Life of a SOC Lead (w/ Alberto Rodriguez)
Вставка
- Опубліковано 9 чер 2024
- Ever wonder what SOC analysts do day-to-day in their work? When people think of a security operations center, the mental image is often giant screens around a command center. But in our remote work world, SOCS are more distributed than you think!
In this episode, we learn about the world of SOC analysts from Alberto Rodriguez. Alberto works both as a SOC lead and offensive security lead and shares his valuable insights from years of experience. In this interview, we talk about technical leadership, building home labs, modern offensive and defensive toolkits.
Join Alberto as he shares his career progression from being an IT help desk guy at a small shop to becoming a SOC lead at a security company.
===== HOME LAB SPECS =====
CPU - Intel(R) Core(TM) i7-8700K CPU @ 3.70GHz
ark.intel.com/content/www/us/...
MOTHERBOARD - B360M-ITX/ac
www.asrock.com/mb/Intel/B360M...
RAM - G.SKILL Aegis 32GB (2 x 16GB) 288-Pin DDR4 SDRAM DDR4 2666 (PC4 21300) Desktop Memory Model F4-2666C19D-32GIS
www.newegg.com/g-skill-32gb-2...
STORAGE -
Samsung - 860 EVO 500GB Internal SATA Solid State Drive
Seagate Barracuda ST2000DM008 2 TB 3.5" Internal Hard Drive - SATA
www.amazon.com/Seagate-Barrac...
CASE - APEX MI Series MI-008 Black Steel Mini-ITX Tower Computer Case 250W Power Supply
www.newegg.com/black-apex-mi-...
FAN - Noctua NH-L9i, Premium Low-profile CPU Cooler for Intel LGA115x (Brown)
www.amazon.com/gp/product/B00...
EXTRA - Ethernet to USB3 (For physical port mirroring)
www.amazon.com/gp/product/B00...
00:00 Introduction - Alberto Rodriguez
01:44 Working as a SOC Lead and Offensive Lead
02:52 What is a SOC Lead?
03:36 How do security operations centers work?
05:12 Day in the life of a security analyst
08:35 The offensive security client engagement process
10:26 Mindset differences between cyber attackers and defenders?
12:25 Tools of the trade for offensive and defensive security
15:51 Tips for keeping track of cyber tools and resources
17:23 Common cyber security pitfalls for organizations
19:58 What does a security operations team look like?
21:48 What are the skills and salaries of security analysts?
23:04 Salary ranges for tier 1, 2, and 3
24:07 What are people in the SOC like?
24:47 How to lead technical people
26:21 Words of advice for non-technical leaders?
27:24 What’s the job interview process for a cyber security lead?
29:13 Tips for the technical interview
31:03 Starting off in cyber security
32:45 The hardest part of learning cyber security
33:32 How long it takes to feel confident learning?
34:00 What resources are useful for learning cyber security?
35:30 Useful Capture-the-flag and practical cyber labs?
36:36 Cyber security training as a beginner
37:29 Building a home lab
41:22 How much does a home lab cost?
42:20 How important are certifications really?
45:45 Hobbies and interests
46:45 Cyber security advice for family members
48:18 Main interview closer
48:39 Get in touch with Alberto
We released our very own Discord server! Join the cybersecurity conversation at / discord
FOLLOW and SUBSCRIBE!
👉 UA-cam: / cyberspatial
👉 Twitter: / cyberspatial_hq
👉 Facebook: / cyberspatial
👉 Instagram: / cyberspatial
👉 LinkedIn: / cyberspatial
#CyberSecurity #SOC #Cyberspatial - Наука та технологія
Which one are you more interested in, offense or defense?
Offense but that might change as I learn,isn't it better to bear both in my mind as beginners...?
Defense, soc analysis, threat hunting
#Defense
Offense role as a "pentester"
Defense.
Something tells me this channel will become really famous fast....
Thank you for believing! 😊
the best so far...
Hey Ricky, I know you’re new but PLEASE continue pumping out content, you’re a great narrator and presenter and have very well thought out videos! Thank you!
Comments like this inspire us to achieve greater goal. Feeling blessed! 🙌
@@Cyberspatial Totally agree with @Brian B. I started following your channel recently and it really has quality content
@@sowndarraja7719 Thank you! Glad to have you here :)
This host is awesome. He asks the guest to clarify and explain certain topics, which are the _exact_ topics that I didn’t understand or know about.
Most informative cybersecurity video I've seen on youtube in a very long time. No fluff or gimmicks, just raw educating information that holds our attention... boy! you are rare!..
Appreciate the kind words. We like to keep it direct to the point and concise. 👌
Great interview from top to bottom, i sent this video to some colleagues that are involved in building SOCs right now, it’ll definitely be of value!!!!
Wow! Thanks so much! Regards to your colleagues 😊
This is the best interview I have seen in cybersecurity. A lot of questions I had were honestly answered. Thanks guys. You all have a golden heart.
Udensi Udensi A. Anything for you guys! More to come! 😊
I bet you, this channel will become the holy grail of security pretty soon. I want to congratulate the owner already. They really know what they are doing. Plus sharing it with the world, I am so happy Internet exists and we have people like these who actually are paying all the respect to the Internet by uploading such content. I can write more but the content is so good so shifting back to the video. Thanks!
It's support like people like you that keep this going :)
Simply put...just great content you can expect for cybersecurity. thank you very much.
Thanks for the kind words!
i like cyberspatial so much!
Thank you!
Ricky, thank you for asking the question re: "What does your team look like?" As someone who is interested in migrating into tech, I am often anxious about the lack of diversity and what the culture is like. It's not a question a lot of people are comfortable taking on, so I'm also grateful for Alberto for being open about "who" makes up his team.
This is good. This has a lot of value. If you pay attention. You can tell this guys is very intelligent.
seeing this guy Alberto and his approach towards his employees I want him to be my boss. also I have zero technical skill, but that's besides the point :)
This interview was a goldmine of info for people new to the industry. Great stuff
Thank you! Insiders know it best.
I see KNOWLEDGE, I ABSORB! Keep it up @Cyberspatial.
Thanks, will do!
Simply superb content, thank you both. Thoughtful questions and really insightful answers.
Appreciate it!
This channel is pure awesomeness, thanks for the great content!
R0n1nX thanks! More to come!
Awesome interview, thanks for the great guests, and the great wealth of information your channel always provides 🙏🏼
Thanks for listening!
This is one of the best interviews I have seen for cybersecurity industry. Your questions were to the point and Mr Rodriquez answered in detailed, he is a great professional in this industry. This was the most informative cybersecurity video I've seen on youtube in a very long time i've been searching. You deserve RESPECT. Thank you for the 49:42 minutes of educational informations. Subscribe, like and bookmark are the right movements. Greetings from GREECE.
Felt blessed after reading your comment. Thanks so much, glad to have you here :)
Thank you guys for the interview. Really appreciated the information. This makes me excited for the future.
Glad you enjoyed it!
Thank you for this amazing content!
I would definitely appreciate a podcast from you :)
Maybe one day! :)
this video truly has it all
This channel is changing my life
Humbled to be a part of it 🙌
I needed this type of content.
Thank you Alberto and Ricky
You're very welcome!
Awesome interview! Thank you both!
Thanks for listening!
I LOVE this channel ❤️
Love to have you here ❤️
Awesome content, this is becoming one of the best channels in cyber security. It would be awesome to see a video or a series about kinda building a home lab for beginners and/or testing and recommending tools, I don't know, just a thought. Keep up the good work!!!
Great recommendation! Working on it :)
I really wish there was a way to become an apprentice for roles like this, especially during these times.
Same! Right now I’m going for security + and building a SIEM virtual lab which is the advice I got from professionals! Also don’t be afraid to take internships because they can lead to jobs (internships are the new ENTRY level)
God bless you
Build a strong baseline. Seek out a local Linux User Group or cybersecurity Meetup to network with people already in the field. They're probably virtual at this point. Look at internships, like the others mentioned. Don't stop trying to look for mentors.
In switzerland you can do a Bachelor and Master degree in Cyber security
Great video Ricky!
Thanks!
GREAT CONTENT!!!!! Bell Notifications has been activated!
Thank YOU!
Excellent interview.
Thanks!
Awesome, Awesome interview
Thank you!
Another great content, Ricky! I know you focus on inviting guests over and doing an interview-style with them, but I would love to have a Podcast-style where you can talk and share some insights as well. Either way, I still love these interviews since I learned a lot from them. I would love to learn more about your journey as well.
Haha perhaps one day! Sure keeps people curious...
very helpful. thanks
Glad it was helpful :)
Amazing
Daniela Rodriguez thank you 😊
new to the channel, but your background is on point lol
Great Interview! Greetings from Berlin!
Saludos desde Berlin :)
Schöne Grüße aus Deutschland :)
Thank you!
Absolute quality
karnell whyte thanks! 😊
Hey! Loved this interview! Could you please make a video on how to get started with cybersecurity and all the things necessary for it? Would be of immense help. Thank you
Thanks for the recommendation. We're slowly getting there :)
@cyberspatial. You’re a fantastic moderator. Great content!
Thank you!
This man was my lab help session Instructor
C17!!!!!!!!
Awesome!
Very nice chat. Subscribed. About the reports. How does doing them manually scale out?
Templates help a lot.
@cyberspatial would you considering making a video on how to build a homelab? that would be a great content ;)
Thanks for the suggestion! Will look into it!
great content.. can you also interview Security Managers
Thank you! We're bringing more people in the channel ☺️
Nice👏😊👍
What are some of the recommended certifications to be part of the Blue Team?
Certifications aren't gonna guarantee you a spot. But SANS has an incident handler cert that could help.
💕
☺️
Where is Alberto youtube channel!?
ARMY STRONG
Please make a video on reaver and hacking WPA using wps.
Will keep in mind.
regarding IOT & Network pentest what are the best resources either to learn? can u please share your own knowledge ?
Recommend you follow the experts on Twitter who have a passion for IOT & Network pentest.
im thinking of pursuin a career in cybersecurity... is there a difference between a cybersecurity analyst and a SOC Analyst?
Im kinda confused about the two but I do know that SOC is a team of different peple like pentesters, incident responders, and cybersec analysts.
SOC/Cybersecurity analyst are used synonymously quite a bit. A SOC will have tons of folks, yes. But A SOC analyst is traditionally a blue teamer.
Thanks for the answer really clears out things
"Cybersecurity analyst" is more generalized. It's like saying "martial arts practitioner" vs "judo practitioner." A SOC will usually just consist of analysts and incident handlers, less so pentesters.
@@Cyberspatial oh ok thanks.
@@taguibao27 Welcome :)
Ok , I really was thinking on varies path of jobs like in the tech world , is it possible to be like a CS engineer and a hacker Also???
100%
There is no path to cyber :). I’ve worked with many that were... music artists -> red teamer
"Hacker" usually refers to offensive security. You can be a cyber engineer researching/doing offensive security.
i have two questions for you
1. if i am working as soc how to move into penetration testing
2. how to convince a company to move into a pentest team within a organization
Great question!
Start doing some hacking on your own time. Learn the fundamentals to the point where you won't be a liability. Then I would ask your employer to shadow and work with the offensive folks. Can't hurt to ask! You can also use some offensive tools to audit and check on configurations in your environment. As a SOC analyst, you can do a phased approach. Like 1) Run bloodhound and analyze all the attack vectors. Then make sure you can detect against them. 2) Run Responder and make sure your tools can detect LLMNR/NBT-NS poisoning. Etc.
1. Spend a lot of time self-studying and learning from people on the pentesting team.
2. Word-of-mouth referrals and recommendations.
I would love to get those specs on his home lab!
It's a Micro ITX Build
32GB RAM
ark.intel.com/content/www/us/en/ark/products/126684/intel-core-i7-8700k-processor-12m-cache-up-to-4-70-ghz.html
2TB SSD
Micro ITX Build
32GB RAM
ark.intel.com/content/www/us/en/ark/products/126684/intel-core-i7-8700k-processor-12m-cache-up-to-4-70-ghz.html
2TB SSD
We'll get something more comprehensive in the description shortly.
@@Cyberspatial Thanks! You guys are awesome!
hey can you help me i am very weak a math! can you help me where should i start math for computer science(developer,cyber expert,etc)
please :)for starting and if you can some resources for that:) and which language to learn(c++ or java or python):(
Start by learning the command-line and bash. You don't have to be great at math to be good at understanding cyber security. Start by learning system administration and networking as a foundation. Then pivot into specialized topics.
@@Cyberspatiali mean any basics of maths literally i dont know any thing:(
@@Cyberspatial please ,contact with me at fb for some motivation to clear some doubts please how can i contact you i always try to reach others for some help and motivation but you replied please:)
Anyone else think he looks like Elliot Alderson as a kid?
He's a much better on-screen!
Sir, please make a video on how to learn windows sysadmin for free.
Will look into it. Thanks for the recommendation :)
Google Calendar 😱
HI 😊😊 BRUH
Hi 👋
Can you share Alberto's lab specs? :D
It's a Micro ITX Build
32GB RAM
ark.intel.com/content/www/us/en/ark/products/126684/intel-core-i7-8700k-processor-12m-cache-up-to-4-70-ghz.html
2TB SSD
Ah yes, thanks for the reminder!
you are best love you.....hmmm you are best
Glad to have you hear. Thank you :)
@@Cyberspatial hey can you help me i am very weak a math! can you help me where should i start math for computer science(developer,cyber expert,etc)
please :)for starting and if you can some resources for that:) and which language to learn(c++ or java or python):(
please:(
His resume can just be a URL to this vid lol
Is there any particular reason not to hire women as SOC analysts? Hispanic men with mustache who love fishing, well, that's not a very diverse environment.
Some of the smartest people in the cyber & computing field are women. Ballpark figures, they represent 20-25% of the industry. Pity there just aren't more. Could be discrimination, though cyber is one of the more meritocratic fields out there. Could be lack of interest in IT/cyber. Some research out there (CompTIA) suggests girls' interests in tech lessens as they get older. Lot of contributing factors.
"Diversity" tends to mirror the region/local. A place Miami City is over 70% Hispanic. What would one expect?
@Pervy_Sage I'm sorry you have that experience. Probably worked in a crappy place, didn't you? But, wow, at least you got to work with women! Some folks never do.
@Pervy_Sage well that's not what I would say from my real experience ;)
what would be a good alternative to
the "B360M-ITX/ac"? im asking because it is currently out of order on the site.