A Day In The Life Of A SOC Analyst | A Conversation With Jason Mical | The Academy
03/07/20 • 30 min
When you think about the role of a Security Operations Center (SOC) analyst, what comes to mind? Do you envision someone sitting in front of a computer screen—or multiple computer screens—in a security-focused data center, dismissing alerts all day long? Do you think that their excitement for the day comes when they get to track down an alert or incident to determine if the situation warrants escalating it to the next level on the team?
If this is your view, you are probably not too far off the mark. However, things have changed—and continue to improve—for this ever-important InfoSec role.
To learn more about the growth of the SOC and the analysts that make it work, we sit down with Jason Mical, a long-time InfoSec professional that once ran computer incident response teams (CIRT) long before the concept of the SOC was even a thing.
Jason takes us down memory lane to a time before SIEMs, before, correlation, and pre-automated response, not for nostalgic purposes, though, but for purposes of genuinely understanding this role and the human element that makes it work.
This story isn’t all puppies and candy and free soda at work with the traditional Hollywood ending. And that’s precisely why you need to listen to Jason give us a view into the day in the life of a SOC analyst.
If you are a SOC analyst, you will likely shout out multiple times during this chat. If you run a SOC, you might take a step back and think about how you’re running your team. If you oversee your IT and security operations, you need to explore how to ensure the human element in your SOC can be successful in their role and their career.
Ready? Good. Go!
Guest(s)
Jason Mical
This Episode’s Sponsors:
If you’d like to sponsor this or any other podcast episode on ITSPmagazine, you can learn more here: https://www.itspmagazine.com/podcast-series-sponsorships
To see and hear more The Academy content on ITSPmagazine, visit:
https://www.itspmagazine.com/the-academy
Are you interested in sponsoring an ITSPmagazine Channel?
https://www.itspmagazine.com/podcast-series-sponsorships
When you think about the role of a Security Operations Center (SOC) analyst, what comes to mind? Do you envision someone sitting in front of a computer screen—or multiple computer screens—in a security-focused data center, dismissing alerts all day long? Do you think that their excitement for the day comes when they get to track down an alert or incident to determine if the situation warrants escalating it to the next level on the team?
If this is your view, you are probably not too far off the mark. However, things have changed—and continue to improve—for this ever-important InfoSec role.
To learn more about the growth of the SOC and the analysts that make it work, we sit down with Jason Mical, a long-time InfoSec professional that once ran computer incident response teams (CIRT) long before the concept of the SOC was even a thing.
Jason takes us down memory lane to a time before SIEMs, before, correlation, and pre-automated response, not for nostalgic purposes, though, but for purposes of genuinely understanding this role and the human element that makes it work.
This story isn’t all puppies and candy and free soda at work with the traditional Hollywood ending. And that’s precisely why you need to listen to Jason give us a view into the day in the life of a SOC analyst.
If you are a SOC analyst, you will likely shout out multiple times during this chat. If you run a SOC, you might take a step back and think about how you’re running your team. If you oversee your IT and security operations, you need to explore how to ensure the human element in your SOC can be successful in their role and their career.
Ready? Good. Go!
Guest(s)
Jason Mical
This Episode’s Sponsors:
If you’d like to sponsor this or any other podcast episode on ITSPmagazine, you can learn more here: https://www.itspmagazine.com/podcast-series-sponsorships
To see and hear more The Academy content on ITSPmagazine, visit:
https://www.itspmagazine.com/the-academy
Are you interested in sponsoring an ITSPmagazine Channel?
https://www.itspmagazine.com/podcast-series-sponsorships
Previous Episode
Their Story | Juniper Labs | A Conversation With Mounir Hahad
This contains promotional content. Learn more.
Shining a light on the darkness of threats can’t come at the expense of a lack of trust in the data being analyzed.
During RSA Conference 2020, Juniper Networks announced its ability to analyze encrypted traffic, bringing visibility and context to the network where threats and attacks continue to move toward a world of darkness. From the release: It permits organizations greater visibility and policy control over encrypted traffic, without requiring resource-intensive SSL Decryption.
We were able to speak with Mounir Hahad, Head of Juniper Threat Labs at Juniper Networks, to learn more about these new capabilities and the impact it can have on an information security program as organizations try to maintain visibility and control over their networks, systems, and data.
During our conversation, we cover several topics, including:
- The need for visibility and intelligence to help make critical detection and response decisions
- The value of visibility and information as organizations look to automate some of their security program activities
- The damage that false positives can have on the ability for a team to respond; for individuals to stay effective and productive
- How visibility, automation, and confidence in the information helps InfoSec teams avert burnout
“Whenever I drive product development here [within Juniper], I always push my team to strive towards zero false positives."
— Mounir Hahad
You may not be able to hire as many people as you need on your team. Therefore, you need a level one team that can do meaningful work and not get burned out.
Have a listen as Mounir shares his thoughts on today’s state of cybersecurity, comparing it to the era of industrialization.
Guest(s)
Mounir Hahad
Resources
Learn more about their company and their offering: https://itspm.ag/itspjnprdir
For more stories from RSA Conference 2020, be sure to visit https://www.itspmagazine.com/rsa-conference-usa-2020-rsac-san-francisco-coverage
Are you interested in telling your story?
https://www.itspmagazine.com/telling-your-story
Next Episode
The Uncommon Journey | A Conversation With Ray Redacted | Episode Two
For our second episode, we were joined by Ray Redacted. In this episode, Chloe, Phil and Alyssa talk to Ray about his roots in the early days of hacker culture. As the conversation unfolds it turns to discussion of mental health in the industry and other community related issues Ray is passionate about.
Things wrap up as Ray sends shout outs to some amazing people and organizations!
Guest(s)
Ray Redacted
This Episode’s Sponsors:
If you’d like to sponsor this or any other podcast episode on ITSPmagazine, you can learn more here: https://www.itspmagazine.com/podcast-series-sponsorships
To see and hear more The Uncommon Journey content on ITSPmagazine, visit:
https://www.itspmagazine.com/the-uncommon-journey-talk-show-podcast-phillip-wylie-chloe-messdaghi-alyssa-miller
Are you interested in sponsoring an ITSPmagazine Channel?
https://www.itspmagazine.com/podcast-series-sponsorships
If you like this episode you’ll love
Episode Comments
Generate a badge
Get a badge for your website that links back to this episode
<a href="https://goodpods.com/podcasts/itspmagazine-podcasts-3754/a-day-in-the-life-of-a-soc-analyst-a-conversation-with-jason-mical-the-9494773"> <img src="https://storage.googleapis.com/goodpods-images-bucket/badges/generic-badge-1.svg" alt="listen to a day in the life of a soc analyst | a conversation with jason mical | the academy on goodpods" style="width: 225px" /> </a>
Copy