Search Icon
Register

A Test Tool to Evaluate the Skill Sets of Tier-1 Security Analysts in a SOC Environment: A Case Study from Recruitment to Operations

Leon Kersten (TU Eindhoven)

The skill set of tier-1 (T1) analysts have a great influence on the day-to-day operations of a Security Operation Center (SOC). Therefore, it is critical for a SOC to be able to evaluate the relevant skill sets of incoming analyst at recruitment and throughout their progress at the SOC. In this short paper, we identify from extant literature the relevant skills an analyst needs, and devise a test to evaluate those in collaboration with a commercial SOC. We conduct a case study of this test with three aspiring analysts at the collaborating SOC over a period of three months. Our case study shows that the test can be used to evaluate different skills of an analyst and can give insights at the SOC on analyst progress and training effectiveness, opening avenues for a full validation of the testing framework in future work. We discuss results, limitations, and future directions of this work.

Paper

View More Papers

Scale-MIA: A Scalable Model Inversion Attack against Secure Federated...

Shanghao Shi (Virginia Tech), Ning Wang (University of South Florida), Yang Xiao (University of Kentucky), Chaoyu Zhang (Virginia Tech), Yi Shi (Virginia Tech), Y. Thomas Hou (Virginia Polytechnic Institute and State University), Wenjing Lou (Virginia Polytechnic Institute and State University)

Read More

ScopeVerif: Analyzing the Security of Android’s Scoped Storage via...

Zeyu Lei (Purdue University), Güliz Seray Tuncay (Google), Beatrice Carissa Williem (Purdue University), Z. Berkay Celik (Purdue University), Antonio Bianchi (Purdue University)

Read More

Automatic Insecurity: Exploring Email Auto-configuration in the Wild

Shushang Wen (School of Cyber Science and Technology, University of Science and Technology of China), Yiming Zhang (Tsinghua University), Yuxiang Shen (School of Cyber Science and Technology, University of Science and Technology of China), Bingyu Li (School of Cyber Science and Technology, Beihang University), Haixin Duan (Tsinghua University; Zhongguancun Laboratory), Jingqiang Lin (School of Cyber…

Read More

CounterSEVeillance: Performance-Counter Attacks on AMD SEV-SNP

Stefan Gast (Graz University of Technology), Hannes Weissteiner (Graz University of Technology), Robin Leander Schröder (Fraunhofer SIT, Darmstadt, Germany and Fraunhofer Austria, Vienna, Austria), Daniel Gruss (Graz University of Technology)

Read More