What Should You Be Looking For to Hire High Quality Cybersecurity Professionals?
Augmenting your security operations center (SOC) to a security vendor is a common reality for most small to medium size organizations. With the shortage of trained cybersecurity professionals and the increasing risks and threats to organizations, it’s important to have the best team. In order to help organizations build a high performing SOC team, we’ve assembled a list of the top skills we look for to help you qualify your candidates. Here is a list of the top three traits you should be looking for in the 3 major SOC team roles; security director, analyst, and developer.
Top Qualities for a SOC director
- A SOC director has to have expert knowledge of information technology. They need to have working knowledge of network configuration and architecture. Additionally they need to know the software applications and hardware infrastructure they are dealing with in their environment. Beyond just knowing their internal IT, a director needs to stay up-to-date on the technology both by the SOC team and in the industry to stay at the top of their game.
- The SOC director has to have people skills and patience. Oftentimes a SOC director works with security analysts to formulate data into a format that can be used to communicate with stakeholders. If your team discovers a threat, policy violation, or compliance issue, you will most likely interact and communicate with an auditor or the stakeholder..
- Good communication skills are required for a director of SOC. Communications skills are required because they are taking information from their cybersecurity team and reporting or communicating to other stakeholders. Not every person you’re relaying the information to has the same level of working knowledge, so it’s important to have good communication skills to translate the information in a way that the listener can understand and act upon.
Top Qualities for Security Analysts
- One of the first qualities to look for in an analyst is a person that is inquisitive. This is important because you don’t want the person to become disinterested when reviewing logs or analyzing data. They should be curious about the information they’re reviewing and willing to dig deeper than what’s just on the surface.
- Secondly, a great analyst should not be quick to give up when they can’t find the answer right away. In the cybersecurity world, specifically with data, a security analyst reviewing raw data (logs). They’re reviewing the source and context and have to look at the information from multiple different angles to “analyze” the data. Often this process doesn’t come quickly, so you need someone who can stay with it until they find the answer.
- Lastly your analysts should be capable of writing code. Whether it’s bash, Python, PowerShell, or another language for the task at hand, they need some sort of ambition to learn and write code. This will account for roughly 10 to 20% of their daily activities. Look for someone who’s willing to step outside their preferred code language in order to solve a problem. This will show you how committed they are to learning something to solving a security related issue.
Related: What does a Security Analyst Do?
Top Qualities for Developers:
- A developer on a SOC team needs to have a clear passion for cybersecurity as well as writing code. Good developers will need to have an analyst’s mind to understand current issues. Additionally, they will be developing code to functionally address the problems.
- They have to understand how to write code securely. Not all code is created equal. Understanding and mitigating potential vulnerabilities in development is crucial to a cybersecurity developer. They need to understand what the logs and SIEM are telling them. This is important for creating code to fight and defend your organization.
- A great developer needs to know and understand the enemy. They should be staying current on tactics, technology, and methods used in attacks to stay ahead of the threats.