Sec analyst role
Writing
I’ll add some context first.
I’m starting a security analyst role next month after spending the last 4 years in L1 support. Security is the path I’ve wanted to go down for a while, and due to some circumstances I’m moving into the role sooner than originally planned. I’m genuinely excited about it, but also pretty nervous.
I’ve already worked on a few cases and I’ve noticed that sometimes I still think too much like L1 support. I can either overthink an investigation or not think deeply enough, and I’m trying to improve the way I approach cases so my methodology is more structured and intentional.
One area I’m currently struggling with is email investigations and remediation — specifically analysing headers, MX records, embedded links, and understanding how to properly assess and respond to suspicious emails. If anyone has resources, labs, training material, or advice that helped them improve in this area, I’d really appreciate it.
Overall, I’ve made huge progress over the last year in both my technical ability and confidence. My future manager, who’s the Director of Information Security, has been really supportive and believes I’m ready for the role. I just don’t want to make careless mistakes that could negatively impact the business or the people around me.
I’ll also be working alongside someone who’s extremely good at what they do, and I don’t want to be the weak link on the team regardless of the positive feedback I’ve received so far. Especially during active investigations where playbooks either aren’t fully developed yet or don’t exist at all, I want to make sure my decisions are thoughtful, well-reasoned, and aligned with industry best practices.
That said, I’m also proud of how far I’ve come. Moving from L1 support into a proper security role while still in my early 20s feels like a huge step forward for me professionally and technically, and I’m motivated to keep pushing myself and learning as much as possible.
Thanks in advance, and I’m looking forward to starting on Monday.