SOC Analyst Forced Into Unintended "Phishing Analyst" Role Despite Job Description

A SOC analyst shares that they were hired to hunt threats and investigate incidents but now spend 60% of their time sorting through employee-reported emails. Most of these reports involve spam or legitimate emails that employees fail to recognize, rather than actual phishing attempts. Management justifies this task as critical for security awareness, but the analyst feels they are no longer learning and are reduced to functioning as an email helpdesk.