This video came during a very interesting time for me. I've been at an MSSP for about 1.5 years now as an tier 1 analyst, while doing multiple tier 2 tasks as well. During bi-weekly catch up talks with my teamlead I have been asking when I would officially become a tier2, everytime with a different excuse. This led me to look elsewhere and I have found job at a private company who just launched their security operations and will help build out their SOC capabilities more. Your videos were a great addition during my interviewing process. Keep up the good work!
In our environment T2s do tuning, onboarding, decomming, join breach bridges, inbound calls, join monthly customer calls, training T1, kba update/creations, evaluate vuln scan reports and much more. The scope is large and you can learn so many skill just like working at the helpdesk for your first IT job, I think some time in the SOC is essential for all the other jobs mentioned here. Great video as always!
At my SOC T1 only take a very small amount of inbound calls like a couple a day and they are mostly wrong extension choices made for another department.
You still take calls as a tier 1 but not as crazy as a helpdesk / service desk. Think whenever a security incident happens and the client needs assistance.
This video came during a very interesting time for me. I've been at an MSSP for about 1.5 years now as an tier 1 analyst, while doing multiple tier 2 tasks as well. During bi-weekly catch up talks with my teamlead I have been asking when I would officially become a tier2, everytime with a different excuse. This led me to look elsewhere and I have found job at a private company who just launched their security operations and will help build out their SOC capabilities more. Your videos were a great addition during my interviewing process. Keep up the good work!
That is unfortunate for your previous employer - likely lost a great analyst! Hopefully you got a pay bump too heheh, thanks for your support!
Great quality content dude!
Appreciate it!
Love your content!
Glad you enjoy it!
In our environment T2s do tuning, onboarding, decomming, join breach bridges, inbound calls, join monthly customer calls, training T1, kba update/creations, evaluate vuln scan reports and much more. The scope is large and you can learn so many skill just like working at the helpdesk for your first IT job, I think some time in the SOC is essential for all the other jobs mentioned here. Great video as always!
Absolutely! The SOC is an amazing place to network with as well. Always appreciate your input ❤️ thanks for the support!
How about detection engineering
That would fall under tier 3/professional services aka security engineers.
Thanks for your work man :) Can we jump from SOC Analyst (Tier 2/3) to a Forensic Analyst role ?
Yup absolutely! Study the craft and put in the work, an opportunity will come along :)
Are you still taking calls like a servicedesk/helpdesk in SOC Tier 1?
At my SOC T1 only take a very small amount of inbound calls like a couple a day and they are mostly wrong extension choices made for another department.
You still take calls as a tier 1 but not as crazy as a helpdesk / service desk. Think whenever a security incident happens and the client needs assistance.
❤❤❤