Detection Engineering Tutorial: Cloud Security, Kubernetes Logging & SOC Career Path | S5 E2

In this episode of Simply Defensive, we sit down with JB, a Senior Cybersecurity Engineer working in detection engineering. JB shares his journey from SOC analyst to detection engineer, diving deep into the challenges of cloud-native security, Kubernetes logging, and building a sustainable career in cybersecurity.

What We Cover:
– What detection engineering actually means in 2025
– Working with dual-cloud environments (AWS + GCP)
– The challenges of Kubernetes logging and ephemeral containers
– SANS FOR508 (Digital Forensics and Threat Hunting) experience
– How to avoid burnout in InfoSec
– Building a SOC career: What do entry-level analysts really need to know?
– Work-life balance with kids and an ambitious security career
– DefCon stories and the Octopus Games competition

Resources & Links Mentioned:
– Live Overflow’s Hextree.io learning platform: https://hextree.io
– SANS FOR508 (GCFA): https://www.sans.org/cyber-security-courses/advanced-incident-response-threat-hunting-training/
– Marcus Hutchins (MalwareTech) on LinkedIn: https://www.linkedin.com/in/malwaretech/
– Graham Helton’s Kubernetes security work: https://www.linkedin.com/in/grahamhelton3/
– Simply Defensive Podcast: https://youtube.com/playlist?list=PL4Q-ttyNIRAr6DVrsASx1-Fv-TsooJ3M4

Connect with JB:
YouTube: @JBCulbert
Twitter/X: @JBTweetsStuff

Timestamps:
00:00 Introduction and Guest Welcome
00:50 JB’s Day-to-Day Role in Cybersecurity
01:47 Past Experiences and Career Journey
02:27 Challenges in Detection Engineering
03:23 Kubernetes and Incident Investigation
03:51 SANS Classes and CTF Experiences
09:07 Remote vs In-Person Learning
11:21 Future Plans and Learning Platforms
14:13 Docker and Kubernetes in Labs
16:11 The Reality of Cybersecurity Skills
16:40 Defcon and Octopus Games
22:04 Balancing Cybersecurity and Personal Life
31:01 Advice for Aspiring Blue Teamers
32:57 Final Thoughts and Farewell

Don’t forget to like, subscribe, and hit the bell icon for more blue team content!

🔗 Follow the hosts:
Josh Mason: https://www.linkedin.com/in/joshuacmason/
Wade Wells: https://www.linkedin.com/in/wadingthrulogs/

💡 Brought to you by ThreatLocker – Secure your business with zero trust application control.

🎙️ More Simply Defensive
– Full playlist: https://youtube.com/playlist?list=PL4Q-ttyNIRAr6DVrsASx1-Fv-TsooJ3M4
– Spotify: https://open.spotify.com/show/72QTocT5FSTSPV7o1UcMS4
– Apple Podcasts: https://podcasts.apple.com/il/podcast/simply-defensive/id1773806182

👍 If you enjoyed this episode, don’t forget to like, subscribe, and share with your fellow defenders. Every week, Josh Mason and Wade Wells bring you practical, no-fluff conversations with cybersecurity leaders.

=========================
Sponsored by @ThreatLocker – Free 30-day trial visit:
https://www.threatlocker.com/simplydefensive
=========================
All the ways to connect with Simply Cyber
https://SimplyCyber.io/Socials
=========================
This podcast is presented by Simply Cyber Media Group