A Test Tool to Evaluate the Skill Sets of Tier-1 Security Analysts in a SOC Environment: A Case Study from Recruitment to Operations

Leon Kersten (TU Eindhoven)

The skill set of tier-1 (T1) analysts have a great influence on the day-to-day operations of a Security Operation Center (SOC). Therefore, it is critical for a SOC to be able to evaluate the relevant skill sets of incoming analyst at recruitment and throughout their progress at the SOC. In this short paper, we identify from extant literature the relevant skills an analyst needs, and devise a test to evaluate those in collaboration with a commercial SOC. We conduct a case study of this test with three aspiring analysts at the collaborating SOC over a period of three months. Our case study shows that the test can be used to evaluate different skills of an analyst and can give insights at the SOC on analyst progress and training effectiveness, opening avenues for a full validation of the testing framework in future work. We discuss results, limitations, and future directions of this work.

Paper

View More Papers

TrajDeleter: Enabling Trajectory Forgetting in Offline Reinforcement Learning Agents

Chen Gong (University of Vriginia), Kecen Li (Chinese Academy of Sciences), Jin Yao (University of Virginia), Tianhao Wang (University of Virginia)

CCTAG: Configurable and Combinable Tagged Architecture

Zhanpeng Liu (Peking University), Yi Rong (Tsinghua University), Chenyang Li (Peking University), Wende Tan (Tsinghua University), Yuan Li (Zhongguancun Laboratory), Xinhui Han (Peking University), Songtao Yang (Zhongguancun Laboratory), Chao Zhang (Tsinghua University)

Security Signals: Making Web Security Posture Measurable at Scale

Michele Spagnuolo (Google), David Dworken (Google), Artur Janc (Google), Santiago Díaz (Google), Lukas Weichselbaum (Google)