We have been building and staffing SOCs for over 20 years and have found that the most successful are those which embrace diversity in their analysts and by diversity I mean exactly that. Not just race, gender or disability but also people who have suffered adversity in their lives. Each person's journey to become an analyst results in them analysing a situation differently and when the chips are down you need an eclectic mix of ideas with a strong leader (not manager) to win the fight. 

This diversity extends to education, I'm always disappointed when a client requests that we only supply staff who have graduated from specific league topping universities, I agree that the teaching at some universities is better than others, but most students don't know that when they enrol. I'm more interested in the passion a student has for cyber security, give me a passionate student who graduates well from a mediocre university before a mediocre student who graduates from a top university any day. 

Passionate self-taught individuals should also be embraced, many can run rings around a graduate with their knowledge. 

Finally consider veterans and late starters who have discovered cyber later in life but who bring that same burning passion and with it a wealth of life experience. They are also probably street wise which can be invaluable when trying to get into the mind of an attacker. I've missed many other examples though I'd be interested in hearing your thoughts and experience?  

© Computer Network Defence Limited 2019