Survivor track · operators and implementors

The engineers and analysts who run production AI and cybersecurity infrastructure

Cybersecurity × Applied AI · Convergence

Become the AI-augmented SOC analyst.

Calibrated against BLS OES May 2024 (cyber base bands), Lightcast AI premium overlay 2024, OWASP LLM Top 10 + MITRE ATLAS

AI-augmented analysis is the convergence track for SOC analysts adding AI fluency on top of their detection-engineering base. The 2026 hiring market increasingly requires this skill set even for Tier-2 / Tier-3 roles.

The fastest convergence track for working SOC analysts. AI-assisted triage, detection authoring, threat intel, automation.

Take the AI Risk Score (2 min)See AI Security Operations Mastery

Path designed by

Julian Calvo, Ed.D., M.S.

I built this for SOC analysts adding AI fluency on top of their detection-engineering base.

What this path pays

$87K → $135K-$180K

Tier-1 SOC analyst base is $87,400 (BLS 15-1212). AI-augmented analyst (Tier-2 / Tier-3) roles in 2026 cluster at $135-180K with a measurable premium for verified deployment of AI tooling.

Today $87K

After this path$135K–$180K

Source: BLS OES May 2024 + Lightcast AI premium overlay 2024

Why this path

Most SOCs are introducing AI tooling for triage, detection authoring, and threat-intel summarization. The analysts who deploy that tooling correctly become the Tier-3 leads. The ones who don't get pushed into Tier-1 alert triage that AI absorbs over the next 24 months. This track covers the deploy + verify discipline.

What the journey looks like

Stage 1 · AI tools for the SOC

1-2 weeks

The current state of AI in SOC tooling: triage assistants, detection-as-code copilots, threat intel summarizers. What works, what fails.

View AI Security Operations Mastery →

Stage 2 · AI-assisted detection authoring

3-4 weeks

Generate Sigma rules + ATT&CK mappings with AI assistance + the verification discipline that catches the hallucinations.

View AI Security Operations Mastery →

Stage 3 · Threat intel + triage automation

3-4 weeks

Build an AI-augmented triage pipeline that escalates with the right confidence threshold. Ship a threat-intel summarization workflow.

View AI Security Operations Mastery →

Stage 4 · Capstone

2-3 weeks

Document the deployed AI workflow against a real SOC scenario. Evaluation harness, false-positive economics, the rollback criteria.

View AI Security Operations Mastery →

Both courses fit this path

Each course covers a different vertical of the same survivor track. Buy individually or pair them for the convergence layer.

Course

$497

AI Security Operations Mastery

AI-augmented detection, AI-assisted IR, threat-intel automation for the SOC.

Open course →

Course

$147

SOC Analyst Fundamentals

Detection, triage, containment, career trajectory. NIST SP 800-61, MITRE ATT&CK.

Open course →

Frequently asked questions

Will AI absorb my SOC role before I finish this track?

Tier-1 alert triage is what AI absorbs first. Tier-2 / Tier-3 work that requires deploying, verifying, and tuning the AI tooling is what survives and pays the premium. This track is about being the analyst on the deploying side, not the displaced side.

Is this only useful if my SOC already uses AI tooling?

No. About 60% of SOCs in the ISC2 2025 sample have at least one AI-assisted workflow piloted; the other 40% will be there inside 18 months. Either way, the analyst who knows how to deploy + verify the tooling is the one who ends up running the program at the next employer.

Will I lose detection-engineering credibility by leaning into AI?

Only if you skip the verification discipline. The track explicitly teaches the verify-the-AI-output workflow that catches hallucinations, false-positive cascades, and over-permissioned auto-responses. Senior practitioners who deploy AI tooling without that discipline get burned; the ones who deploy it with discipline get promoted.

How does this compare to the AI Security Engineer convergence persona?

AI-Augmented Analyst is the SOC-side track: you use AI tools to do detection/IR work better. AI Security Engineer is the build-side track: you secure the AI systems other teams ship. Different hiring pipelines, different comp bands. Take this one if you want to stay in operations; take that one if you want to move into engineering.

Built on primary public sources

BLS

OES May 2024 wage data

NIST

AI RMF + NICE Workforce Framework

MITRE

ATT&CK + ATLAS

ISC2

2025 Workforce Study

Lightcast

AI premium series 2024

OWASP

LLM Top 10 + ML Security

$87K → $135K-$180K