Pros: staff bbqs in summer and potlucks in winter, happy hours with co-workers
Cons: short staffing, short tempered shift leads, high stress
Daily tasks can differ in the SNOC since the tasks are split between the Security Operations Center side of the house or on the Network Operations Center side.
SOC duties include monitoring and reporting on security incidents that appear in the different console tools such as ArcSight, ePO, or incidents being reported by service desk, – more... field agents, and the USCIS command center. Triage on systems can be done via the ePO console. Should an infected machine be found, or other security event needing personnel on the group, tasking will be sent to the regional managers to then be forwarded to local teams to deal with the infection vectiors, PII spills, or any other security breaches.
NOC duties are to monitor the network using Netcool and NetVoyant tools. If outages occur, I am responsible to make sure the appropriate personnel are contacted to take care of the outages. I also assist the team if Cisco switch port activations are required by Desktop Service Managers out in the field offices when computers need to have network access.
I have learned a lot more about how networks function and how there are different tiers of switches in a network. By utilizing a higher level switch, one can pinpoint where devices are on a network by working your way down the switching levels. I have also learned about all the different sorts of devices in a network such as a riverbed for example and how a riverbed learns what sort of data is being sent through it, and then learns how to send that data faster. I have also learned basic to intermediate internal commands on how to operate Cisco switches in an enterprise environment.
With security incidents, I have learned how to look at a situation and identify the cause of the incident and figure out what steps are needing to be done to start remediation on the issue.
Management is generally willing to listen to you if you bring them a problem. This has varied during my time at General Dynamics since I had several changes in management but having a manager that makes you feel like you are doing a good job and are a valuable member of the team, is a wonderful thing indeed.
The co-workers I have are fun to work with. All are willing to assist if one were to ask their help.
The hardest part of the job would be to learn all different processes and checklists that were put in place with all the different issues that the SNOC deals with on a daily basis.
The most enjoyable part of the job is the feeling of accomplishment after a rather tough case is finished whether it is on the network or security side. – less