Weekly thread for any and all career, learning and general guidance questions. Thinking of taking a training or going for a cert? Wondering how to level up your career? Wondering what NOT to do? Got other questions? This is the time and place to ask!
I’ve always been curious if command centers are a thing in cyber security. Is there a room full of people at every major bank monitoring infrastructure health and network traffic for signs of infiltration or compromise, ready to pounce? And if so, is that as cool of a job as it sounds or am I delusional?
From my experience, all of this is mostly done remotely now, SOC / cybersecurity / threat intelligence analyst is probably the title you are looking for.
And it’s boring as fuck, most of the things are already set up, all alerting in your log aggregators, SIEMs and SOARs, playbooks for days, nearly 0 agency, just watch the feed, spot stuff and execute like a robot.
That’s being said, it’s where a lot of security engineers start, and if you get through this you may actually get to the part that is more interesting and requires actual experience and knowledge.
But imho you are far better off getting into security via software development / sysadmin /devops routes, it’s just way more interesting that way.