A Day in the Life of a SOC Analyst
The cybersecurity industry relies on the strength of different teams working together. It's a diverse field comprised of technical and security experts of all kind to legal analysts, finance specialists, and beyond. To learn more about the skills and experiences that make up the cybersecurity industry, we interview a different job position at CIS® each month. We sat down with Molly Webber, a Security Operations Center (SOC) Analyst to start this new series.
CIS: Please share a brief overview of what your job entails.
Molly Webber: As a SOC Analyst, I assist state, local, tribal, and territorial (SLTT) governments in monitoring their networks for malicious activity. The job requires great attention to detail and a general awareness for all things cyber. We look at IDS (Intrusion Detection System) alerts, suspicious emails, network logs, and any other resource that provide insight into an entity’s network activity. Analysts are expected to be able to read, understand, and notify on cyber trends. Its critical that we have basic knowledge in areas like networking, malware analysis, incident response, and cyber etiquette.
How long have you worked at CIS/MS-ISAC?
I have worked at CIS for approximately 11 months.
What education/background do you have that helped you get your position at CIS?
I've worked in a variety of fields since graduating with a BS in Business and Technology from Stevens Institute of Technology. Immediately after graduation, I worked in Financial Technology, which sparked my interest in the importance of information security. I then worked for a short time in education before transitioning into a role at a start-up company, called Yukodit. The start-up is dedicated to teaching children the fundamentals of computer science. I did that for a couple of years before deciding to invest in myself and my career by attending a cybersecurity boot camp called SecureSet Academy in Denver, CO. It was this experience that I really credit for the successful interview process here at CIS.
What are 5 daily tasks you do as a SOC Analyst?
- Monitor and analyze the network traffic of our SLTT members for malicious activity.
- Respond to emails and phone calls from our SLTT members regarding MS-ISAC®/EI-ISAC™ notifications and any cyber incidents they may be experiencing.
- Add, remove, or update IP addresses and domains provided to us from members interested in our passive monitoring service.
- Collaborate with our Intelligence team and our Computer Emergency Response Team to ensure we are aware of any cyber trends that could impact SLTT entities.
- Monitor open-source resources for nefarious postings that include the data of any SLTT entities.
What is your favorite part about being a SOC Analyst?
Being a SOC Analyst puts me on our country’s frontline. It is vitally important that my team and I show up to help our SLTT members protect their cyberspace. I also love how this job exposes me to so much information. I learn something new every day and it helps me appreciate all the good work my colleagues are doing.
What advice would you give a prospective SOC Analyst?
Have the confidence to make decisions, and the awareness to recognize and learn from the bad ones.
If you could describe your job in 3 words, what would they be?
Important, interesting, and necessary.
What is a skill or habit that has helped you in your current role?
Asking questions! Its been absolutely critical that I ask for clarification when I'm confused. I'm surrounded by extremely qualified people. Knowing I can pull from their strengths in the areas of my job that I am weaker in has played a huge part in my success.
What has surprised you about this position?
How successful I've been at it. When I started as a SOC Analyst back in January, I was so overwhelmed with the processes and procedures. But, I asked 1 million questions and made contributions quicker than I think many may have anticipated.
How would you describe the company culture?
The people in this building are highly skilled and know they're a part of a team. Every day we work together to build a safer cyber world and do so in a fun and supportive environment. CIS focuses on respecting the opinion of all employees, not just those in high places. Every member of the company is prepared to and capable of proposing sophisticated solutions to complex problems.