Security Operations Center Job Description
Security operations center
provides specialist knowledge of network security systems including Firewalls, Internet Proxy systems, Application Load Balancers and IDS/IPS technologies.
Security Operations Center Duties & Responsibilities
To write an effective security operations center job description, begin by listing detailed duties, responsibilities and expectations. We have included security operations center job description templates that you can modify and use.
Sample responsibilities for this position include:
Provides oversight to incident response activities (triage, root cause analysis, escalations, notifications, communication, ) and develops strategies to contain and eradicate the incident, and recover operations effectively
Ensure timely and accurate delivery of reports, incident response updates and forensics for security investigations
Work closely with the Incident Response team in support of remediation efforts at all levels, including data gathering and liaising between all CIRT teams
Experience with Intrusion Detection and firewalls
Recommends courses of action based on analysis of both existing and emerging threats
Partner with internal partners external business partners and vendors to collect data and response to information security incidents
Responsible in the review of all SOC policies and procedures
Provide leadership and oversight over the Security Operations Center (SOC) staff
Analyze staffing needs for coverage and proactively make adjustments when necessary
Measure staff’s performance through annual performance appraisals and provide training/development for continuous improvement
Security Operations Center Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Security Operations Center
List any licenses or certifications required by the position: GIAC, CCNA, RHCT, CCNP, CEH, CISSP, IAT, CSSP, III, CPR
Education for Security Operations Center
Typically a job would require a certain level of education.
Employers hiring for the security operations center job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Associate Degree in Computer Science, Criminal Justice, Business, Military, Education, Computer Engineering, Information Technology, Technical, Engineering, Applied Mathematics
Skills for Security Operations Center
Desired skills for security operations center include:
Incident response
HTTP
IDS/IPS
Firewalls
Various security packages
Crisis management
Methods
SMB
Business continuity and emergency response
Operating systems
Desired experience for security operations center includes:
5 years of relevant experience and a Bachelor’s degree in Computer Science, Engineering, MIS or a related field, or its equivalent experience
RHCT or 2 years equivalent experience administering linux/unix systems
Operational experience with security issues and access control mechanisms (firewall, ids)
Working knowledge of tcpdump/ethereal/wireshark software
Certifications (CISSP, CCNP, CCIE, ITIL, RHCE) a plus
Provide/Demonstrate strong leadership, organizational and coaching abilities
Security Operations Center Examples
1
Security Operations Center Job Description
Job Description Example
Our growing company is looking to fill the role of security operations center. Please review the list of responsibilities and qualifications. While this is our ideal list, we will consider candidates that do not necessarily have all of the qualifications, but have sufficient experience and talent.
Responsibilities for security operations center
- Report and investigate potential security incidents
- Provide recommendations to clients for containment and eradication of threats
- Maintain Intrusion Detection/Prevention signatures
- Update security operations processes and procedures
- Assist in IT security investigations, exercises and tests
- Research, consultation with colleagues and training to maintain awareness of trends in new security threats, technologies and regulations
- Execute security monitoring through an intimate knowledge of SIEM technologies and the security threat landscape
- Establishing and executing a multi-year strategic plan to improve SOC services and operations
- Building and developing an effective and engaged global team
- Troubleshoot customer-facing issues and communicate with customers as needed
Qualifications for security operations center
- Experience performing security analysis utilizing Security Incident and Event Management (SIEM) technologies
- Demonstrated experience managing Tier 1-3SOC Teams, including vulnerability management, incident handling and forensics
- Must sit for extended periods of time
- Knowledge of security technologies (encryption, data protection, design, privilege access)
- Abide by and enhance runbooks and documentation associated with SOC actions
- A minimum of 2 years’ experience as a security analyst within a SOC / NOC role or with an MSS provider
2
Security Operations Center Job Description
Job Description Example
Our company is hiring for a security operations center. Please review the list of responsibilities and qualifications. While this is our ideal list, we will consider candidates that do not necessarily have all of the qualifications, but have sufficient experience and talent.
Responsibilities for security operations center
- Coordinate a timely and concise incident response with law enforcement, league/club security, and other relevant league departments
- You will monitor our networks and logging systems along with system log analysis
- Monitor the environment for anomalies and threats
- Collaborate with 3rd party IR responders
- Windows and Unix security vulnerability assessments
- Assist in the implementation of security strategies and solutions for studio initiatives
- Rotate in handler duties
- Actively participate in projects and delivering assigned tasks on time
- Bachelor’s degree in Computer Science, Engineering, Information Security or related field
- 2 + years of Information Security experience working in a SOC/IR environment
Qualifications for security operations center
- Experience in IT (Information Technology) and an interest in IT Security
- A non-mandatory asset would be completion of a post-secondary educational program in IT Security or Computer Sciences from a recognized community college or university
- CISSP, CCSP, or other security related certifications preferred
- Exhibit the ability to work in a fast-paced and hectic work environment, ability to prioritize tasks effectively
- Proven ability to conduct security analysis of critical system logs and network protocols such as network flow data and full packet capture technologies
- Candidates must be able to work a flexible schedule within a 24x7x365 Security Operations Center (SOC) environment, may be expected to work holidays
3
Security Operations Center Job Description
Job Description Example
Our company is growing rapidly and is looking for a security operations center. We appreciate you taking the time to review the list of qualifications and to apply for the position. If you don’t fill all of the qualifications, you may still be considered depending on your level of experience.
Responsibilities for security operations center
- Adhere to THR incident response workflow establishing impact and urgency of detected events and follow through the triage, escalation, remediation and documentation
- Updates incident response scenarios and procedures to adapt to changing organization/cultural/system configuration updates
- Executes established procedures as it relates to incident response
- Interpersonal skills to interact with team members, management, and CSOC stakeholders
- Ability to think outside of the box when the need arises
- Perform technical analysis of security alerts from all sources (automated tool alerts, employee reported alerts, fraud investigation related alerts)
- Provide ongoing security tool optimization using aggregation, filters, correlation rules
- Provide analysis and trending of security log data from a large number of heterogeneous security devices and develop processes that analyze data and produce accurate, meaningful, easily interpreted results based on user requirements and use cases
- Make recommendations to management appropriate to an organizations needs and requirements
- Provide first and second level troubleshooting support for security applications and appliances
Qualifications for security operations center
- Must possess strong computer skills and demonstrate the ability to effectively operate and manage security tools and processes
- 4+ years of experience in management of a global SOC
- Demonstrated ability to manage geographically distributed SOC teams
- Experience within pharmaceutical or healthcare industries
- Able to gather all relevant incident information (e.g., affected systems, asset information, vulnerability information, system configurations, logs, console reviews, memory dumps, forensic analysis, ) in accordance with incident management and response processes
- Has responded to current security incident types, such as DDOS attacks, anomalous activity, malware infections, APT activity, unauthorized access, data extraction
4
Security Operations Center Job Description
Job Description Example
Our growing company is looking to fill the role of security operations center. To join our growing team, please review the list of responsibilities and qualifications.
Responsibilities for security operations center
- Develop and drive the development of innovative threat reporting operations processes and tools from concept to delivery with a focus on the latest innovations, virtualization and big data
- Oversee operations projects including budgeting, planning, implementation, maintenance, administration, staffing and logistics
- Keen understanding of budgets and financials, and measuring business value via leading-edge metrics
- Mentor, manage and motivate a high-performing team of senior managers/analysts and/or senior professionals and set clear priorities to achieve department goals
- Manage oversight of complex security operations processes based on a combination of vendors, custom solutions, and internal resources
- Support adoption of new technologies and tools, and recommend capability improvements to threat analysis and reporting operations
- Work closely with the Chief Information Security Officer to ensure that information security and risk management are embedded within the culture, requiring continuous improvement to a complex set of functions to coordinate security and compliance risks related to information systems and assets
- Drive coordination, consensus and execution to mitigate cyber risk issues and emerging threats
- Analyze from a cost, capacity, and forecast perspective, and evaluate new security communications operations technologies and applications
- Develop strategic roadmaps to ensure security communications goals are met
Qualifications for security operations center
- Certified Information Systems Security Professional (CISSP Certified Information Security Manager (CISM)
- Bachelor’s degree (Journalism/Political Science/International Relations) OR Associate degree with 2+ years’ experience in a related field
- Minimum 4 years of experience in doing intelligence analysis for the military, federal government, or corporation
- Reviews, analyzes, and responds to security events triggered through the security monitoring systems according to internal security procedures for physical events
- Experience configuring and optimizing Network Management Systems
- Knowledge of L2VPN Technologies
5
Security Operations Center Job Description
Job Description Example
Our company is looking to fill the role of security operations center. Thank you in advance for taking a look at the list of responsibilities and qualifications. We look forward to reviewing your resume.
Responsibilities for security operations center
- Effectively monitor current events and open sources for information effecting the league at large
- Serve as the primary point of contact and first responder for league staff involving all safety and security incidents
- Produce reports, to include briefings, for executive staff and appropriate league personnel
- Manage operations center personnel, vendors, and contractors
- Manage contract and full-time analysts and staff
- Responsible for troubleshooting server/storage/network related issues impacting business and clinical applications/services
- Responsible for analysis/evaluation and remediation of security events across the enterprise
- Respond to any number of alarms, alerts or abnormal behaviors detected through enterprise monitoring
- Follows established industry best practices defined THR standards for triage, escalation, remediation and documentation of security events
- Continually validates monitoring configurations and thresholds are meeting business and technical teams requirements
Qualifications for security operations center
- 5 years minimum in the computer industry
- Knowledgeable in various security frameworks such as NIST 800-53 / NIST 800-171 / ISO27001
- Knowledge in design and administration of security tools
- High school diploma or GED and combination of three years related post-secondary education and/or experience in Information Security or Information Technology
- Demonstrate strong organizational, research, analytical and / or problem-solving skills to evaluate situations, make recommendations and take effective action
- Must possess excellent writing and verbal communication skills