Transitioning to SOC Tier 1: Overcoming Hiring Barriers with Practical Skills

The poster has spent over 800 hours over five months building practical SOC skills, including incident triage (PCAP analysis, PowerShell de-obfuscation, Living off the Land detection), SIEM engineering (Wazuh/ELK stack with Sysmon and custom KQL/Lucene queries), and adversary emulation using Atomic Red Team. They maintain a GitHub portfolio with MITRE ATT&CK-mapped incident reports and seek advice on overcoming hiring barriers like degree requirements and HR filters. Key concerns include the value of hands-on certifications (BTL1, CCD) over entry-level ones (Security+) and addressing false positive tuning gaps in enterprise environments.