In this Intern Review, we talk to Alexia Lazcano to learn what it’s like working in a SOC and how that’s influenced her outlook and career path in cybersecurity.
Our Winter 2022 intern cohort has three cyber-hungry interns who’ve eagerly jumped into learning what it’s like working in a Security Operations Center (SOC). Now that we are nearing the end of this internship cohort, we thought it was time to conduct an interview to learn what life’s really like inside the SOC at Ingalls! Read on to hear from our amazing intern Alexia Lazcano.
What have you learned about working within a SOC during this internship?
I have always had a difficult time envisioning what work in a SOC looked like. Of course, I knew there were logs to be seen and alerts to pay attention to, but the different tools and approaches are what make the meat and bones of the SOC operation. Working in a SOC means that one has to be resourceful and not afraid to use what they have already learned to find out new information. Critical thinking and the ability to dissect issues is crucial to solving problems efficiently.
What's the most interesting threat actor attempt you've seen?
One fascinating thing I have noticed in the phishing emails is the use of HTML files that attempt to get the user to go to a fake Microsoft login site. While this itself is mundane, the ones that are particularly interesting are the ones that fail to load or have ridiculous names attempting to convince the victim that it is an audio file with an .html extension.
How has this internship influenced your outlook and career path in cybersecurity?
I think this internship has made it easier for me to chart a path to take. I have been told that working in a SOC for a little bit will help both build a foundation and give experience and for me it has done exactly that. I want to continue working in a SOC for a little while longer and then move onto working in CTI and threat hunting. Ultimately, I think this will help my dream of working in digital forensics.
What are your favorite resources for what's happening in cybersecurity?
Bleeping Computer and The Hacker News have been my go-to, but I have recently started listening to a few podcasts that regularly upload episodes on current events. Cybersecurity Today, CyberWire Daily, and Malicious Life are great for concise looks at these events.
What are your activities/educational goals for the next year?
I am currently in my last semester of my MSIT, Cyber Security degree, so I am hoping to graduate this May. Following this, I plan to get the CompTIA CySA+ certification.
What do you enjoy doing in your free time to reach work-life balance?
I spend most of my free time playing video games and when I have the energy, I will go to the gym for weightlifting. Time management has been difficult with both school and work, but I always carve out time each week to relax.