Article by Bern Bautista 

From database administration to fending off cyber threats, my career has evolved significantly as I've navigated the complex landscape of cyber security. As a Senior Security Operations Centre (SOC) Analyst at CGI, I take pride in safeguarding our clients from a range of cyber security dangers. In this role, which stretches far beyond simply monitoring, I work with our team and clients to counteract and proactively hunt for threats, whilst contributing to the development and refinement of our systems to better adapt to ongoing advancements in our client’s cyber security realm.

My journey so far …

Reflecting on my journey to becoming a SOC Analyst, I'm grateful for the diverse experiences accumulated over 15 rewarding years at CGI. Before joining the SOC Team, I served as a Senior Database Administrator, navigating various projects and technologies. Additionally, my involvement in application development projects honed my skills in both front-end and back-end coding.

At CGI, the opportunity to collaborate with different teams and perform different roles has enriched my understanding and expertise, providing valuable lessons learned from my esteemed colleagues, past and present.  This has been instrumental in shaping my professional skill set.

It was my interest in the complexity of cyber security that steered me towards joining the SOC team where real threat scenarios show the intense dynamics between attackers and defenders. Climbing the ladder to a Tier 2 Senior Analyst has meant greater responsibility, not just in providing subject matter expertise to the SOC team but also in leading our efforts to boost our clients' defences. In addition to fine-tuning security systems and reporting, my Tier 2 role encompasses proactive threat hunting, reducing vulnerabilities, and enhancing Security Operations. Additionally, I find immense satisfaction in mentoring the junior analysts, preparing them to meet the challenges of effectively combatting cyber security threats.

Essential skills for a SOC Analyst

In the rapidly evolving field of cyber security, you need a blend of technical acumen, analytical thinking, and interpersonal skills to be successful. Staying up to date with the latest developments in threats and security measures is non-negotiable. The ability to scrutinise information thoroughly, recognise patterns and act decisively, complements the strong technical know-how imperative for the role. Additionally, clear communication and teamwork, enhances the effectiveness of performing threat detection, and helps our clients shape a robust defence.

Confronting challenging incidents

The most challenging and interesting incident I have handled was as a new SOC member, and I was to investigate a phishing email. Back then, I only had knowledge of a few analysis tools and the email source code was obfuscated multiple times.  I had to decode the content, understand the script's logic, identify and reverse the string manipulations, and then repeat these same steps until arriving at the final readable code. Collaborating under pressure with the incident response team taught valuable lessons about the necessity of constant skill enhancement and maintaining composure under pressure.

The importance of teamwork in the SOC

Cyber security thrives on a collaborative spirit, where the swift exchange of information and expertise can mean the difference between a security breach and a failed attack. In the SOC team, effective collaboration is the catalyst for timely threat detection and mitigation, allowing us to leverage varied skill sets for a unified defence against cyber adversaries.

Staying ahead of the game: adapting to new threats

Continuous education is the bedrock of our profession, and it's through continuous learning—from intelligence feeds, advisory, and training—that we refine our techniques. Automating more simple tasks permits us to channel our focus towards strategic threat hunting and intensive investigations, which are critical in warding off sophisticated cyber assaults.

The emergence of AI and the cloud are double-edged swords, shaping the new challenges the SOC must confront. As threats achieve greater finesse and the volume of alerts escalate, staying updated on trends and enhancing my skills becomes imperative. The digital arms race stresses the need for a workforce adept at navigating through cyberspace complexities, highlighting the importance of continuous development of cyber security professionals - they will be critical to our future.

What’s next?

Looking forward, I am keen to delve deeper into incident response tactics, strengthen my threat hunting techniques, and grasp the nuances of security architecture. The interplay of communication skills with technical expertise paints a holistic picture of what I aim to develop next.

My tenure as a SOC Analyst at CGI has been more than just a job; it is a role where the quest for knowledge never ceases, teamwork is imperative, and every new challenge becomes an opportunity to learn and to fortify our systems and client environments. The landscape continues to evolve, and so do I.

If you are interested in finding out more about a career in cyber security at CGI visit the cyber careers page.