energy is sharing!
This was incredibly helpful and made me feel more confident in finding an entry level in SOC. Thank you for this, going to go on a binge of all your vids.
Ive got my Sec+ but i feel as if i still wouldnt be able to perform any Security analyst jobs. I will say hearing Eric say that what he looks for is critical thinking and not just pure hard skills is calming. Thanks to sec+ i feel thats what the exam basically molds your mind to think into, its the ideology of security and the necessary mind set to think critically. I cant wait to begin my career in cyber security.
If this was one of your first interviews on your channel choose your adventure segments, not only did you handle it like a Pro it's the sheer the fact you asked pertinent, rich and insightful questions. Kudos to Eric for the enlightenment, I would love to work with someone just like him.
It took me 3 years to watch this, and I took value in this video and was informative. It's good to know what a hiring manager thinks about when choosing a candidate. I am looking into breaking into cybersecurity with SOC analyst as my first career path choice to get some experience, I am just a beginner at the moment.
I know exactly how you feel!!! There is so much to learn and sometimes it's hard to know where to begin. I've learned that if you focus on Network and Security, you can practically go in any direction that you choose. I look at the IT Field as a buffet that I paid top dollar to eat at and I'm not leaving until I've tried everything. 🤣 Best wishes to you and the rest of the Simply Cybersphere!!!
Have you gotten anywhere yet? I was Jr. Network Admin - and just started studying security 3 months ago w/ Google's CS Professional Cert Course, TryHackMe, and Python/Linux courses on udemy. Just interviewed and did a take home exam (which took me 15 hours) for an incident response role at my current company - a global marketing conglomerate. They are hiring internal people with no experience for CSIRT (Tier 3 SOC to them) bc they want to train a new team from nothing. Fingers crossed so fuggin hard.
Excellent interview Gerald. Very informative. Along with studying for Security+, I have installed Kali on VM so I can start learning some of the tools.
This amazing info Gerald, thank you so much for this. Learned a lot, subscribed and notification turned on. Can't wait for more fantastic videos like this. Thank you again..!
A year ago I made the choice to enter the cyber security field. Been a SOC Analyst for almost year now and still find this video to be very insightful.
@@Polored528 nope, but I suggest taking a look at free courses here on CZcams covering Powershell, Bash and Python. But only after you gotten a grasp of what cybersecurity is. Gerry has a great and FREE course on CZcams. Take a look at that. Combine it with some labs on tryhackme.com and you’ll get a great foundation. After that I absolutely encourage you to start learning Powershell, bash and Python. I’ve been a SOC Analyst for nearly a year now and just now started a Powershell course, Linux course and Python course. But that after a year of learning and building on the basics.
I got my Sec+ certification back in June. I've also done studying with lab assignments at home. I also have a masters degree in IT. However I'm still having a difficult time getting my foot in the door in cyber & infosec because I can't land an interview. I apply for a job and in a week or less I get the automated rejection letter in my inbox. I live in Atlanta, GA.
What qualification, cert, knowledge to get SOC job ?? What other entry level positions will be ?? Can we do it remotely ?? Did you have a video on this ??
Look at Security+ or CySA+. Keep an eye out for BHIS training (wildwesthackinfest.com/training/) They do great stuff and often have a blue team / SOC bend. For other entry level positions check out this playlist of several I cover: czcams.com/play/PL4Q-ttyNIRAqog96mt8C8lKWzTjW6f38F.html
First time viewer of this video and found it very helpful to get to know about the position. Could we get a video on vulnerability management related interview plesase ?.
damn I can't wait to watch the whole thing, studying what sensors do in a company's network and I was Air Force too.. Eric seems like a great guy to look up to
He said the one thing that most hiring people have no concept with. "I can fill in the training gaps" this translates to you do not need the experience, we can train you. That is something that 0.001% of hiring people and companies are willing to do.
Getting through hr and getting to the hiring manager is that challenge. I’ve hired ppl that didn’t have experience on our tech stack but their analytical process and “hunger” to be a cyber pro was obvious. I was involved in hiring a former golf pro who turned to Cyber when his golf situation wasn’t a good deal anymore for His family. Turned out to be an amazing soc analyst; he now leads a cyber program at another company. Having said that I’ve been passed over for a job because I didn’t have the experience on a certain fed regulation and the other guy did and could immediately address it.; so it happens. Thanks for commenting and watching Jerry! Best wishes.
Great video! I didn’t realize SOC analysts did that much. That’s really interesting. I would be interested to hear from someone in the security risk space since risk is a fairly nebulous topic in the corporate world. I have personally found many people in the security industry tend to overestimate their understanding of risk. It feels like risk is one of the most varied implementations across industries. Almost like the blind leading the blind. I think it would be interesting to hear from a SME who could discuss risk in security in terms of practical applications, real world methodologies, opportunities and challenges between risk methodology implementation (e.g., qualitative, quantitative). An example of the latter might be ease of explanation but a lack of informed decision making vs. financial data to inform decisions but challenges with the defensibility of data. Someone from one of the Big Four might be a great resource.
I can do a vid like that. Thanks for suggestion. It’s actually a strong part of my background but didn’t think anyone really wanted more info on it. I did a video on RMF a while back you might dig as an appetizer czcams.com/video/8zxzqpw0jBA/video.html
@@SimplyCyber I am definitely going to check that out since I am in the midst of implementing NIST CSF which will be followed by the RMF. I know most security folks fall on the IT side, so it often feels us not in IT are left with somewhat worthless training. Such as, I feel like most SecGRC topics are far too high level and not very actionable. Based on a quick glance at the video you linked it appears you touch on actionable items. I really wish there were more SecGRC discussions with actual actionable takeaways rather than nonsense like, "You should identify your assets and understand your risk." On the other side, NIST releases publications that are easy to go cross-eyed looking at the amount of information contained within. An honest, practical, and real world view of SecGRC topics would be cool to view if you sprinkled those in now and again. That's just my $0.02.
Jimmy Rustles seriously thank you. I’ve read (more than a few times) Nist 800 special pubs to digest and implement. I’d be happy to make more of those vids now that I know someone wants them. Stay tuned. Won’t be every week but will start to fold them in. What do you need Jimmy? Nist CSF and why it’s great or to do implement, what an SSP is and why it’s the most important doc, or something way more focused like how to tailor Nist 800-53 controls to have practical controls that are FISMA compliant?
Really wonderful content in here 👏👏❤️… I’m really new into the whole Cyber Security Analysts thing and I’m still learning everything I need to. Just need to know a few places or websites where I can apply for work 🙏 Any help would be appreciated ❤️
I don’t agree with one thing - He says to just talk whether it’s accurate or not and it indicates if someone is going to give up or not. That’s not right because some can be very confident and assertive at interview while at work they will suck. I typically struggle in interviews but once I land a job I excel compared to those who do well at the same interview but underperform. Some people would tell they don’t know if they don’t know something and that’s integrity. But when they get time to work on the problem, they will not give up. An interview is not the best measure
Thanks for sharing your perspective. Interviews can be challenging, especially if you’re nervous. Doesn’t always reflect the professional that would be executing the work day 1.
I'm working on that too atm. i have the switch between wireless ap and router for port mirroring, but cant put s/o on a pi so looking for a better option. Once i get my situation working for home siem monitoring ill share. If you get it working, ping back. Thanks for watching!
@@SimplyCyber may i add I am a total noob so excuse any silly response. I got it to work once using a cisco 2900 switch. How: Set up port mirror to mirror traffic from home router to another port on that switch. Then I sent that into S/O. Then set VMware adapter to promiscuous mode as my monitor interface. The switch was too bulky so I'm looking so a simpler solution.
Not to be pessimistic but this guy is prior service and sounds like he was an NCO so of course he has that "train to competency" mindset when it comes to hiring....I feel like you'd be hard pressed to find someone without prior service that thinks like him (a credit to him).
Have confidence in yourself. You've done the work, studied the material, worked on it. Every step is a big deal and a win when you take it. Best wishes on the exam and the interview!
@@Priceymami Not sure which concept you are referring to, but cybersecurity yes. You just need to go get some education on the core IT things (Networking most prominently) to round out your IT knowledge. Attitude goes a long way too. Nobody wants to hire a brilliant jerk. Hard skills (like how to use this firewall, or how to deploy these agents,) all that can be taught.
@@Priceymami Another vid i did that focuses on what you need to know at your level for cyber in Networking. Its not exhaustive, but could help with the interview. czcams.com/video/XgOF6GhiMuM/video.html
Thanks Jen. The best approaches I'm familiar with are two fold. 1) turn off a lot of your alerting. I know this sounds counterintuitive, but hear me out. If you turn off, and then turn on a few high profile alerts you want to make sure are firing true positives, then you start tuning those high value ones. Then slowly start introducing more. If you aren't really able to respond in the first place turning them off isnt introducing that much more risk. The 2) one and I'm going to do a video on this soon (when I interviewed Brandon Poole in this video --> czcams.com/video/Cst8K64j5_Y/video.html ) he told me after we rapped up that video about 'detection engineering'. This is a technique where you start bundling multiple alerts (in a boolean style frame) with each other that have high fidelity of true positives and make those the alerts. For example, powershell running isnt always malware, but firing on it would be crazy. But if powershell runs, then svchost spawns, and the hallmarks of process hollowing follow, then you alert and feel confident its actionable. I'll ping Eric and ask him his thoughts and post them here (or ask him to). Thanks for the question and for watching the video.
Yes, absolutely. Check out the "How to get into cybersecurity with no experience" video on my channel i did on 11/12/2020. I have a section called certification v. education v work exp. I cover the changing attitude about formal education, some of the limitations not having a BS will do for you, and why you can totally get a great job without one.
Thanks for this video man. I currently have my security+, CySA+, & I’m scheduling my Pentest+ soon. I finished a 8 month long cybersecurity bootcamp-type program about 6 months ago. About 4 months ago I accepted a Tier I helpdesk position (my first IT job coming from fast food). Overall, I have enjoyed the experience but honestly I feel like I’m more than capable of excelling in an SOC analyst position to kickstart my cybercareer. Although I lack IT experience do you think it’s possible for someone in my position to land an interview? Thanks again for the video brother. I’ll be sure to like and subscribe. Much love, Fake bron
You’re doing the right things. I’d keep at where you are and see if you can connect w infosec office at that company to see if there are any projects that you could help support. Don’t ask for a job, ask how you can support. Additionally I’d work on blue team labs online (that’s the site name) or RangeForce. Go through, get more practical soc skills, highlight them on your resume. Yes you can get a soc job. Btw I created a playlist tailored for this question: czcams.com/play/PL4Q-ttyNIRAomhB6uWAob2RWMwCNlQ6UY.html
@@judahtunes2245 my career is going well! I haven’t made my way into cybersecurity yet but I’ve been working hard! I just recently received a $15,000/yr raise at my current help desk position, putting me over $60,000/year! Crazy to think about since I was working fast food making 12/hr a little over a year ago. I truly see the handwork paying off everyday. I hope to make a full transition into cybersecurity within the next 12 months.
@@judahtunes2245 no problem Judah! Thank you so much for the kind words! Good luck on your journey as well. It gets tough at times but as long as you stay persistent & work hard you’ll be fine.
I havent done the research to know the answer to that question. My suggestion would be to use Google to find potential schools offering the PhD program you want, then find people on LinkedIn that have graduated from the program and get their perspective. It is a lot of work to do this, but you will get the answers you are seeking. Plus its a micro example of the actual level of work you would be doing in a PhD.
I’m a BI Developer making a very good salary. Looking to switch to security because it’s a field that has always interested me but I’m worried about a pay decrease. What’s the typical starting salary?
Barry, salary depends on a lot of variables including company, industry, and location. Also you don't specify position, but assuming SOC analyst because of the video. With no experience, no certs, a ballpark could be $45-70k. Thats a wide swath but there are a lot factors.
I currently hold my A plus and Network Plus certification. I plan on obtaining my Security Plus early next year. Do you think this is enough to apply for an entry level SOC position. I currently have 5 years of experience in I.T. in an Helpdesk role.
I’d consider sec+ also, practical skills reign surpreme in soc so check out blueteamlabs online or RangeForce . They are good and known in space. Soc can be grind so there’s a lot of turnover. Watch the “soc life with brandon Poole” video on the channel to see what the job is day to day
@@SimplyCyber Update. Ok note sure if you will see this or not. I just wanted to give a little update. I have obtained my Security+ and CYSA+. I am so excited, I have also worked on a few practice labs also.
@@strappedup24 I do see this and congratulations! Putting in the work is one of the hardest parts and you’re doing it. Not sure if ur networking but may consider coming over to the SimplyCyber discord server to socialize and network w cybersecurity professional community (it’s my server) SimplyCyber.io/discord
It depends on size of company, position, etc. Sometimes thats it, sometimes you have a 3rd or 4th, or you have a hands on technical interview, a meet the team interview, etc. It varies org to org.
I don’t understand the question but I will share that Soc analyst roles don’t really have certifications. You would get trained/cert in specific tech stacks that would be used in a soc and that could help (like splunk for example) but idk any soc wanting a specific cert from their entry level analysts
Playbook, runbook; for operational purposes or compliance purposes? :) Being playfully humorous, but hopefully they have some standard workflows at MSSP.
Eric provided me with a few great references if you want to take your research into what is a soc anlayst job like further.
1. If you want to see a 'hands-on keyboard' case study of what a SOC analyst would do, check out this video from RECON_INFOSEC. Its a video of Eric stepping through an incident. Imagine a SOC analyst gets an alert that a user in the environment has fallen for a phish. What would the SOC Analyst do first, second, so on. Its truly reflective of the job.
czcams.com/video/bhTBbUW0Vu0/video.html
2. Recon Infosec hosts an event at conferences called "OPENSOC.IO". Its a simulation activity where you get a day in the life of a SOC analyst and actively have to work incidents. Its an amazing platform, and I may add a "BLACK BADGE" event at DEFCON. If you dont know the significance of the black badge event, it means its awesome. Google for more info. You have to go to an event that has the activity, but more info can be found here
opensoc.io/
Checking out the links! Tnx!
Thank you for the information
1. Expectation from SOC Analyst: Don't just rely on the sensors (IPS, IDS, SIEM) in the cooperation. You are there to make decisions.
2. SOC Analyst should follow the playbook but in real life, there's no playbook because every incident is so different.
3. Skills need to be a SOC Analyst: Critical thinking and feel comfy with not knowing things.
4. Career path: depends on what you like (a bit off the question)
5. Pros of the job: high salary and facing every different thing every day (not boring, haha)
6. Cons of the job: get overloaded easily by a ton of notifications every day
7. How to get this job? Keep pursuing the knowledge via opensource resources
Excellent cliff notes version for those without the time to watch
@@SimplyCyber I looked at this list at first but completed the vide as well. You are doing a great job Gerald.
I wonder what kind of critical thinking answer I can come up with if I don’t know the answer . That’s intimidating
@@yuhh4659 just be optimistic and try to find a way closer to what you think its better in the said scenario
This is good info. My parents keep on telling me I need to get a job and move out on my own, saying you're 36 years old, still living at home...blah blah blah. I overheard some guys at fence & feed supply talking about computer jobs being easier and paying better than a ranch hand. So I figured that'd be something to look into.
I called on a job posting for a computer Pen Tester. The guy asked if I knew Kelly Linux, I was honest and told him I'd never met Kelly, and then we either got disconnected or he hung up on me. I think he hung up because he didn't answer any of the times I called back. Not sure what knowing that Kelly gal had to do with it.
I like how Eric said we'll hire people who think about critical things, but don't have experience in the computers. I think a sock job with Eric's outfit may be something to consider to get my parents off my back.
lol.
Kali Linux but I’m sure you knew that.
You've made my day
You have a good humour
Kelli went out with Linus few years back. lOL
This is wonderful advice. All I've been seeing on CZcams is how you need to have 5 or 6 Plus years of experience to get an entry level position. I'm confident enough to know that I will do well in this position. I am always willing and trying to learn new concepts. I'm ready to start in this field.
GREAT INFO! I was an F-16 Crew Chief in the Air Force myself! Glad to see those skills translate well here! Can't wait to start my new career!
Have you started getting into the career?
This is some of the best entry level advice and perspective I've heard from a security expert. Thanks!
Thanks :)
awesome fricking interview. Eric's answers were complete fire. Props to Gerald for asking all the right questions too
Thank you! He was great! Been on the channels a few times after that too. Nice guy.
Most folks that find this video interesting also like this one I did a few months later on Malicious Network Traffic Analysis with Wireshark: czcams.com/video/M8yoYmiL7rA/video.html
Really valuable! I have a second interview soon for a SOC Analyst 1. Helpful!
Best wishes on the interview!
@@redbetta2191 nope :(
@@redbetta2191 Thanks!
Hey what kind of questions did they ask you during the interview?
@@kdubx3586 I don't remember, it was a year ago
Eric is spot on. Could not have said it better myself. Thank you for sharing.
Eric is awesome. I saw him speak at DakotaCon a few years back. First time I met him. Hes passion for the field and his command of blue teaming is next level.
This was great content. As a SOC tier 1 analyst, I agree with everything discussed.
Thanks!
This is a good discussion, i'm preparing an interview for soc analyst despite been working in accounting for past 8 years. This video interview give me more interest toward cyber security. Thank you
Best wishes on the interview. Its a great field to be in. May be able to parley your accounting experience also in the interview. SOC work involves looking at data and finding patterns, similarities, anomalies, etc. Maybe thats more forensic accounting, but I'd highlight attention to detail.
May I ask what certs or experience you put on your resume to get that interview?
@@SimplyCyber forgot to update, i pass the interview and i'm already on 2nd jobs in cybersecurity. thank you for the video
@@Worldgonemad i found a guy that specialist in threat hunting and i just put him as my mentor. it may be my luck, as for today i havent got any cert yet. probably going to take BTL1 since the company now required the staff to take certificate
@@neorezz how long did it take him to mentor you? I take my sec+ next week but have no hands on technical experience. How do you like the job and can you give an idea what entry level pays
Using this to help me with my first SOC position interview!
That’s great news! Go crush it.
Today I will answer my SOC analyst interview using this thanks a lot sir
@@saiyan4214 did you get it?
@@dl6409 not yet bro ,thanks a lot for mention to me
2 years later where are you? I'm interviewing for my first position next week.
Great interview. I currently have a SOC Analyst interview tomorrow and I dropped by for some knowledge. I got more than I thought I would. Thank you for sharing this and for sharing a managerial point of view.
Crush it, hope to see a follow up post from you. 🥰
How'd the interview go 😅
Next week I have an interview for an entry-level SOC analyst and I found these discussions so eye-opening! Thank you, Gerald.
Heck yeah. Thats what its here for. May I also suggest the SOC Interview Q&A video and SOC Life video from last week. Brandon offered up questions you can ask in your SOC interview that would be very valuable. Best wishes.
@@SimplyCyber Thank you, I'm just about to "devour" the other ones also. And about questions, I have too many, but loads of them are answered by you or your or guests. Thank you again
@@jiurecciprian6331 Devour away, but heres a direct link to the segment in the SOC life video where he shares questions to ask the interviewer (to sniff out red flags) czcams.com/video/7LY-zLpx_48/video.html
give us an update bro. did you find a job in IT sec?
@@redbetta2191 Hello and YES! Since February I got my dream job! I hope one day I can thank properly to Gerald for all the help and positive energy is sharing!
This was incredibly helpful and made me feel more confident in finding an entry level in SOC. Thank you for this, going to go on a binge of all your vids.
Thank you Matt! Lots of soc content on the channel
The very best vid on SOC i ve seen lately! Thanks
Glad it was helpful!
Ive got my Sec+ but i feel as if i still wouldnt be able to perform any Security analyst jobs. I will say hearing Eric say that what he looks for is critical thinking and not just pure hard skills is calming. Thanks to sec+ i feel thats what the exam basically molds your mind to think into, its the ideology of security and the necessary mind set to think critically. I cant wait to begin my career in cyber security.
Your attitude is great and sounds like you’ve got the passion. Can’t wait for ur cybersecurity career to start either!
Any update?
@@deuce222x yeah! I got a job as a contractor for the navy as an it specialist 80k starting
@@SCUUZEM3 that’s awesome! Do you have any previous time in the military or did they sponsor you to get the security clearance as a civilian?
@@deuce222x i was prior Air Force with a Top Secret clearance from the job I did while serving
The part about fixing a toaster was such a good tip! I am naturally a problem-solver, but will be more conscious of this as well.
If this was one of your first interviews on your channel choose your adventure segments, not only did you handle it like a Pro it's the sheer the fact you asked pertinent, rich and insightful questions.
Kudos to Eric for the enlightenment, I would love to work with someone just like him.
This was an extremely insightful interview Gerald. Thank you for sharing this with your audience!
Eric Capuano is def a great member of our community. Leading the way on SecOps
It took me 3 years to watch this, and I took value in this video and was informative. It's good to know what a hiring manager thinks about when choosing a candidate. I am looking into breaking into cybersecurity with SOC analyst as my first career path choice to get some experience, I am just a beginner at the moment.
I know exactly how you feel!!! There is so much to learn and sometimes it's hard to know where to begin. I've learned that if you focus on Network and Security, you can practically go in any direction that you choose. I look at the IT Field as a buffet that I paid top dollar to eat at and I'm not leaving until I've tried everything. 🤣 Best wishes to you and the rest of the Simply Cybersphere!!!
Have you gotten anywhere yet?
I was Jr. Network Admin - and just started studying security 3 months ago w/ Google's CS Professional Cert Course, TryHackMe, and Python/Linux courses on udemy.
Just interviewed and did a take home exam (which took me 15 hours) for an incident response role at my current company - a global marketing conglomerate. They are hiring internal people with no experience for CSIRT (Tier 3 SOC to them) bc they want to train a new team from nothing.
Fingers crossed so fuggin hard.
2 years later this information is GOLD!!!! I’m tier 2 with goals of becoming a SOC Analyst!!!
Wish all Managers had a mindset like yours Eric! Golden material here in this video.
Thanks for this video. Always gaining new knowledge and great information.
That's some great work. Very helpful video, to someone who is trying to pursue a career in SOC
I appreciate that! Keep at it. Theres a lot of opportunity.
Excellent interview Gerald. Very informative. Along with studying for Security+, I have installed Kali on VM so I can start learning some of the tools.
Great interview! Very informative with lots of invaluable information. Thanks for sharing!
Thank you Gerald I really appreciate the video and I am working actively towards a career in SOC analyst.
Lots of SOC positions are available. Only 10 years of experience for an entry level position.
I loved this talk over the soc life talk I just watched .
Thanks for sharing. Did you like both perspectives? What about Eric’s chat did you love over Brandon’s?
This amazing info Gerald, thank you so much for this. Learned a lot, subscribed and notification turned on. Can't wait for more fantastic videos like this. Thank you again..!
Thanks for the sub! and the bell for notifications! whoop whoop. I'll keep cranking them out, if you keep watching.
Better late than never!!! Thanks for the valuable insight!!!
i appraciate both of you to clarify what criteria are looked for for SOC
Thank you. Eric was awesome in this interview.
A year ago I made the choice to enter the cyber security field. Been a SOC Analyst for almost year now and still find this video to be very insightful.
Thanks. Eric is awesome.
do u need to know how to code or program for a career in cyber security??
@@Polored528 nope, but I suggest taking a look at free courses here on CZcams covering Powershell, Bash and Python. But only after you gotten a grasp of what cybersecurity is. Gerry has a great and FREE course on CZcams. Take a look at that. Combine it with some labs on tryhackme.com and you’ll get a great foundation. After that I absolutely encourage you to start learning Powershell, bash and Python.
I’ve been a SOC Analyst for nearly a year now and just now started a Powershell course, Linux course and Python course. But that after a year of learning and building on the basics.
@@Jotin8664 sir what kind of software were you working with once you got a first job as SOC analyst ??
Thank you very much dear Gerald for sharing this..this is so much helpful for all pursuing SOC analyst
You are very welcome
This is very informative. Thank you to the both of you.
Glad you enjoyed it! Eric is a great interview. His whole team is excellent.
I got my Sec+ certification back in June. I've also done studying with lab assignments at home. I also have a masters degree in IT. However I'm still having a difficult time getting my foot in the door in cyber & infosec because I can't land an interview. I apply for a job and in a week or less I get the automated rejection letter in my inbox. I live in Atlanta, GA.
Have you thought about working for the federal government. Great source for entry level jobs in Cyber. Look into jobs at the NSA
@@shayscott7498 Is there a good jobs website for federal jobs?
@@okeyokafor648 hey bro did you get anything yet? How's everything going?
It was great. Thanks. Gerald, could you provide information about physical security jobs such security consultant, security manager and etc. Thanks.
I was an aircraft mechanic, or officially it was aircraft electrician
Your doing a excellent job Sir.
Great content ! The CTO had lots of great information to enhance my career in infosec !
Talk about a guy that knows his Craft! Eric is awesome.
Thank you Gerald. This is helpful
Glad it was helpful! Eric is a great guy.
Valuable information, thank you!!!
Wow 👏 such great information. I wish he was my interviewer 🙂 makes me feel at ease.
Thank you so much for this interview!
He predicted the SolarWind hack the week before Christmas lol great interview!
Great pull Jose. Where in the video did he say it? Would love to carve it out.
13:31 - LOL. great find.
I love this video seeing as becoming an Analyst is my goal.
Amazing and really helped me Thanks man👍
Great video Gerry!
Thanks Brian! Just seeing this comment now. Sorry man. You are going to be crushing SOC soon enough :)
This was great. You should do more interviews
Check out the last umpteen videos on the channel. Its interview central as of late. So many great minds to engage with and get perspective. Thanks AS
Recent Cybersecurity A.S. graduate. Feeling a little lost applying for jobs. Even entry level jobs require experience or a higher degree.
yes. thats fairly common. recommend getting practical skills through labs and adding to resume.
What qualification, cert, knowledge to get SOC job ?? What other entry level positions will be ?? Can we do it remotely ?? Did you have a video on this ??
Look at Security+ or CySA+. Keep an eye out for BHIS training (wildwesthackinfest.com/training/) They do great stuff and often have a blue team / SOC bend.
For other entry level positions check out this playlist of several I cover: czcams.com/play/PL4Q-ttyNIRAqog96mt8C8lKWzTjW6f38F.html
Thank you so much for this one !
My pleasure!
First time viewer of this video and found it very helpful to get to know about the position. Could we get a video on vulnerability management related interview plesase ?.
damn I can't wait to watch the whole thing, studying what sensors do in a company's network and I was Air Force too.. Eric seems like a great guy to look up to
He is a great guy and incredibly knowledgable.
I Do have passion for Cyber security but unfortunately i find that 12 hours shift is too long or too much in my country ........... 9 hours is enough
He said the one thing that most hiring people have no concept with. "I can fill in the training gaps" this translates to you do not need the experience, we can train you. That is something that 0.001% of hiring people and companies are willing to do.
Getting through hr and getting to the hiring manager is that challenge. I’ve hired ppl that didn’t have experience on our tech stack but their analytical process and “hunger” to be a cyber pro was obvious. I was involved in hiring a former golf pro who turned to Cyber when his golf situation wasn’t a good deal anymore for His family. Turned out to be an amazing soc analyst; he now leads a cyber program at another company. Having said that I’ve been passed over for a job because I didn’t have the experience on a certain fed regulation and the other guy did and could immediately address it.; so it happens. Thanks for commenting and watching Jerry! Best wishes.
Thank you SO much
Excellent insightful information!!
Great video! I didn’t realize SOC analysts did that much. That’s really interesting. I would be interested to hear from someone in the security risk space since risk is a fairly nebulous topic in the corporate world. I have personally found many people in the security industry tend to overestimate their understanding of risk. It feels like risk is one of the most varied implementations across industries. Almost like the blind leading the blind. I think it would be interesting to hear from a SME who could discuss risk in security in terms of practical applications, real world methodologies, opportunities and challenges between risk methodology implementation (e.g., qualitative, quantitative). An example of the latter might be ease of explanation but a lack of informed decision making vs. financial data to inform decisions but challenges with the defensibility of data. Someone from one of the Big Four might be a great resource.
I can do a vid like that. Thanks for suggestion. It’s actually a strong part of my background but didn’t think anyone really wanted more info on it. I did a video on RMF a while back you might dig as an appetizer czcams.com/video/8zxzqpw0jBA/video.html
@@SimplyCyber I am definitely going to check that out since I am in the midst of implementing NIST CSF which will be followed by the RMF. I know most security folks fall on the IT side, so it often feels us not in IT are left with somewhat worthless training. Such as, I feel like most SecGRC topics are far too high level and not very actionable. Based on a quick glance at the video you linked it appears you touch on actionable items. I really wish there were more SecGRC discussions with actual actionable takeaways rather than nonsense like, "You should identify your assets and understand your risk." On the other side, NIST releases publications that are easy to go cross-eyed looking at the amount of information contained within. An honest, practical, and real world view of SecGRC topics would be cool to view if you sprinkled those in now and again. That's just my $0.02.
Jimmy Rustles seriously thank you. I’ve read (more than a few times) Nist 800 special pubs to digest and implement. I’d be happy to make more of those vids now that I know someone wants them. Stay tuned. Won’t be every week but will start to fold them in. What do you need Jimmy? Nist CSF and why it’s great or to do implement, what an SSP is and why it’s the most important doc, or something way more focused like how to tailor Nist 800-53 controls to have practical controls that are FISMA compliant?
Jimmy. GRC piping hot. czcams.com/video/vKUtU4XmGn8/video.html
Really wonderful content in here 👏👏❤️… I’m really new into the whole Cyber Security Analysts thing and I’m still learning everything I need to.
Just need to know a few places or websites where I can apply for work 🙏
Any help would be appreciated ❤️
Great video! :)
Thanks!
Great video thank you!!!
You are so welcome!
Amazing bro!!!
Glad you like it! Eric is an amazing infosec professional. I was so glad he shared his knowledge and experience with us.
I don’t agree with one thing - He says to just talk whether it’s accurate or not and it indicates if someone is going to give up or not. That’s not right because some can be very confident and assertive at interview while at work they will suck. I typically struggle in interviews but once I land a job I excel compared to those who do well at the same interview but underperform. Some people would tell they don’t know if they don’t know something and that’s integrity. But when they get time to work on the problem, they will not give up. An interview is not the best measure
Thanks for sharing your perspective. Interviews can be challenging, especially if you’re nervous. Doesn’t always reflect the professional that would be executing the work day 1.
Thanks for the video, taking up the suggestion on a home siem. Installed S/O. Sure could use some tips to ingest netflow data. Feel so lost
I'm working on that too atm. i have the switch between wireless ap and router for port mirroring, but cant put s/o on a pi so looking for a better option. Once i get my situation working for home siem monitoring ill share. If you get it working, ping back. Thanks for watching!
@@SimplyCyber may i add I am a total noob so excuse any silly response. I got it to work once using a cisco 2900 switch.
How: Set up port mirror to mirror traffic from home router to another port on that switch. Then I sent that into S/O.
Then set VMware adapter to promiscuous mode as my monitor interface. The switch was too bulky so I'm looking so a simpler solution.
Not to be pessimistic but this guy is prior service and sounds like he was an NCO so of course he has that "train to competency" mindset when it comes to hiring....I feel like you'd be hard pressed to find someone without prior service that thinks like him (a credit to him).
Very inspiring ♥️
Good job gents.
I have an interview next week and I am taking my security+ this week.
I am so nervous,
Have confidence in yourself. You've done the work, studied the material, worked on it. Every step is a big deal and a win when you take it. Best wishes on the exam and the interview!
Thanks. Do you think a person with no IT experience can grasp the concept easily?
@@Priceymami Not sure which concept you are referring to, but cybersecurity yes. You just need to go get some education on the core IT things (Networking most prominently) to round out your IT knowledge. Attitude goes a long way too. Nobody wants to hire a brilliant jerk. Hard skills (like how to use this firewall, or how to deploy these agents,) all that can be taught.
Thanks so much.
@@Priceymami Another vid i did that focuses on what you need to know at your level for cyber in Networking. Its not exhaustive, but could help with the interview. czcams.com/video/XgOF6GhiMuM/video.html
In the case of the alert fatigue- how would you go about fine tuning to isolate the legitimate issues?
Thanks Jen. The best approaches I'm familiar with are two fold.
1) turn off a lot of your alerting. I know this sounds counterintuitive, but hear me out. If you turn off, and then turn on a few high profile alerts you want to make sure are firing true positives, then you start tuning those high value ones. Then slowly start introducing more. If you aren't really able to respond in the first place turning them off isnt introducing that much more risk.
The 2) one and I'm going to do a video on this soon (when I interviewed Brandon Poole in this video --> czcams.com/video/Cst8K64j5_Y/video.html ) he told me after we rapped up that video about 'detection engineering'. This is a technique where you start bundling multiple alerts (in a boolean style frame) with each other that have high fidelity of true positives and make those the alerts. For example, powershell running isnt always malware, but firing on it would be crazy. But if powershell runs, then svchost spawns, and the hallmarks of process hollowing follow, then you alert and feel confident its actionable.
I'll ping Eric and ask him his thoughts and post them here (or ask him to). Thanks for the question and for watching the video.
Gerald Auger - Simply Cyber Thank you! This will give me a good idea of where to study up.
Whats the easiest postion in the cyberfield? leisure, able to take extra brakes, not a heavy grindibg workload etc
Auditor might be closest but for the most part the cybersecurity field doesn’t have a lot of those job types.
Can you train up the cert route without a bachelor degree and become a SOC analyst 1?
Yes, absolutely. Check out the "How to get into cybersecurity with no experience" video on my channel i did on 11/12/2020. I have a section called certification v. education v work exp. I cover the changing attitude about formal education, some of the limitations not having a BS will do for you, and why you can totally get a great job without one.
Thanks for this video man. I currently have my security+, CySA+, & I’m scheduling my Pentest+ soon.
I finished a 8 month long cybersecurity bootcamp-type program about 6 months ago.
About 4 months ago I accepted a Tier I helpdesk position (my first IT job coming from fast food). Overall, I have enjoyed the experience but honestly I feel like I’m more than capable of excelling in an SOC analyst position to kickstart my cybercareer.
Although I lack IT experience do you think it’s possible for someone in my position to land an interview?
Thanks again for the video brother. I’ll be sure to like and subscribe.
Much love,
Fake bron
You’re doing the right things. I’d keep at where you are and see if you can connect w infosec office at that company to see if there are any projects that you could help support. Don’t ask for a job, ask how you can support. Additionally I’d work on blue team labs online (that’s the site name) or RangeForce. Go through, get more practical soc skills, highlight them on your resume. Yes you can get a soc job.
Btw I created a playlist tailored for this question: czcams.com/play/PL4Q-ttyNIRAomhB6uWAob2RWMwCNlQ6UY.html
Goat.. hows your career going?
@@judahtunes2245 my career is going well!
I haven’t made my way into cybersecurity yet but I’ve been working hard!
I just recently received a $15,000/yr raise at my current help desk position, putting me over $60,000/year! Crazy to think about since I was working fast food making 12/hr a little over a year ago.
I truly see the handwork paying off everyday. I hope to make a full transition into cybersecurity within the next 12 months.
@@goatlebronjames4052 thats great man.. I hope you keep progressing. Just in the beginning of my journey right now. Thanks for responding
@@judahtunes2245 no problem Judah! Thank you so much for the kind words!
Good luck on your journey as well. It gets tough at times but as long as you stay persistent & work hard you’ll be fine.
HI, I WOULD LIKE TO KNOW THE TOP PHD CYBER SECURITY PROGRAMS SIMILAR TO THE ONE AT DSU FOR INTERNATIONAL STUDENTS
I havent done the research to know the answer to that question. My suggestion would be to use Google to find potential schools offering the PhD program you want, then find people on LinkedIn that have graduated from the program and get their perspective. It is a lot of work to do this, but you will get the answers you are seeking. Plus its a micro example of the actual level of work you would be doing in a PhD.
I’m a BI Developer making a very good salary. Looking to switch to security because it’s a field that has always interested me but I’m worried about a pay decrease. What’s the typical starting salary?
Barry, salary depends on a lot of variables including company, industry, and location. Also you don't specify position, but assuming SOC analyst because of the video. With no experience, no certs, a ballpark could be $45-70k. Thats a wide swath but there are a lot factors.
I currently hold my A plus and Network Plus certification. I plan on obtaining my Security Plus early next year. Do you think this is enough to apply for an entry level SOC position. I currently have 5 years of experience in I.T. in an Helpdesk role.
I’d consider sec+ also, practical skills reign surpreme in soc so check out blueteamlabs online or RangeForce . They are good and known in space. Soc can be grind so there’s a lot of turnover. Watch the “soc life with brandon Poole” video on the channel to see what the job is day to day
@@SimplyCyber Update. Ok note sure if you will see this or not. I just wanted to give a little update. I have obtained my Security+ and CYSA+. I am so excited, I have also worked on a few practice labs also.
@@strappedup24 I do see this and congratulations! Putting in the work is one of the hardest parts and you’re doing it. Not sure if ur networking but may consider coming over to the SimplyCyber discord server to socialize and network w cybersecurity professional community (it’s my server) SimplyCyber.io/discord
@@SimplyCyber Awesome. I will check your Discord out.
Do IR next
What usually comes after a second interview?
It depends on size of company, position, etc. Sometimes thats it, sometimes you have a 3rd or 4th, or you have a hands on technical interview, a meet the team interview, etc. It varies org to org.
Pls can u invite lifecycle and vulnerability analyst.
Great idea. I'll add it to my show ideas list. Thanks for watching and the suggestion.
How to be a SOC analyst level 1 without Cyber Security Certs?
I don’t understand the question but I will share that Soc analyst roles don’t really have certifications. You would get trained/cert in specific tech stacks that would be used in a soc and that could help (like splunk for example) but idk any soc wanting a specific cert from their entry level analysts
Thanks for yourr information
In a good MSSP, there is almost always a playbook right?
Playbook, runbook; for operational purposes or compliance purposes? :) Being playfully humorous, but hopefully they have some standard workflows at MSSP.
#SOCSecurity
Anybody knows a job that is hiring
Def get on infosec discords for this
press the button monkeys!! is what I hear...
Fix your toaster. Great motivator for a novice
🦾🥳