A Day In The Life In The Quadrant SOC
Q: What makes a Quadrant SOC analyst different?
STEVE: The fact that we specialize in being an analyst as our primary function. This is not part time monitoring, it’s a full time 24/7/365 analyst job, and requires a unique skill set of information security acumen.
Q: What makes Sagan unique as a SIEM?
STEVE: It’s the way Sagan is designed from a rules set perspective. It’s the same as SNORT and SURICATA, so the tools used to manage those platforms can also be used to manage Sagan. It’s very cool in that regard, and that makes it unique.
Q: What does a day in the life of a Quadrant analyst look like?
STEVE: the analyst starts the shift with a briefing at shift change, and the rest of their day is spent watching customer networks and monitoring the alerts received. Depending on the alerts the SOC receives, they are then doing research and taking action as needed.
Q: Tell us about the process and uniqueness of onboarding & training a SOC analyst at Quadrant?
STEVE: We require analysts to have either a strong security or networking background and they are put through an intensive 4-6 week training regimen, which has a high washout rate because of how rigorous the training can be.
Q: How do Quadrant analysts utilize the BlueDot threat intelligence for clients?
STEVE: BlueDot provides us another threat indicator, as well as insights on past threats and trends, and it serves as an additional tool we can utilize to further safe guard our customers.
Q: What are the recent trends that the Quadrant SOC is witnessing across the threat landscape?
STEVE: Currently, the biggest threats are ransomware and phishing.
Q: How as a manager do you make sure that the SOC is on alert 24/7/365?
STEVE: We try to make sure that the schedule an analyst works is one that they are happy with. We also always make sure that there are lots of backstops, so 24/7/365 there are always multiple people they can get in touch with. Or goal is to make sure every analyst feels supported around the clock, so that they deliver best awareness for our clients.
Q: Are there any unique skill sets that you have professionally developed as a result of the Quadrant SOC?
STEVE: I have developed a very strong understanding and foundation of SNORT & Sagan.
Q: What is your favorite thing to do in life outside of the SOC?
STEVE: I enjoy miniatures war gaming, watching movies, and cooking.