The role of a Security Operations Center (SOC) analyst is crucial in maintaining an organization’s security posture. A SOC analyst wears many hats but typically acts as a watchdog looking out for attacks in progress while also finding ways to boost defenses and prevent or mitigate future attacks.
In this exclusive Q&A, we spoke with Ben Philip, a level 3 SOC analyst with Acora, about his background and experience.
Did you go to college? What did you study?
I went to Queen Mary College in Basingstoke and studied a BTEC in IT, financial
management and math. In my final two years, I just focused on IT.
I then went on to complete four years at De Montfort University in Leicester, studying
Computer Security. This course included a sandwich placement year at Sir Jonathan North Community College, where I was able to gain experience as their general IT technician. This experience reinforced what I had learned in the first two years at university and enabled me to build the foundations to develop practical skills and build my confidence.
What certifications did you obtain?
Other than my college diploma and university degree, I did not study any additional cybersecurity courses.
However, once I joined Secrutiny (now Acora), they put me through a CybSafe course, which is a CCSA Qualified, IISP and GCHQ-accredited course. It was great to have found a company that was invested in me and my personal development, putting me through the courses I needed.
What was your first role in IT?
Whilst at college and my first few years of university, I worked in a car garage to pay the
bills. My first official role in IT was as a general IT technician during my sandwich placement in my third year of university.
What pushed you to pursue security?
I’ve always been interested in PCs and how they work from a young age, and it kind of took off from there. When I was approaching the end of secondary school and was choosing what I wanted to do next, I thought about what I really enjoyed doing.
I had an interest in IT and the whole problem-solving aspect. I spent a lot of time keeping up with the latest news by reading about the latest hacks, how exploits happened and how to prevent cyberattacks. At that point, I didn’t know all the intricacies of IT, but just thinking about the elements that I enjoyed really drove my enthusiasm towards cybersecurity.
What is the most valuable skill you have learned in your role?
Team communication. You’re only as good as the tools you use, but being able to communicate inside and outside your team is crucial. By having the confidence and communication skills, you can discuss ideas with people who may have different viewpoints to yourself. That creates a well-rounded team.
I know that some people in IT can sometimes be in their shells. I know what it’s like. So, clear communication is the most important skill I’ve learned.
Because of this, I have been able to grow from an “awkward” teenager to a professional and confident adult, which is a great achievement for me.
What soft skills do you think make a person successful in cybersecurity?
I’ve spoken about how confidence and communication skills are important, but also
determination, persistence and willingness to do your own background work, as well as putting in the hours, is CRUCIAL.
It’s all about getting involved at work as well as outside of work. I remember when I was first learning the ropes of my first IT role, I used to stay very late to learn new things, which really helped me in the long run — so determination and persistence are key.
Any parting thoughts or final piece of advice to someone looking into your type of role?
The best advice I could give is to read, read and read more. Stay on top of the news of IT (cyber or general IT), but don’t limit yourself to just one source of information. Be sure to get different viewpoints from multiple articles and make connections.
From a technical point of view, you don’t need to know everything already, but you should learn the basics on how operating systems work, learn the different cyber kill chains, etc. And even if you do not code, try to understand syntax and learn the basics of what it’s trying to achieve, as it really helps. By developing a basic level of understanding, you can then branch out and expand.
From a soft skills perspective, there are lots of IT and cybersecurity jobs out there, but standing out is still critical. Showing what you know and being able to explain why shows real understanding. The why is most important. Also, be honest if you don’t know something; don’t pretend to know it. Employers do not expect you to know everything right away, but they want to make sure that you are a good fit and that you have a willingness to learn.
And remember, you get in what you put out.
Review the 2023 SOC Survey