• Blog

Gayoon Nam: Building Investigative Depth in the SOC

Meet Gayoon Nam

Gayoon Nam is a Computer Science student at LSU with a concentration in cybersecurity, graduating on May 16, 2026. Originally from Metairie, Louisiana, Gayoon has spent approximately 13–14 months working in the Security Operations Center (SOC), gaining hands-on experience in cybersecurity investigations. During her time in the SOC, Gayoon has addressed around 1,000 security events, identified at least 30 true positives, and achieved an average audit score of 4.82. Through this experience, she has developed a strong foundation in analyzing security activity and communicating findings effectively. For Gayoon, working in the SOC is about more than responding to alerts—it’s about understanding the full story behind each event and continuously improving her ability to investigate and interpret complex activity.

Discovering a Passion for Cybersecurity

Gayoon’s interest in cybersecurity began with coding and web development classes in high school. As she progressed through her studies at LSU, she found herself particularly drawn to courses in malware analysis, reverse engineering, software vulnerabilities, and digital forensics. These experiences helped shape her interest in solving complex problems and understanding how systems behave at a deeper level. She discovered that cybersecurity offered a space where she could apply critical thinking and analytical skills while working toward a meaningful goal—helping protect people and organizations.

Memorable SOC Experience

One of Gayoon’s most memorable SOC experiences involved investigating a suspicious PowerShell/CMD activity alert where a user had created multiple new processes. During her investigation, she noticed that the user had previously been added to a privileged group and then deleted. Despite the account no longer being listed as a privileged user, it appeared to be performing privileged actions—an unusual and potentially concerning scenario. Rather than escalating the alert based solely on privileged activity from a non-privileged user, Gayoon identified a deeper issue related to the account’s lifecycle. She escalated the event with this broader context, allowing a Tier 2 analyst to investigate further. While the activity ultimately had a valid explanation, the experience reinforced the importance of looking beyond the initial alert. For Gayoon, this investigation highlighted how context can completely change the interpretation of an event and helped establish a reference point for handling similar alerts in the future.

What She Enjoys Most

Gayoon most enjoys the investigative nature of SOC analyst work. Each alert presents a scenario with incomplete information, requiring her to connect data points across multiple sources to determine whether activity is benign or malicious. She finds it especially rewarding to analyze different logs, build a comprehensive understanding of an event, and communicate that clearly to clients. Over time, she has also enjoyed becoming more efficient with tools like Splunk and developing her own investigative instincts. Equally important is the collaborative environment, where working alongside teammates who are willing to share knowledge and provide support has been a valuable part of her experience.

Skills Learned in the SOC

During her time in the SOC, Gayoon has developed both technical and communication skills critical to cybersecurity operations. She has learned how to write clear, effective documentation that explains investigative findings and decisions, ensuring that relevant context is included when closing or escalating events. She has also gained experience analyzing and correlating data across endpoint, firewall, and authentication logs to build a complete picture of user or system activity. In addition, she has improved her ability to identify patterns and respond efficiently, while strengthening her communication with clients and collaboration with team members. These experiences have helped her build a well-rounded foundation in security monitoring and incident investigation.

Looking Ahead

After graduating in May 2026, Gayoon plans to pursue a role as a SOC Analyst or Cybersecurity Analyst, while remaining open to IT roles that allow her to continue building technical experience. She is particularly interested in opportunities involving malware analysis, reverse engineering, digital forensics, and vulnerability analysis. While she prefers remote, day-shift roles and opportunities in Louisiana, she remains open to different shifts and potential relocation for the right opportunity. Gayoon expects to be available for full-time work starting in July 2026 and is focused on continuing to grow her technical expertise in cybersecurity.

Advice to Future Students

Gayoon encourages students to step outside their comfort zones and take advantage of new opportunities. She believes that trying new things and putting yourself out there leads to both skill development and meaningful connections. Every experience, whether technical or personal, contributes to growth and helps build a stronger foundation for a future career in cybersecurity.

Every cybersecurity journey starts somewhere. For Gayoon, it has been defined by curiosity, hands-on experience, and a commitment to understanding the deeper story behind each investigation. If you’re looking to gain real-world experience, strengthen your analytical skills, and prepare for a career in cybersecurity, TekStream’s Workforce Development Program can help you take that next step. Explore how you can begin your cybersecurity journey today.

Turn curiosity into capability, begin your cybersecurity journey now.

• Share This: