A day in the life of the entry level professional...

mooed_music

I was wondering if you those of you who have been there could describe the daily tasks of an entry level security professional. I am more curious about a what day-one as a pentester or security analyst is like but others may be interested in other IT realms so any insight would be appreciated.

YFZblu

Security Analyst (Level 1)

-Arrive, start reading email
-Start up the SIEM
-Read shift turnover
-Analyze events related to malware, policy violations, intrusion detection, anomalies, and other suspicious activity - and document investigations with my finding when legitimate Incidents are discovered.
-Cover ticketing queues for current open issues/incidents, user inquiry, phishing reports, account lockout issues, etc.
-Perform vulnerability scans internally
-Complete personal projects / study / read security news - I work 3rd shift, so I have a good amount of time to do this at night
-Update shift turnover, leave

jvrlopez

- Arrive about 5 minutes before shift change. Start BSing with the previous shift technicians and go over anything worth mentioning.

- Shift change. The supervisors of each section present their findings of their previous shift and anything important is passed along to all.

- The previous shift leaves and the current shift gets logged in, catches up with emails, logs into their tools, and gets started.

- Step out for a smoke, use the restroom, or just take a walk in the parking lot (I used to work nights).

- Lunch is had "on the clock" Most people either packed their lunches or pooled money together and sent a runner to go get something (burgers, tacos, subway, etc).

- Continue monitoring.

- Have another smoke, trip to the head, or walk outside.

- Study if the time presents itself.

- Start winding things down when the oncoming shift starts arriving (usually 10-15 minutes prior).

- Outgoing shift change, brief if asked to by the leads.

- Go home.

wes allen

My previous job in a SOC was pretty much the same as above. I am now maybe a step up from that though, so while monitoring / creating tickets is still part of what I do, I am also doing some engineering / architect stuff as well as some technical auditing projects. And meetings. Lots of meetings.

About7Narwhal

I am going to piggy back on this thread cause it is along the same lines. But I have been looking at security a lot recently. Do you guys enjoy the work?

mooed_music

Is it realistic to think someone could get a Security Analyst Level 1 position with no formal experience but has the ability to learn quickly and has Comptia A+, NET+, and SEC+? With no degree?

Bryan0530

I think it's realistic to get a job... believe in yourself and market yourself well in the interview. I started without any experience and no degree, or certs, and got a decent job. I think you do have to know the tech concepts and keep going to school though. It is much easier get hired with education,experience, and certs though... without it you have a tough road ahead (but possible)

CoolAsAFan

Not trying to hijack this thread but I think my questions are relevant and maybe others were wondering the same.

Are most of the jobs mentioned above in a SOC? If not, what kind of company is it?

Also, what did you guys do before your infosec job? Or did you jump straight into infosec?