u/micheledoors

Hi everyone,

I’m an Italian currently trying to find a job in IT in Poland, but I’m not getting any responses so far. I have the feeling that it might be because my residence is still in Italy.

So I’m considering a different approach: moving to Poland while keeping my current remote job from Italy, and then applying again once I’m already living there.

Right now I earn about 1400€ per month. Do you think this would be enough to live in Poland for a couple of months while I look for a local job? My plan would be to try for 2–3 months, and if it doesn’t work out, just go back to Italy.

Do you think being physically in Poland would improve my chances of getting hired in IT?

Any advice or experiences would be really appreciated!

Molto brevemente ho la macchina intestata a mia madre, mi dissero che a causa della rottamazione non si poteva inserire secondo proprietario, e quindi anche l'assicurazione per risparmiare qualche anno fa fu intestata a lei. In famiglia c'è anche l'auto di mio padre.

Adesso prima che andrò via di casa tra qualche mese volevo fare il passaggio di auto e approfittare della legge Bersani, dicono che essendo io proprietario, poi fare l'assicurazione sarà immediato che eredito la classe..

L'assicurazione che ha attualmente mio padre, mi ha detto che per prendere la sua classe di merito devo per forza stare con la sua, è vero o posso in realtà andare ovunque, e dando i dati di mio padre prendo comunque la sua classe?
Essendo lui 1°classe anche io (over 30 senza mai assicurazione) prendo direttamente la 1°?

Hi everyone,I’m looking for some honest feedback because I’m at a bit of a crossroads in my career.

I’ve been working for about 3 years as a SOC Analyst (although over time our team name changed to things like Incident Handling/Response). This is my first job in cybersecurity, so I don’t really have anything to compare it to.

My daily work is roughly like this:

• We handle tickets generated from security platforms (mostly EDR/XDR like Cortex XDR, Defender, SentinelOne, and only a bit of SIEM like QRadar).
• When an alert comes in, we investigate it in the console. Typical detections include things like possible brute force, malware, process injection, suspicious driver loads, exfiltration, etc. all the rules in the xdr more or less.
• We analyze the event and write a short report explaining what happened and why we think it’s benign or malicious.

For example:

• If it looks clean → we explain the activity (process, connection, OSINT checks, etc.) and close it as normal activity / false positive, sometimes adding an exclusion.
• If we’re unsure → we contact the customer to confirm legitimacy.
• If it looks malicious → we may isolate the host, quarantine files, and notify the customer (email + sometimes call).

We also handle service requests like:

• Account access issues (resetting access to consoles)
• Helping with agent installation or updates
• Providing more details about alerts
• Creating exclusions for planned activities

In more serious incidents, my role is mainly to reconstruct and describe the chain of events (what happened, when, and why). There’s also a separate team for deeper forensics/advanced IR if the client pays for it.

My concern is this:

Since this is my first job, I have no idea how this compares to other SOC/MDR roles. I’m thinking about changing jobs (maybe job hopping for growth), but I’m honestly afraid I might not be “good enough” or that my experience is too narrow.

So I’d really like to ask:

• What does your daily work look like in your SOC / IR role?
• Does what I described sound like a solid experience after ~3 years?
• Would you feel confident moving on from this kind of role?

Any advice or reality checks would be really appreciated.

Ah i have cisco cyberops, sscp and cysa+

Thanks!