SOC Analyst Training: Everything You Need to Know!

Calling all blue teamers, defensive security fanatics, and aspiring SOC Analysts. You asked, we listened!

Our team of experts have been busy developing a brand new SOC Level 1 pathway to sink your teeth into! Jump straight into juicy training content covering cyber threat intelligence, threat detection, digital forensics, endpoint security, plus much more.

Get started with our Introduction to Cyber Security and Pre-Security pathways, and upskill with our brand new SOC Level 1 pathway!

Keep reading to discover what our newest defensive security training path has to offer and how it can benefit you in boosting your career as a SOC Analyst!

What does the TryHackMe SOC Analyst Pathway cover?

Our SOC Level 1 pathway covers many tools and real-life analysis scenarios, enabling you to become a Junior SOC Analyst.

Play through a day in the life of a Junior Security Analyst as a Triage Specialist. Throughout the pathway, you’ll learn how to monitor and investigate alerts, configure and manage security tools, develop and implement IDS signatures, and escalate security incidents to the Tier 2 and Team Lead (if needed).

Modules within the pathway include:

• Cyber Defense Frameworks - look at a day in the life of a SOC Level 1 Analyst, and understand the various frameworks used to craft responses against threats.
• Cyber Threat Intelligence - explore a collection and analysis of actionable intelligence to avert attacks, with rooms covering threat intelligence lifecycle, frameworks and open-source tools useful in a SOC’s arsenal.
• Network Security & Traffic Analysis - learn the network monitoring practices vital to threat investigations and the core concepts and tools of network traffic investigation and packet analysis.
• Endpoint Security Monitoring - discover the fundamentals of endpoint security monitoring and the essential tools and high-level methodology used.
• Security Information & Event Management -  explore SIEM basics, including features in each SIEM solution, and how to construct search queries to find anomalous traces.
• Digital Forensics & Incident Response - understand how to identify threat data using various tools and methods for conducting forensics against systems and data storage.
• Phishing Analysis - learn how fraudulent emails are crafted and used, and explore the different types of real-world phishing attacks.
• And more!

What can you do with this training?

This path will introduce you to a wide array of tools and real-life analysis scenarios, enabling you to become a successful Junior Security Analyst. Throughout the modules, we’ll prepare you to monitor, investigate and triage security incidents, by gaining an understanding of various security frameworks that will help defend against attacks, combined with the tools and techniques used in network, endpoint and email security.

After successfully completing this pathway, you will have the skills needed to pursue new career opportunities in defensive security, specifically in a SOC Analyst role.

The pathway is most suitable for:

• Security professionals seeking to move to SOC operations
• System Admins with security knowledge
• Red Teamers transitioning to Blue/Purple Teams
• Junior Security Analysts
• Information Security Analysts
• Junior Penetration Testers
• Incident Responders

With hackers rapidly adapting to new security techniques, it’s critical to stay ahead of the curve with continuous SOC Analyst training - which the pathway guides you through!

What is the difference to our Cyber Defense pathway?

Our Cyber Defense pathway provides an overview of defensive domains, including threat emulation and malware analysis. Our SOC Level 1 pathway has been constructed to contain a wider pool of topics in a structured format angled towards SOC Analyst careers specifically. This is a deeper dive into blue team content.

What to expect in SOC Careers

Companies are under threat, with attacks on the rise. As the first line of defence, SOC teams deal with a growing number of alerts daily and are, therefore, in high demand.

The cyber security skills gap is especially apparent within the SOC, with SOC Analysts among the most sought-after roles in cyber security and the second most challenging role to fill, reported in Fortinet’s 2022 Skill Gap Survey.

With this in mind, SOC Analyst career progression offers unlimited opportunities as you advance in your SOC Analyst career path. SOC Analysts can expect to earn a salary ranging between £32,199 ($69,530), to higher level analysts earning £85,000 (approximately $100,000) per year.

For Level 1 SOC Analysts, typical job responsibilities include:

• Proactive monitoring of network traffic and events
• Creating tickets
• Investigating alerts
• Remediation steps
• Closing alerts
• Triaging the incident and coordinating with Level 2 SOC Analysts

As Level 1 SOC Analysts gain more experience, they can then choose to progress to become a Level 2 SOC Analyst, Level 3 SOC Analyst, SOC Engineer/Architect, or SOC Manager.

Become a SOC Analyst

Take a read of our tips for becoming a SOC Analyst!

SOC teams are at the core of a cyber security team and are tasked with ensuring an organisation’s assets remain secure and protected against attacks. A Security Operations Center Analyst (SOC Analyst) faces today's rapidly evolving and increasingly sophisticated attacks.

Looking for SOC Analyst jobs? While a degree can help in becoming a SOC Analyst, it isn’t always compulsory and can be achieved through education, certifications, and dedication! One of the most significant benefits of pursuing a career as a SOC Analyst is that you can learn on your own through TryHackMe, in the comfort of your own home. This makes it an excellent way to get a foothold in the field!

We also recommend cluing up on some of the most frequently asked SOC Analyst interview questions:

• How would you explain risk, vulnerability and threat?
• What is the difference between asymmetric and symmetric encryption, and which is better?
• What is an IPS, and how does it differ from IDS?
• What is XSS, and how will you mitigate it?
• What is the difference between encryption and hashing?
• What is the difference between VA and PT?
• Are you a coder/developer, or do you know any coding languages?
• What is a security misconfiguration?
• What is a black hat, white hat and grey hat hacker?
• What is the CIA triangle?
• What objects should be included in a penetration testing report?
• How do you keep yourself updated with information security news?

Our SOC Level 1 pathway answers these questions and equips you with the knowledge and skills to break into the field of defensive security operations.