As cyber threats continue to evolve, having a capable and responsive Security Operations Centre (SOC) has never been more critical. At D2NA, our SOC team operates at the frontline, monitoring, investigating, and responding to threats in real time.
We sat down with Smita Kayastha, one of our SOC Analysts, to understand what really happens behind the scenes and what organisations should expect from a modern security partner.
Q: Can you tell us a bit about your role at D2NA?
SK: I work as a SOC Analyst, which means I’m responsible for monitoring security alerts, investigating potential threats, and responding to incidents. On any given day, I’m reviewing alerts across multiple client environments and making sure anything suspicious is analysed quickly and accurately.
Q: What does a typical day in the SOC look like?
SK: There isn’t really a “typical” day, which is part of the job. We start by reviewing ongoing alerts and any incidents from previous shifts, then move into continuous monitoring. Some days are quieter and focused on tuning and optimisation, while others involve responding to high-priority incidents that need immediate attention.
Q: What’s the biggest misconception about SOC teams?
SK: That it’s fully automated. Tools are important, but they don’t replace people. A lot of what we do is contextual, understanding whether something is genuinely malicious or a false positive, and then deciding how to respond based on risk and impact.
Q: How do you approach investigating an alert?
SK: We follow a structured process. First, we assess the severity and context, what triggered the alert, which system or user is involved, and whether there’s any known pattern. Then we dig deeper using logs and telemetry to build a full picture before deciding the right course of action, whether that’s escalation, containment, or closing it as benign.
Q: What makes our SOC different?
SK: It’s the balance between technology and service. We use advanced tools, but we also prioritise clear communication and practical outcomes. Clients don’t just get alerts, they get context, guidance, and support on what to do next.
Q: What’s the most challenging part of your role?
SK: The speed at which threats evolve. You have to constantly stay up to date and be ready to adapt. It’s not just about reacting, it’s about recognising patterns and thinking ahead to prevent future incidents.
Q: What’s the most rewarding part?
SK: Knowing that what we do has a real impact. When you stop an incident from escalating or help a client avoid disruption, it’s a great feeling. You’re directly contributing to keeping organisations secure.
Q: For organisations considering a SOC service, what should they look for?
SK: Look beyond the tools. Ask how incidents are handled, how quickly analysts respond, and how clearly they communicate. A good SOC should feel like an extension of your team, not just a monitoring service.
Q: How do you see the SOC evolving in the next few years?
SK: Automation and AI will continue to grow, but human expertise will still be critical. The focus will shift more towards proactive threat hunting and continuous improvement, rather than just reactive monitoring.
Closing thoughts
At D2NA, our SOC isn’t just about detecting threats, it’s about delivering clarity, confidence, and control in an increasingly complex landscape.
As Smita highlights, effective security operations rely on a combination of technology, expertise, and clear communication, ensuring organisations can respond quickly and operate with confidence. To find out more about our SOC services click here, or get in touch with our team to discuss your requirements today.