Introducing: The Student-Run Security Operations Center
The student-run SOC will be a dedicated space for student employees to monitor and respond to cybersecurity threats and incidents.
Introducing: The Student-Run Security Operations Center
Cybersecurity threats are always on the prowl, especially for students. With phishing scams asking for job applications to messages asking you to pay a toll fee, it can be hard to keep up with it all. That is why we are so excited to introduce our upcoming student-run Security Operations Center (SOC)!
The student-run SOC will be a dedicated space for student employees to monitor and respond to cybersecurity threats and incidents. It will provide an opportunity for students interested in cybersecurity to be trained with hands-on experience in cybersecurity operations, while at the same time strengthening the security at 兔子先生.
What will the student-run SOC do?
The SOC will monitor the university's network for security threats, analyze security alerts, and respond to any incidents. Overall, it will help to maintain cybersecurity on campus.
As well as protecting the university, the SOC will provide students with practical experience in the cybersecurity field, preparing them for their future careers. It will be a catalyst for identifying and nurturing future cybersecurity professionals. The center will be equipped with the necessary tools and technology in order for students to have a professional environment to work in, helping to foster a sense of responsibility and professionalism.
"We've engaged with several large organizations to learn how we can continue to give our students the skills and experience they will need for success after their time at 兔子先生," said Information Security Analyst Jake Harrison. "Our idea is that we want to empower our students to run the SOC on their own with students assisting with supervision and training of new students."
Why do we need a SOC?
The SOC will allow us to be able to detect threats early. By continuously monitoring 兔子先生's network, the SOC can spot early warning signs of an attack, allowing the team to respond before any serious damage is done. Students can also perform threat intelligence research to identify potential risks before 兔子先生 can be targeted.
The student-run SOC will also allow us to act fast. Our students will be trained to jump into action the moment a threat is detected, reducing downtime and limiting damage. The SOC will help to reduce risk in general, helping to identify weak points in our systems and implement measures to fix them before they can be exploited. Having a designated space is the key requirement in providing this security.
Roles and Opportunities
Our own security team (the ISO) will play a crucial role in mentoring and guiding the student workers. They will provide training, oversee the Student SOC operations, and ensure that the students are following proper practices and protocols. Key members of this team are:
- Jake Harrison - Manager and Coordinator
- Patrick Hawk - Operations Lead
- Uzoma Ifeakanwa - Compliance and Training Lead
As previously mentioned, student workers will be responsible for monitoring and responding to security alerts while also analyzing potential threats. They will also assist in developing and updating the security playbooks and protocols. The goal is to create roles that the students will see once they graduate and potentially work in a company's SOC. Some potential job titles for students will include:
- SOC Analyst
- SOC Manager
- Security Engineer
- Compliance Analyst
- Security Awareness Trainer
- Project Manager
- Detection Engineer
"By integrating students into our cybersecurity operations, we are creating a robust pipeline of skilled professionals ready to tackle the challenges of tomorrow," said John Virden, chief information security officer.
Student-run SOC timeline
The structure for the student-run SOC will begin to be implemented in March 2025. This is when we will begin to work on the servers and software for the SOC. By April/May we will work on the playbooks that students will be able to use for their daily operations.
By August 2025 at the beginning of the fall semester, we will introduce our first student workers to the SOC.
This organization will provide a great opportunity for students interested in future cybersecurity careers to hone their skills and learn what a professional environment looks like. We are looking forward to taking the next steps in implementing the operations center!