Scribd
Upload
107 views4 pages

60 Day SOC Analyst Plan

The document outlines a 60-day plan for aspiring SOC analysts to gain hands-on experience and secure part-time remote jobs while studying. It includes weekly goals, tasks, and resources focused on SOC fundamentals, incident investigation, and job application strategies. The final objective is to earn $2,000-$4,000 per month in a remote SOC role.

Uploaded by

mszboy1083
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
107 views4 pages

60 Day SOC Analyst Plan

The document outlines a 60-day plan for aspiring SOC analysts to gain hands-on experience and secure part-time remote jobs while studying. It includes weekly goals, tasks, and resources focused on SOC fundamentals, incident investigation, and job application strategies. The final objective is to earn $2,000-$4,000 per month in a remote SOC role.

Uploaded by

mszboy1083
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 4

60-Day SOC Analyst Plan (Land a Remote Part-Time Job & Start Earning)

Goal: Gain hands-on SOC experience, apply for part-time remote SOC jobs, and start
earning while studying.
Requirements: POP!_OS (Linux), Basic Python, Cybersecurity Interest.
Tools: Splunk (Free), Microsoft Sentinel (Cloud), Zeek, Wireshark, Sigma Rules,
CyberDefenders, Open Threat Intelligence Tools.

🔹 Week 1-3: Foundations & SIEM Basics

Goal: Understand SOC workflows, set up Splunk, and analyze logs.


🔹 Day 1-3: Introduction to SOC & Cybersecurity Basics
 SOC Analyst role, responsibilities.
 Security Operations workflow.
 Basics of SIEM, Log Analysis, Threat Intelligence.
Resources:
 John Hammond - What is a SOC?
 Cybrary - SOC Analyst Training
Task: Summarize SOC roles & post on LinkedIn.
🔹 Day 4-9: Setting Up Your SOC Lab & Splunk
 Install Splunk Free for log analysis (No ELK).
 Set up Microsoft Sentinel (Optional).
 Learn Splunk Basics: Indexing, Searching, Dashboards.
 Hands-on practice with sample logs.
Resources:
 Splunk Free Download
 Microsoft Sentinel Documentation
Task: Load sample logs into Splunk & create a basic dashboard.
🔹 Day 10-15: Log Analysis & Network Traffic Analysis
 Learn about syslog, journald, and Zeek (network monitoring tool).
 Understand Linux Authentication Logs (Auth.log, Syslog).
 Install and configure Wireshark & Zeek.
 Capture network traffic and identify anomalies.
Resources:
 Zeek Network Security Monitor
 Linux Log Analysis Guide
 Wireshark Beginner Guide
Task: Find failed SSH login attempts in logs & document network anomalies.
🔹 Day 16-21: Advanced SIEM Queries & Threat Hunting
 Learn Splunk SPL queries for SOC threat hunting.
 Find Brute Force & Phishing attempts in logs.
 Study MITRE ATT&CK tactics & techniques.
Resources:
 Splunk Security Essentials
 MITRE ATT&CK
Task: Create a SIEM alert for multiple failed SSH logins & document findings.

🔹 Week 4-5: Real Attacks & Incident Investigation

Goal: Investigate cyber attacks, detect threats, and document incidents.


🔹 Day 22-24: Investigating Brute Force Attacks
 Detect SSH brute-force attempts in logs.
 Automate brute-force detection using Python.
Resources:
 TryHackMe Brute-Force Room
Task: Write a Python script to detect brute-force attacks.
🔹 Day 25-28: Investigating Phishing & Email Security
 Find malicious PowerShell execution logs.
 Investigate phishing email headers.
Resources:
 Email Header Analysis Guide
Task: Analyze a phishing email & extract IOCs.
🔹 Day 29-33: Ransomware & Advanced Threat Analysis
 Identify ransomware activity in SIEM.
 Investigate C2 (Command & Control) connections.
Resources:
 TryHackMe: Ransomware Analysis
Task: Write a SOC report on a simulated ransomware attack.
🔹 Day 34-37: Incident Response Simulation
 Simulate and respond to an internal SOC incident.
Task: Write an Incident Report documenting your findings.

🔹 Week 6-8: SOC Automation, Freelancing & Job Applications

Goal: Automate SOC tasks, strengthen job applications, and start freelancing.
🔹 Day 38-40: Apply for Remote Part-Time SOC Analyst Jobs
 Optimize LinkedIn profile with SOC keywords.
 Update resume & apply for at least 10 part-time remote SOC jobs.
Task: Share a LinkedIn post showcasing your SIEM work.
🔹 Day 41-44: Python for Log Analysis & Threat Hunting
 Parse logs using Python + Pandas + Regex.
 Detect suspicious IPs, failed logins, anomalies.
Resources:
 Python for Cybersecurity
Task: Automate failed login detection with Python.
🔹 Day 45-48: Threat Intelligence & Open-Source Tools
 Use Shodan, VirusTotal API, and OSINT tools.
Resources:
 Shodan
 VirusTotal
Task: Investigate a suspicious IP using OSINT tools.
🔹 Day 49-52: Freelancing - Offer SIEM Log Analysis Services
 Create an Upwork/Fiverr gig offering Splunk setup & log analysis.
Task: Set up a freelancing profile and get your first gig.
🔹 Day 53-55: Writing SOC Incident Reports
 Learn professional incident reporting standards.
Task: Publish an Incident Report on GitHub.
🔹 Day 56-60: Final Prep & Career Scaling
 Network with recruiters & prepare for SOC interviews.
 Apply for remote SOC jobs with flexible work hours.
Task: Conduct mock SOC interviews & finalize job applications.
🚀 Final Goal: Secure a remote part-time SOC role & earn $2,000-$4,000/month while
studying!

You might also like