Microsoft Entra Suite Tech Accelerator
Aug 14 2024, 07:00 AM - 09:30 AM (PDT)
Microsoft Tech Community

Beginner to Security Analyst

Copper Contributor

Hi Community,

I have searched across the internet but cannot find a real-life example or path. I'm a complete beginner in the security field (Passed my SC900, AI900, AZ900). I want to become a security analyst (sc 200). That's just the exam but I know I need to dive into networking, KQL, powershell(I have experience in this), bash and eventually do some go & python programming. 

Is it wise for me to jump into sc200 by October then learn the rest as I go by? The aim is to switch careers in 5months. Or should I do sc400 then sc300 then sc200. I have some AD experience and a bit of helpdesk experience in triage.

(If these questions have been asked before, please do point me to the right direction).

 

Muchos gracias

3 Replies
If you want to be a security associate you should take I would suggest to go with AZ-500 which is much better that covers all the security aspects including Azure AD and since you are already qualified for AZ-900 it makes sense
you can refer this URL below from Microsoft and click on which track you want to go
https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE4wyqh
If you want to focus on SC 300 it will focus more on Identity and SC 200 on security operation which covers defender and I guess sentinel and SC -400 on information protection and data loss irrespective which ever you do I would still suggest AZ-500 because it cover the concepts from all these areas and talks more on security at Azure level not at individual level refer this URL nothing better u can find
https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE4J5ea
Thanks. AZ500 is a goed choice, however there are no current cloud challenges for it provided by Microsoft. Best I can find is sc200. I think we will have to wait until next year for it.
Thing is that if you want to become a soc analyst, the sc-200 certification of microsoft forms a good basis. Next to that i would suggest getting the more general ones. Meaning az-500 and ms-500. this will give you a good general understanding on the security in azure and microsoft365 environments. sc-300 and sc-400 might be less interesting as a soc analyst.

actually the following is quite a good link. Provides a starting point on what certifications might be interesting for you as a soc analyst in general. https://pauljerimy.com/security-certification-roadmap/

as a soc analyst you tend to be on a blue time side of things. Look for certifications that help you as a blue team member. You could also do a more mixed approach. This would then become a pruple team. I would suggest searching for certifications related to that.