Advice regarding "SOC" job that automates everything
Apologies but I missed a few key details previously.
I recently got a Job as Jr Security Analyst in a company that bought an Al SOAR solution that handles end to end SOC tasks from another vendor. Everything here is a closed loop and I am only in charge of analysing and generating reports
There is no SOC or IT team in the company and I am the only person they hired (so far) to handle this job.
I am able to get the raw logs but only after the fact / mitigation from SOAR
What would vou do in my position? I am planning on getting Security+ > BLT1 > self-teaching mysel the relevant skills to develop some sort ot blaybook and get good at analysing logs
To be honest, I am quite a bit lost on this as I have no one else to learn from and do not even handle any basic SOC tasks currently.