Security Operations Center Job Description
Security Operations Center Duties & Responsibilities
To write an effective security operations center job description, begin by listing detailed duties, responsibilities and expectations. We have included security operations center job description templates that you can modify and use.
Sample responsibilities for this position include:
Security Operations Center Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Security Operations Center
List any licenses or certifications required by the position: GIAC, CCNA, RHCT, CCNP, CEH, CISSP, IAT, CSSP, III, CPR
Education for Security Operations Center
Typically a job would require a certain level of education.
Employers hiring for the security operations center job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Associate Degree in Computer Science, Criminal Justice, Business, Military, Education, Computer Engineering, Information Technology, Technical, Engineering, Applied Mathematics
Skills for Security Operations Center
Desired skills for security operations center include:
Desired experience for security operations center includes:
Security Operations Center Examples
Security Operations Center Job Description
- Report and investigate potential security incidents
- Provide recommendations to clients for containment and eradication of threats
- Maintain Intrusion Detection/Prevention signatures
- Update security operations processes and procedures
- Assist in IT security investigations, exercises and tests
- Research, consultation with colleagues and training to maintain awareness of trends in new security threats, technologies and regulations
- Execute security monitoring through an intimate knowledge of SIEM technologies and the security threat landscape
- Establishing and executing a multi-year strategic plan to improve SOC services and operations
- Building and developing an effective and engaged global team
- Troubleshoot customer-facing issues and communicate with customers as needed
- Experience performing security analysis utilizing Security Incident and Event Management (SIEM) technologies
- Demonstrated experience managing Tier 1-3SOC Teams, including vulnerability management, incident handling and forensics
- Must sit for extended periods of time
- Knowledge of security technologies (encryption, data protection, design, privilege access)
- Abide by and enhance runbooks and documentation associated with SOC actions
- A minimum of 2 years’ experience as a security analyst within a SOC / NOC role or with an MSS provider
Security Operations Center Job Description
- Coordinate a timely and concise incident response with law enforcement, league/club security, and other relevant league departments
- You will monitor our networks and logging systems along with system log analysis
- Monitor the environment for anomalies and threats
- Collaborate with 3rd party IR responders
- Windows and Unix security vulnerability assessments
- Assist in the implementation of security strategies and solutions for studio initiatives
- Rotate in handler duties
- Actively participate in projects and delivering assigned tasks on time
- Bachelor’s degree in Computer Science, Engineering, Information Security or related field
- 2 + years of Information Security experience working in a SOC/IR environment
- Experience in IT (Information Technology) and an interest in IT Security
- A non-mandatory asset would be completion of a post-secondary educational program in IT Security or Computer Sciences from a recognized community college or university
- CISSP, CCSP, or other security related certifications preferred
- Exhibit the ability to work in a fast-paced and hectic work environment, ability to prioritize tasks effectively
- Proven ability to conduct security analysis of critical system logs and network protocols such as network flow data and full packet capture technologies
- Candidates must be able to work a flexible schedule within a 24x7x365 Security Operations Center (SOC) environment, may be expected to work holidays
Security Operations Center Job Description
- Adhere to THR incident response workflow establishing impact and urgency of detected events and follow through the triage, escalation, remediation and documentation
- Updates incident response scenarios and procedures to adapt to changing organization/cultural/system configuration updates
- Executes established procedures as it relates to incident response
- Interpersonal skills to interact with team members, management, and CSOC stakeholders
- Ability to think outside of the box when the need arises
- Perform technical analysis of security alerts from all sources (automated tool alerts, employee reported alerts, fraud investigation related alerts)
- Provide ongoing security tool optimization using aggregation, filters, correlation rules
- Provide analysis and trending of security log data from a large number of heterogeneous security devices and develop processes that analyze data and produce accurate, meaningful, easily interpreted results based on user requirements and use cases
- Make recommendations to management appropriate to an organizations needs and requirements
- Provide first and second level troubleshooting support for security applications and appliances
- Must possess strong computer skills and demonstrate the ability to effectively operate and manage security tools and processes
- 4+ years of experience in management of a global SOC
- Demonstrated ability to manage geographically distributed SOC teams
- Experience within pharmaceutical or healthcare industries
- Able to gather all relevant incident information (e.g., affected systems, asset information, vulnerability information, system configurations, logs, console reviews, memory dumps, forensic analysis, ) in accordance with incident management and response processes
- Has responded to current security incident types, such as DDOS attacks, anomalous activity, malware infections, APT activity, unauthorized access, data extraction
Security Operations Center Job Description
- Develop and drive the development of innovative threat reporting operations processes and tools from concept to delivery with a focus on the latest innovations, virtualization and big data
- Oversee operations projects including budgeting, planning, implementation, maintenance, administration, staffing and logistics
- Keen understanding of budgets and financials, and measuring business value via leading-edge metrics
- Mentor, manage and motivate a high-performing team of senior managers/analysts and/or senior professionals and set clear priorities to achieve department goals
- Manage oversight of complex security operations processes based on a combination of vendors, custom solutions, and internal resources
- Support adoption of new technologies and tools, and recommend capability improvements to threat analysis and reporting operations
- Work closely with the Chief Information Security Officer to ensure that information security and risk management are embedded within the culture, requiring continuous improvement to a complex set of functions to coordinate security and compliance risks related to information systems and assets
- Drive coordination, consensus and execution to mitigate cyber risk issues and emerging threats
- Analyze from a cost, capacity, and forecast perspective, and evaluate new security communications operations technologies and applications
- Develop strategic roadmaps to ensure security communications goals are met
- Certified Information Systems Security Professional (CISSP Certified Information Security Manager (CISM)
- Bachelor’s degree (Journalism/Political Science/International Relations) OR Associate degree with 2+ years’ experience in a related field
- Minimum 4 years of experience in doing intelligence analysis for the military, federal government, or corporation
- Reviews, analyzes, and responds to security events triggered through the security monitoring systems according to internal security procedures for physical events
- Experience configuring and optimizing Network Management Systems
- Knowledge of L2VPN Technologies
Security Operations Center Job Description
- Effectively monitor current events and open sources for information effecting the league at large
- Serve as the primary point of contact and first responder for league staff involving all safety and security incidents
- Produce reports, to include briefings, for executive staff and appropriate league personnel
- Manage operations center personnel, vendors, and contractors
- Manage contract and full-time analysts and staff
- Responsible for troubleshooting server/storage/network related issues impacting business and clinical applications/services
- Responsible for analysis/evaluation and remediation of security events across the enterprise
- Respond to any number of alarms, alerts or abnormal behaviors detected through enterprise monitoring
- Follows established industry best practices defined THR standards for triage, escalation, remediation and documentation of security events
- Continually validates monitoring configurations and thresholds are meeting business and technical teams requirements
- 5 years minimum in the computer industry
- Knowledgeable in various security frameworks such as NIST 800-53 / NIST 800-171 / ISO27001
- Knowledge in design and administration of security tools
- High school diploma or GED and combination of three years related post-secondary education and/or experience in Information Security or Information Technology
- Demonstrate strong organizational, research, analytical and / or problem-solving skills to evaluate situations, make recommendations and take effective action
- Must possess excellent writing and verbal communication skills