As the manager of CyberProof’s security operations center (SOC) in Trivandrum, India, Aneesh Jayakumar faces a wide variety of challenges. In this blog, we’ll explore his daily routine and gain insight into his perspectives on the challenges leading a security operations team.
How did you start your career in cybersecurity?
The field of technology caught my attention during my college days, and the idea of using technology to protect corporate data and networks was always in my mind.
After completing my degree, I started working as an entry-level security analyst. I was always passionate about what I do – and with time, I’ve worked my way up to where I am today.
What does a typical day look like?
My day starts when I connect with my direct reports to check the status of the various security operations that our team is responsible for. We work proactively and keep an eye on monitoring networks for suspicious activity, and responding to any security incidents.
It’s important that we make sure our security policies are up to date. I spend time checking in with the analysts’ team - ensuring they stay up to date on the latest threats, and providing guidance and support where needed.
What aspects of the job do you most enjoy?
I enjoy the challenge of the job. Every day brings a different set of challenges and opportunities. I enjoy working through each challenge and coming up with creative solutions. I’m continuously learning. It gives me a great feeling of satisfaction to successfully mitigate a threat, or to help a team member with a difficult task - I love doing that.
What are the biggest challenges facing the SOC today?
One of our biggest challenges is the ever-changing threat landscape. New and emerging threats evolve around the existing threats, and it is essential for the SOC to stay ahead of the curve. Dealing with this issue requires being up to date on threats, technologies, and best practices. This is a daunting task.
A second challenge involves using the different security tools and systems. As the technology evolves alongside the security landscape, we must continue to adapt – and this requires staying on top of all the different systems and continuously adjusting the way we work together.
A third challenge is juggling our team resources. Because cybersecurity is an ever-evolving and complex industry, it can be tough to find the right people with the necessary combination of skills. It’s also expensive to provide new recruits with the necessary training on a continuous basis.
Can you describe the tasks that SOC analysts do on a daily basis?
The SOC analysts are responsible for maintaining a secure environment by developing and implementing cybersecurity policies, procedures, and controls. We identify and respond to security incidents in a timely and efficient manner.
SOC analysts handle the following tasks each day:
Monitoring networks and systems for suspicious activity
Investigating and responding to security incidents
Analyzing logs and alerts for potential threats
Updating and maintaining security tools and systems
Researching and stay up to date on “best practices” for handling the latest threats and technologies
We are also accountable for educating our clients about correct security practices and ensuring that their teams follow the policies & procedures that are in place.
What are the most important skills that a SOC analyst needs?
Every SOC analyst needs these skills:
Technical knowledge, which boosts the analyst’s understanding of the threats, tools, and systems that are in place and allows the analyst to analyze and interpret data
Communication skills, which are key to collaborating effectively with team members and other stakeholders worldwide
Problem-solving skills, which are necessary to respond to incidents and find creative solutions to complex problems.
Do you have any advice for people interested in entering the field?
Working in cybersecurity requires, first and foremost, having a keen interest in the work. This is an ever-evolving domain. So, at any point of time in your career, you may have to learn something completely new – and perhaps to unlearn something you learned in the past. This is great fun and make the work interesting, but only for those who have a keen interest in cybersecurity.
Aside from this basic interest, I advise people looking to get into cybersecurity to start by developing a strong technical foundation.
Start learning the basics of networking, operating systems, and security protocols. Moreover, before “jumping” into the field, educate yourself on the latest trends and advanced technologies. Start participating in online forums and discussion groups to connect yourself to the industry.
Don’t forget that good communication skills and problem-solving capabilities are also important. Every SOC analyst needs to be able to report information accurately and communicate effectively: to communicate the risks, threats, and solutions to stakeholders clearly, to present the data in an organized and easy-to-understand manner. SOC analysts need to gain an understanding of the scope of each incident and to document it.
Interested in learning more about job opportunities at CyberProof? Check out our Careers page for more information.