Darkreading on staffing a SOC

wes allenwes allen Member Posts: 540 ■■■■■□□□□□
in IT Jobs / Degrees
Thought this was a good read:

"If they’re not playing with a Linux box at home, they are not qualified"

The Right Stuff: Staffing Your Corporate SOC
· Share on FacebookShare on Twitter

Comments

  • YFZbluYFZblu Member Posts: 1,462 ■■■■■■■■□□
    Nice find - I've stopped checking DarkReading because of the propaganda, but this is a good article. This is an especially good point:

    "Strong understanding of adversary motivations: cybercrime, cyber hactivism, cyberwar, cyber espionage, and the difference between cyber propaganda and cyber terrorism."

    I've worked in an extremely vulnerable environment before, so I had the advantage of seeing this stuff up close; however I've noticed a lot of infosec noobs severely lacking in this area. Getting them up to speed in understanding cyercrime is just as important as getting them up to speed technically, imo.
    · Share on FacebookShare on Twitter
  • docricedocrice Member Posts: 1,706 ■■■■■■■■■■
    This is a rare article which I pretty much agree on all points. And one of the critical shortcomings in my personal situation is the lack of computer science background. Being able to code (read/write/tweak) would be immensely valuable for me, if not at least to understand some of the more nuanced, lower-level concepts.

    In my experience, passing a certification exam or getting a degree simply shows that a potential employee is a good test-taker or has the determination to plow through a degree program. Neither substitutes for the wealth of experience SOC analysts need to be good at their jobs.


    Bingo. As someone who has more GIAC certs than most people I've met, I fully agree here. I think someone who has gone through SANS training and genuinely passed the exam has good foundations, but those learned skills have to be applied otherwise they fade. Take it from yours truly. There are so many things that I've been trained on yet will have to re-acquaint myself on to bring myself back up to speed. Security disciplines can be agonizingly in-depth, and operational duties often revolve around managing complexity. The rubber band is stretching.

    Of course, there are some people who are just extremely sharp and retain everything they've been trained on with immediate application at a moment's notice ... but that's not me.
    Hopefully-useful stuff I've written: http://kimiushida.com/bitsandpieces/articles/
    · Share on FacebookShare on Twitter
Sign In or Register to comment.