What a security operations center analyst does and how to become one

The security operation center analyst, often called the SOC analyst, is a lesser known profession in IT. I didn’t know that it’s a career of its own until I spoke with someone who just made the transition to tech, and this was the path they followed. Let’s see what this career has to offer.

Interview with an expert

Today we have Sara Bazán Izquierdo sharing insight from her very recent transition to the field.

What was your background before switching to IT?

I studied business and tourism, so I didn’t have any knowledge of programming or IT. It was all new to me.

What was your path to get into security?

In the beginning, I used mostly free and affordable online courses. I started with CS50, and then I did a Google course about IT on Coursera, and, for security, I used TryHackMe. After that, I enrolled in a cybersecurity bootcamp. The bootcamp provided the basic knowledge for getting a position as a junior SOC analyst, plus tips on how to job search while changing careers.

What was your motivation to change your career?

I wanted to find something more exciting than what I was doing previously. And security was a very interesting and fun topic. Also, I wanted a job I could do remotely.

Of course, there are other benefits connected to the job that are also good motivators.

How did it work out for you?

After the bootcamp, it took me 3 months to find my first job doing what I was aiming for and that allowed me to keep growing and learning. So, I was pretty happy.

And after 4 months in that job, I was recruited by a different company with better benefits.

How did your background impact your job search?

The most valuable “skill” I had was knowing English. Other skills like customer service (in security, you often need to speak with clients) and adaptability can also help.

It is important to check which of the skills you already have can be transferred. There are probably more than you think.

What exactly do you do in your job?

I analyze the different alerts that are triggered in a client’s environment and decide how to handle them.

What do you like the most and the least in your current role?

I like the cool alerts where you get to use different tools to investigate. You feel like a detective.

I don’t like how it can get repetitive. Some alerts are triggered often and it can be a bit boring when you do the same over and over.

How can one know if security analyst is a job for them?

Often it is a 24/7 job, at least when you are a junior, so you need to decide if that works for you. Each day is different. Maybe one day you have very little work and the next one alerts are raining down on you. You need to know a bit of everything. So, you will probably enjoy it more if you are curious about IT roles that are a bit different.

What new opportunities have you seen open up for you due to experience in security?

Security opens up a lot of doors if you keep learning. It’s a huge field in IT with many different positions. It will depend on what you choose to learn.

At the moment I’m more focused on my current job, so I haven’t done much research on my next move.

What is the best way to start?

I suggest trying free or affordable resources. There are websites like Cybrary or TryHackMe that I found very useful. If you like it, then you can decide the best way for you to gain more knowledge and maybe invest in a more expensive path.

Non-development jobs in the tech

Today, thanks to Sara, we’ve learned a lot about SOC analyst jobs. IT as a sector has grown tremendously, and with its size, so too has the variety of different specializations inside it. Even as an insider, you often don’t know what work profiles are needed in companies of different sizes or in other domains.

I’ve already covered some ways of getting your foot in the door of IT with non-development jobs:

and there are some other profiles worth exploring: product owners, UX designer, technical writers, and UX writers, to name a few. Let me know in the comments if you are interested in learning more about non-programming jobs in tech.