echo_time_cat wrote: »
Is this a common issue in SOC's (attitudes and conflict etc,), or did Remedymp simply manage to land in a nasty one?
Pupil wrote: »
I know quite a few people who work in various SOCs and it's nothing like that.
Remedymp wrote: »
Then how do you explain the previous comments in thread about similar SOC experience?:
UnixGuy wrote: »
Leaving that SOC is fine, if anyone asks you can tell them that the environment was full of bullies and you can even mention that conversation; it's not that you're job hopping or anything - you have a legitimate reason.
jeremywatts2005 wrote: »
UMM not the SOC where I was at sorry bud
SaSkiller wrote: »
MMM. Love this thread. My personal, most recent SOC experience was different. Although that story told by Remedymp sounds very familiar...
We have a bunch of analysts who are technically astute and are passionate about security. But because of company policy, there is little room for growth. The company is working to change it, but time will tell how it works. The big issue was management. The managers were recruited from the SOC, so while that is good in some respects, the have an understanding of our challenges, they are not the best managers, it takes them forever to do something as simple as make a shift schedule, multiple meetings to make simple decisions, multiple projects and little shared vision.
But they were over all decent people. The only back biting I generally saw came from a few people who had been there a little while who chased metrics. (Don't get me started on metrics. FYI managers, forcing metrics WILL decrease quality. And that will effect your company even if you think the risk is acceptable, it only takes one missed analysis...)
But as far as how different SOC's will work, its a tough call. All will differ, no matter where you go there will be issues. Thats the world. Full of people with different issues. Some are racist, some are abusive, or manipulative, some are hard workers, some will do the bare minimum. Take care of yourself, plot out a career.
Remedymp wrote: »
I accepted an offer to work in a SOC few months ago as a Network Security Analyst. I have several years of experience working on the End user client facing side of IT as an Analyst as well worked in Datacenter as a technician.
However, I have never experienced anything like the SOC before. Ego's tripping everywhere. Everyone has a chip on their shoulder, lack of mannerism, individual mindset (look at me,etc) rather than team focus. Antiquated tools and process to perform your duties. Every guy is a tough guy with their GIAC certs. The more GIAC certs, the worse the attitude becomes. Sarcasm about other roles of others in the SOC. Back biting of people they just got off of con call with or exchanged an email with.
I have never been in a more toxic environment before. Most of the people have never worked anywhere outside of the SOC. This is their first and only job in IT. So, they have pretty much mastered their job role to a point where it becomes like a fraternity or something to join in with them.
Has anyone else worked in a SOC here? Care to share your experience?
si20 wrote: »
OP. Your experience sounds like mine. In fact - it sounds like you're working at the same company I worked for. Check out my post about it:http://www.techexams.net/forums/jobs-degrees/112242-entry-level-security-roles-typical-day-security-analyst.html#post953909
I'm currently working in a SOC for a different company but i'm in the process of applying/going to many interviews to help to get my ass out of there. I absolutely deplore working in a SOC and let me tell you why...
My first 'SOC' job was a 'catch and dispatch' job. The rules were ******* pathetic. We'd catch 10,000 alerts+ and around 3 of them would be a real attack. Our setup was so bad that we'd have to manually investigate each alert to be sure. It was mind-numbing. Imagine a team of 4 working through 10,000 alerts, only two of the team knew what was good and what was bad, and the other 2 knew nothing. I became a full-time teacher to the newbies and I was being paid the same as them.
On top of that, we hired guys who had never worked in the IT industry before - fresh out of University with no job experience. They were the pits...
I mean....they were the pits. We had new guys deleting exploit kits from the systems, clicking on phishing emails - the place was an absolute joke. We even had the nerve to tell customers we were "protecting their networks". We weren't protecting anything, we were just watching (some) attacks happen. Customers were paying very big sum of money for "protection" and the SOC Analysts were being paid peanuts. I told the newbies that they shouldn't click on phishing emails and they need to investigate better but I was on the same salary as them. I had to leave because I was doing the work that someone on 90k does, but I was getting paid 25k (£ sterling).
Fast forward to my 2nd SOC job. I'm not 'catch and dispatch' now - but i'm a 'rule tuner'. This means that I spend my entire day in a spreadsheet and 'analyse' how many alerts and firing. It's soul destroying... I'm trying to get into a digital forensics role because I am depressed with SOC jobs. For every one good SOC Analyst, you seem to get 10 lazy, waste of space people who don't know anything about IT or security in general.
This is just based on my experiences. Trust me - i'm being kind. I could probably write a book on how bad working in a SOC is. Don't do it if you value your sanity.
bpenn wrote: »
^ Wow, TPed a car? What is this, high school?
Remedymp wrote: »
They recently TP'd (toilet papered) an analyst car in the parking lot. Very sad.
UnixGuy wrote: »
are you serious?? who did it? why? LOL