Infosec is a mindset as well as a job, but burnout can happen to anyone

2020-07-20 07:27

"In olden days, being a SOC analyst was a respected gig. Entry-level SOC analyst was how you broke into the industry, learned about alarms, alerts, and notifications, and earned your chops in incident response, root cause analysis, report writing/documentation, and potentially, if you were awesome, in presenting it to the boss(es). Then you were either put on the incident response team, or moved over to digital forensics, or you could maybe switch a bit to DevOps/SecDevOps if that caught your interest. Even pentesting, if you got really good at blue teaming, which is a pretty good pathway into breaking and red teaming," Marpet explained what he meant to Help Net Security.

"Now, in many companies, SOC analyst is a dead-end job. With the extreme specialization and commoditization of SOC analyst jobs, anything interesting is taken away almost immediately: 'Oh! This looks bad, send it to Incident Response!' or 'I'm not sure what this is, send it to Security!' SOC analysts became security dispatchers a while ago."

K.C. Yerrid, an IT security professional who's no stranger to burnout, also says that it's difficult to grow from a SOC analyst role in an organization.

"Alert fatigue is a real phenomenon, and the rate at which alerts can come in could lead to a perceived lack of control in the outcome of one's responses. We all know that SOC analyst jobs lack sufficient reward, and company culture dictates the strength of community. Finally, as mentioned, it's an uphill climb to be promoted out of a SOC analyst role. The value mismatch can come from the manager or organizational level."

Infosec is a mindset as well as a job, he points out.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/s-_x3GmPR3I/

#infosec