Microsoft Entra Suite Tech Accelerator
Aug 14 2024, 07:00 AM - 09:30 AM (PDT)
Microsoft Tech Community

Beginner to Security Analyst

Copper Contributor

Hi Community,

I have searched across the internet but cannot find a real-life example or path. I'm a complete beginner in the security field (Passed my SC900, AI900, AZ900). I want to become a security analyst (sc 200). That's just the exam but I know I need to dive into networking, KQL, powershell(I have experience in this), bash and eventually do some go & python programming. 

Is it wise for me to jump into sc200 by October then learn the rest as I go by? The aim is to switch careers in 5months. Or should I do sc400 then sc300 then sc200. I have some AD experience and a bit of helpdesk experience in triage.

(If these questions have been asked before, please do point me to the right direction).


Muchos gracias

3 Replies
If you want to be a security associate you should take I would suggest to go with AZ-500 which is much better that covers all the security aspects including Azure AD and since you are already qualified for AZ-900 it makes sense
you can refer this URL below from Microsoft and click on which track you want to go
If you want to focus on SC 300 it will focus more on Identity and SC 200 on security operation which covers defender and I guess sentinel and SC -400 on information protection and data loss irrespective which ever you do I would still suggest AZ-500 because it cover the concepts from all these areas and talks more on security at Azure level not at individual level refer this URL nothing better u can find
Thanks. AZ500 is a goed choice, however there are no current cloud challenges for it provided by Microsoft. Best I can find is sc200. I think we will have to wait until next year for it.
Thing is that if you want to become a soc analyst, the sc-200 certification of microsoft forms a good basis. Next to that i would suggest getting the more general ones. Meaning az-500 and ms-500. this will give you a good general understanding on the security in azure and microsoft365 environments. sc-300 and sc-400 might be less interesting as a soc analyst.

actually the following is quite a good link. Provides a starting point on what certifications might be interesting for you as a soc analyst in general.

as a soc analyst you tend to be on a blue time side of things. Look for certifications that help you as a blue team member. You could also do a more mixed approach. This would then become a pruple team. I would suggest searching for certifications related to that.