My Cybersecurity Journey: From Curiosity to Career in the SOC

Welcome to my very first blog post! I’m Marnay, a passionate cybersecurity analyst, incident responder, and lifelong learner. My path into cybersecurity wasn’t a straight line—it was a journey filled with curiosity, self-discovery, and a lot of hard work. If you’re someone who’s thinking about breaking into the field or just curious about what a real-world cybersecurity career looks like, this post is for you!

My journey into cybersecurity started in an unexpected place—watching Criminal Minds. Seeing how Penelope Garcia helped solve crimes sparked my curiosity about the tech world beyond traditional IT support. I’ve always been the family’s go-to person for setting up and troubleshooting anything tech-related, but this was the first time I realized there were roles in tech that combined problem-solving, investigation, and impact.

In college, I dove deeper into shows like Criminal Minds and started seeing myself in roles that were more investigative. Although I eventually dropped out of college, my job afterward—working in a field that dealt heavily with HIPAA compliance—exposed me to real-world consequences of security lapses. I spoke with elderly customers who had been scammed out of their money, forcing them to make heartbreaking choices between food and medicine. That stuck with me.

I’ve always been a naturally nosy person (my family loves to remind me of that), and they used to say I’d make a great detective. I never saw myself as a police officer, but the idea of becoming a “digital detective” clicked. Younger me would be proud knowing I found a way to combine my curiosity with helping people.

Like many who start exploring cybersecurity, I first thought I wanted to be an ethical hacker—because let’s face it, that’s the “exciting and popular” cybersecurity title. But as I started learning more about it, it just didn’t click. The tools, the mindset—it wasn’t for me.

That’s when I discovered the Blue Team side and fell in love with defending. There’s something empowering about being the person who stops the bad guys, who pieces together an incident like a digital puzzle.

That’s not to say it was all smooth sailing. Understanding how everything works together was tricky, and remembering all the acronyms felt like learning a new language. But I leaned into a mix of resources—YouTube videos, books, hands-on labs, and online courses—to bridge the gaps.

Staying motivated wasn’t always easy. Life happens. There were moments where I questioned if I could keep going. But what kept me grounded was the desire for a better life, financial stability, and a career I could be proud of. Online communities became my lifeline—I joined cybersecurity Discords, LinkedIn groups, and forums to stay connected, accountable, and inspired.

When it was time for my first interview, I turned to the trusty duo—Google and YouTube. I had a solid foundation from a year of self-study, but I was still nervous. To ease my anxiety, I practiced common cybersecurity interview questions, revisited core concepts, and brushed up on fundamentals.

But my biggest challenge? Imposter Syndrome.

Even today, it lingers. I still have moments where I ask myself, “Am I really good enough for this?” I worry about missing something critical—what if I overlook a major threat and it escalates? What if my boss realizes I’m not as skilled as they thought?

But here’s what I’ve learned: Imposter Syndrome is common in cybersecurity. It’s a field that moves fast, where even seasoned pros feel like beginners sometimes. The key is to recognize it, push through, and remind yourself that you earned your spot.

I spent my time as a SOC Analyst working for an MSSP (Managed Security Services Provider), monitoring over 100 company environments, investigating phishing attacks, and helping stop Business Email Compromise (BEC) incidents and ransomware threats. It was a high-pressure, fast-paced role that strengthened my skills in log analysis, threat detection, and incident response.

I now work on an Incident Response Team, continuing my journey in cybersecurity, but that’s a story for another post.

• Skills Matter More Than Certifications: While certifications can help, it was self-study, hands-on labs, and consistent practice that landed me my first role.
• The Blue Team is Exciting Too! Everyone talks about hacking and penetration testing, but threat detection and incident response are just as rewarding.
• Stay Curious: Cybersecurity is always evolving. Keep learning, whether it’s KQL, AWS Security, or digital forensics.
• Soft Skills Matter: Clear communication and teamwork are crucial, especially during high-pressure incidents.
• Imposter Syndrome is Normal—Push Through It: Everyone feels it at some point. Don’t let it hold you back.

If you’re thinking about breaking into cybersecurity, go for it! You don’t need to follow a traditional path. Stay curious, keep learning, and surround yourself with people who inspire you.

Thanks for joining me on my first blog post! If you have questions about getting into cybersecurity or want to share your journey, drop a comment below or connect with me on Twitter (@CyberSecNay_) and LinkedIn.

💥 Stay curious, stay secure! 💥