I’m an analyst, there’s no question about it. I’ve been in an engineering role and never cared for it. I want to catch the bad guys; being in an analyst/threat hunting role, I feel like there’s no better position to do just that. The best feeling is finding something that might have slipped by a detection system, tracking an incident then putting a timeline of events together for others or just figuring out a problem for another department by looking at the data. This is what I enjoy the most.
I’ve been in IT for over a decade but have been interested in security even since high school. It had been a running theme throughout my life, but in 2014 I started my first security role and never looked back. Security is my way to protect those around me and be an asset to others who want to learn about this field.
Most of this blog will be conversational in nature. There are enough technical blogs but not enough information about the analyst role and issues we face. I don’t believe any of these posts will change the industry. But this blog’s purpose is similar to a quote by Andre Gide: “Everything that needs to be said has already been said. But, since no one was listening, everything must be said again.” So this is my way of saying what has probably been said by thousands of security professionals who have stated multiple times before, but in my own words.