AdobeStock 428712893

Specialist Spotlight, December: Craig Evans, SOC Manager

“This industry has unrivalled development opportunities, along with the fact that it’s a guaranteed life-long career which is just going to become more important. It’s such a vast field that you literally could spend your entire career studying something new every day.”

Introducing Craig Evans, Security Operations Centre Manager at Norm. Craig has shared his journey in the cyber security industry with us, including his insights into career-switching, facing rejection, and how to overcome lack of experience on your CV.

About Craig

So, it seems I have caught the cyber security virus! (See what I did there). I am a highly passionate Cyber Security Advocate who is working hard on developing my skillset to secure networks and help protect against Cyber Crime. I have directed my focus in the last two years to gain the knowledge and understanding to excel in Cyber Security and the learning has not stopped.
I currently head up the Security Operations Centre and I’m enjoying developing the operation within a rapidly expanding business.
In my spare time (which is rare with two young boys) I perform as a singer live and complete recordings, keep myself fit with weightlifting and boxing alongside continuing my studies.


Craig Evans (Threat Detection and Response Manager)

What does an average working day look like for you as a SOC Manager at Norm?

Every day is different, and I think that’s one of the benefits of working in cyber security. Take today for example, we’ve got two active pentests, we’re seeing some malicious activity and we’re gathering all the intel we can get ready for report writing at the end. A typical day for me has quite a large scope. I spend a lot of time in people development, so once somebody starts with us and they get through their probation period I’ll sit down with them and we’ll write a personal development plan, and a lot of that is led by their career aspirations and what particular skills they want to develop. My role is so vast that it pretty much spans every aspect of security to a degree. It’s very varied and no two days are the same – it always keeps you on your toes.

From your experience, what are the core skills and knowledge needed for your role?

I was quite lucky in that I spent 20 years as a manager. For my role itself there’s a lot of people and performance management in terms of setting and achieving KPIs and just trying to raise the bar within the team in terms of how they’re performing. I encourage a lot of forward thinking – in order to really impact cyber as an industry you’ve got to be consistently looking to improve and always pushing progression. You’ve got to be a good problem solver too – as we said, every day is different. Being able to quickly assess and resolve issues is another key skill needed.

I think though, the one thing the industry really needs is people-focused leaders. You often hear about how difficult it is to get into cyber and that people aren’t being trained correctly. The majority of our team have been taken on at entry level, which is really rare. A lot of people won’t consider, for example, a Level 1 Analyst. We take people straight from university, career changers who have done self-learning, etc. Our entry-level roles are genuinely available for those at entry-level, and we guarantee that training will be delivered to them during their first six months.

I see that you are relatively new to the world of cyber security. What was it that drew you to the industry in the first place / why the career switch?

Ultimately the decision to consider another career was brought about by my son being born. My previous role involved a lot of traveling, I was away for a lot of time and I didn’t want to be that kind of dad. I did a lot of research, considered various careers and landed on cyber. Coming back to the point that no two days are the same – people in hospitality would say that and it’s not entirely true, but in cyber it is very much the truth. The vulnerabilities, threats, etc. are constantly changing, so you’re working in this everchanging landscape and that keeps you on your toes entirely.

In the cyber industry you’re able to commit to life-long learning. One of the challenges I had in my previous career was that I hit a ceiling, but within cyber that’s not the case. The idea that it is an ever-evolving industry and it’s only going to continue growing, there’s no risk ever of cyber security not being required in the future. As long as there are people who are looking to gain personal benefit by manipulating people or technology, there’s always going to be a need for cyber security, and the reality is there’s always going to be those individuals. This industry has unrivalled development opportunities, along with the fact that it’s a guaranteed life-long career which is just going to become more important. It’s such a vast field that you literally could spend your entire career studying something new every day – that was one of the big draws for me. 

You’ve had a lot of experience in a variety of management roles. How does management in a cyber role differ and, on the flipside, what are the similar, transferrable skills?

A lot of it is transferrable, but I think my biggest challenges have come from understanding technologies and tools because it was something I didn’t come across often in the hospitality industry. I really had to spend time getting my head around that stuff. However, a lot of it in terms of day-to-day operation is very similar. I went from a Level 1 Analyst to a Team Manager within 14 months and that was all down to how many transferrable skills I brought with me and to be honest, I underestimated that.

Those I speak to via LinkedIn who are asking for advice, I always highlight: don’t underestimate the life skills you bring with you. It may be time-management, workload management, or how you interact with people. Those life skills are things that people straight out of education may not have. When you’re a career-changer you do worry and think you’re starting from scratch, but the reality is, you’re not. Yes, from a technical perspective, somebody that’s gone to university may be ahead of you in that sense, but it takes years to learn life skills in a work environment. Don’t underestimate what that can do for you in a new industry.

Were there any challenges you faced while pursuing a cyber career and if so, how did you overcome them?

In order to get into cyber, I did a certification with a training provider outside of work as an extra-curricular. Once I got certified I was kind of sold that it would be relatively easy to get into the industry, but that was not the case. I went at it with the view of thinking who I would be up against and what the employer would be looking for. I knew that the employer would be looking for hands-on experience, which I didn’t have – so how would I bridge that? I needed to get hands-on and take that steep learning curve of building my own labs, applying tools within those labs, and learning how to configure them. That was definitely the main challenge I overcame, and even by doing all of that I wasn’t hugely sufficient.

I would say I applied to about 80 different roles and had one conversation out of that. When you bear in mind how it’s panned out from there, I think it’s a good indicator of how much talent we’re missing out on in the industry. There are people out there who are trying to get into the industry and bring other areas of skill but they’re not being looked at or considered because companies take a cookie-cutter approach. They want the exact same person in every role but that adds no value to anybody. Finding the right company is important; I’ve found that MSPs in general are more open to taking on people at entry level.

The other thing I’ve found incredibly important is getting comfortable with networking – leveraging LinkedIn and standing out on there. A lot of people think they just need to get their certification, set up a LinkedIn account and that’s it, they’ll get a job. The reality is it doesn’t work that way. Ultimately what led me to get my role was somebody posting about me on LinkedIn after a conversation we had about entering the industry. It was only because one of their network connections saw the post that they reached out to me. I didn’t get my role through applying on a job-board and I think very few people do. As long as you’ve got the willingness to listen to what people are saying and you’re proactive, then networking is absolutely the way to go.

Are there any specific qualifications that stand out to you as being especially useful to those wishing to gain a career in cyber security?

One thing I would say is don’t just rely on theory-based certificates. I see a lot of people who will take the CompTIA path and don’t get me wrong they absolutely have a place, but people reach out to me wanting to get into cyber and they think that by doing CompTIA A+, that’s all they need to do. Employers want hands-on skill; they want to know that they can put you in front of a device or tool and you will quickly pick it up. For some people that comes from industry experience and if you don’t have that, it comes back to that notion of bridging the gap yourself. Compliment your theory training with hands-on learning, and there are various ways to do that: build your own labs, read guides, watch YouTube videos. Go out and try to do things yourself, working it out along the way. There’s so much online content these days: Try Hack Me, Hack the Box, etc. Saying that, it’s important to tailor your hands-on training to the role you’re after, for example don’t do a lot of red team work on Try Hack Me if you want to work in the blue team!

Is there anything else you'd like to add or any extra pieces of advice for those wanting to get into the industry?

I’d advise people not to take the approach of complaining about how hard it is to get into cyber security and actually just think about what you can do to influence change. You do hear a lot of people say, “I’ve been looking for six months, this is really tough, nobody’s willing to take a gamble on me.” Whilst I get it’s frustrating, ask yourself questions from the other side. Look at a job spec and ask yourself “what is this person actually looking for?” Think why am I not being considered? As I said, a lot of the time it will be that you’ve not quite expressed that you've done enough from a hands-on perspective. Remain confident and understand that your commitment and attitude will stand you in good stead with a lot of employers. It can be difficult, no doubt about it, but be resilient, be thick-skinned, and understand that it’s not easy. As soon as you’ve accepted that, rejection hurts you a little less.

Share on socials
Scroll to Top