Security Operations Center Analyst Job Description
Security Operations Center Analyst Duties & Responsibilities
To write an effective security operations center analyst job description, begin by listing detailed duties, responsibilities and expectations. We have included security operations center analyst job description templates that you can modify and use.
Sample responsibilities for this position include:
Security Operations Center Analyst Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Security Operations Center Analyst
List any licenses or certifications required by the position: GIAC, CISSP, SANS, GCIH, CEH, GCIA, CISA, CISM, MCSE, CCNA
Education for Security Operations Center Analyst
Typically a job would require a certain level of education.
Employers hiring for the security operations center analyst job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and University Degree in Computer Science, Information Systems, Information Technology, Education, Computer Engineering, Technology, Technical, Information Security, Engineering, Applied Mathematics
Skills for Security Operations Center Analyst
Desired skills for security operations center analyst include:
Desired experience for security operations center analyst includes:
Security Operations Center Analyst Examples
Security Operations Center Analyst Job Description
- Ensures Service Operations processes (incident, request and event) processes are being executed correctly and with quality
- Proactively document and implement correlation opportunities
- Participate in enterprise patching activities to ensure systems are compliant and vulnerabilities are mitigated
- Monitor systems real time to identify issues, problems, and attacks before they impact Duke Medicine services or patient information
- Correlate events across multiple data sources and detect patterns for event correlation
- Reviews and participates in ticket quality activities and address areas that need improvement
- Review operational performance metrics with the management team to determine areas of improvement
- Resolve complex problems through advanced analysis and troubleshooting with minimum supervision
- Considered an expert resource in the security operational area
- Demonstrate advanced understanding of security programs, tools and best practices
- Take ownership of and troubleshoot tickets generated by the health monitoring system (Tickets
- Rudimentary understanding of intrusion detection, firewall operations, and other general security
- Bachelor’s degree is required, preferably in Information Technology, Business, Supply Chain or related field
- Minimum of 2 years full-time work experience in IT consisting of at least 1 year doing windows systems administration, and includes experience with Active Directory, DNS, and network routing
- 4+ years experience working in a Security Operations Center
- Strong written and verbal communication skills, must be able to articulate complex technical analysis to both technical and non-technical audiences
Security Operations Center Analyst Job Description
- Operate SEIM (Trustwave) consoles in order to monitor the environment for events of interest
- Perform analysis of security logs in an attempt to detect unauthorized access
- Participate in the creation, modification and maintenance of all SOC policies and procedures
- Tier 1 security event monitoring and device oriented activities in the SOC with guidance of short-term projects such as upgrades, migrations and implementations on the part of the tier 3 and 4 staff
- Monitor IT defense perimeter and scanning infrastructure and communicate security events and incidents to applicable Computer Emergency Response Team personnel and/or management
- Perform reviews/audits of mixed UNIX and Microsoft Windows environments, including network devices, databases, web services, and enterprise applications
- Coordinate with infrastructure support teams to maintain/trouble shoot defense perimeter and monitoring integrity
- Working rotational shifts (1st, 2nd or 3rd)
- Monitoring telephones and operating radios and computer equipment in the security operations center
- Interacting routinely with employees, executives and contractors
- Good knowledge of Windows, Linux and Unix
- Knowledge of Intrusion Detection and Prevention techniques
- Knowledge of vulnerability scanners such as Nessus, Tenable
- Demonstrated experience with access control systems such as Active Directory and Virtual Private Network (VPN)
- Working knowledge of Tivoli, IBM End Point Manager
- Strong interpersonal and communication skills (verbal and written with both technical and non-technical staff)
Security Operations Center Analyst Job Description
- Providing oversight to the contract security staff as directed by the Security Supervisor
- Initiating and directing the appropriate response to security and facility-related incidents
- Answering multiple phone lines promptly, politely, and professionally
- Accurately recording information and details of events/incidents reported to security
- Building and maintaining effective relationships with others
- Functioning effectively in a team environment
- Processing and issuing access credentials to employees and contractors
- Providing security-related service to internal customers
- Monitoring and directing the appropriate response and notification requirements for various security alarm systems
- Directing emergency and non-emergency response to site-related situations
- Successful candidates will possess a solid understanding of information technology and security best practices
- Able to handle work pressure while remaining detail oriented
- CISSP and SANS (GSEC) certification preferred
- Understanding of statistical analysis tools such as R, Weka preferred
- Bachelor’s degree from an accrediated college or unviersity required
- Experience participating in Tier 1-3 SOC Teams including vulnerability management, incident handling and forensics
Security Operations Center Analyst Job Description
- Monitoring the operation of security equipment for all Houston locations and coordinate service when required
- Maintaining computer-generated reports and informational databases, including the incident reporting application
- Handling of sensitive and confidential information with limited supervision
- Help coordinate and report on cyber incidents impacting the client
- This position involves critical duties and responsibilities that must continue to be performed during crisis situations and contingency operations, which may necessitate extended hours of work as Analyst will be working in a 24x7 Security Operation Center (SOC) environment
- Provide expertise on engagements related but not limited to Operations & Maintenance, Helpdesk Operations, Software and Application Development and Maintenance, Financial Operations, and Project and Acquisition Management
- Answers, documents, and responds to calls coming in on the Critical Incident Phone Line
- Understand and maintain the appropriate knowledge of tools, security procedures, and services within the SOC, ensuring all tools are functioning properly
- Oversee and ensure P1 and P2 incidents are handled according to operational procedures
- Keep current with emerging security threats and risks
- Demonstrated written and oral communication skills with the ability to effectively communicate with information technology professionals senior management and auditors, assessors, and consultants
- Results driven individual who can manage assignments based on criticality, in a timely and professional manner
- U.S. Citizen in possession of a valid U.S. Passport
- Experience developing and documenting processes and procedures related to IT security operations
- Bachelor’s Degree in CS / IS / ISS, or equivalent technical experience
- Bachelor’s degree in computer science, information systems security or other IT related field from an accredited institution preferred, additional experience in place of degree will be considered
Security Operations Center Analyst Job Description
- Provide guidance and support to all SOC personnel and ensure that each individual has a clear understanding of SOC policies and procedures their individual responsibilities
- Assist Analysts in monitoring network traffic and security alerts for potential events/incidents trending and historical analysis and complete ticket audits and reviews
- Mentor and guide personnel growth into roles which align with the needs of the SOC
- Provide support to security operational teams on escalated incidents including troubleshooting, analysis and resolution
- Stay informed of current events in the security industry including the latest exploits and threats preventative measures, remediation, and restoration techniques
- Provide continuous Security Threat Analysis for Antivirus, Malware, and Ransomware attacks across multiple platforms
- Research security threats in our customer environments
- Update rules and use cases to ensure proactive protection of our customer's IT environments
- Ensure quality service delivery and professional service management is provided to our customer
- Produce standard and custom reports to meet service level and operational level agreements
- Experience on a Computer Incident Response Team (CIRT)
- At lease one year of experience with security operations, computer network defense or intelligence analysis
- Passion for IT security
- General IT background (networking, OS, applications)
- 6 days at work (2 mornings, 2 afternoons, 2 nights)
- 4 days off afterwards