Security Operations Center Analyst Job Description
Security operations center analyst
provides SIEM services based on a variety of platforms such as LINUX servers, firewalls, proxy servers, IP phone systems, IDS, antivirus, authentication based event logs, application firewalls, Windows servers & workstations.
Security Operations Center Analyst Duties & Responsibilities
To write an effective security operations center analyst job description, begin by listing detailed duties, responsibilities and expectations. We have included security operations center analyst job description templates that you can modify and use.
Sample responsibilities for this position include:
Act as a lead throughout incident scenarios and provide subject matter expertise in cybersecurity incident response
Conduct host based and network forensics, log analysis and malware triage supporting incident response
Work with application owners to determine log based monitoring requirements and develop rules in SPLUNK to detect anomolies
Execute incident response process when a security incident has been declared
Services monitored and delivered include, but are not limited to SIEM, IDS/IPS, Firewall, Web Content Filtering, Data Leak Prevention (DLP), Proxy, and Security Event Correlation and Reporting to appropriate Tier 2 incident handling staff or relevant sources to determine increased risk to the business
Work closely with rest of Corporate IT (CIT) Security team to ensure all security protection measures, policies, and procedures, including general IT standards, are implemented and functioning as planned globally
Keep current in IT Security and IT trends and technologies by reading/following security industry publications and networking with other security professionals
Responsible for the successful execution of incident handling procedures direct response to security incidents
Analyze and identify technical and procedural vulnerabilities, providing recommendations that enable timely remediation
Maintain current knowledge of and recognize attacker tools, tactics, and procedures to produce indicators of compromise (IOCs) that can be utilized during active and future investigations
Security Operations Center Analyst Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Security Operations Center Analyst
List any licenses or certifications required by the position: GIAC, CISSP, SANS, GCIH, CEH, GCIA, CISA, CISM, MCSE, CCNA
Education for Security Operations Center Analyst
Typically a job would require a certain level of education.
Employers hiring for the security operations center analyst job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and University Degree in Computer Science, Information Systems, Information Technology, Education, Computer Engineering, Technology, Technical, Information Security, Engineering, Applied Mathematics
Skills for Security Operations Center Analyst
Desired skills for security operations center analyst include:
IDS/IPS
Firewalls
Incident response
Operating systems
Business continuity and emergency response
Crisis management
Splunk
TCP/IP
Authentication Software
Bluecoat
Desired experience for security operations center analyst includes:
Obtaining system statistics such as CPU, memory, disk, network interface utilization
Be able to handle deep technical issues on customer calls
Be able to mentor other team members
Good interpersonal, and organizational skills, phone and customer service skills
Analyze and assess security incidents and escalate to client resources or appropriate internal teams
Basic knowledge in Managed SIEM Service
Security Operations Center Analyst Examples
1
Security Operations Center Analyst Job Description
Job Description Example
Our company is growing rapidly and is looking to fill the role of security operations center analyst. To join our growing team, please review the list of responsibilities and qualifications.
Responsibilities for security operations center analyst
- Ensures Service Operations processes (incident, request and event) processes are being executed correctly and with quality
- Proactively document and implement correlation opportunities
- Participate in enterprise patching activities to ensure systems are compliant and vulnerabilities are mitigated
- Monitor systems real time to identify issues, problems, and attacks before they impact Duke Medicine services or patient information
- Correlate events across multiple data sources and detect patterns for event correlation
- Reviews and participates in ticket quality activities and address areas that need improvement
- Review operational performance metrics with the management team to determine areas of improvement
- Resolve complex problems through advanced analysis and troubleshooting with minimum supervision
- Considered an expert resource in the security operational area
- Demonstrate advanced understanding of security programs, tools and best practices
Qualifications for security operations center analyst
- Take ownership of and troubleshoot tickets generated by the health monitoring system (Tickets
- Rudimentary understanding of intrusion detection, firewall operations, and other general security
- Bachelor’s degree is required, preferably in Information Technology, Business, Supply Chain or related field
- Minimum of 2 years full-time work experience in IT consisting of at least 1 year doing windows systems administration, and includes experience with Active Directory, DNS, and network routing
- 4+ years experience working in a Security Operations Center
- Strong written and verbal communication skills, must be able to articulate complex technical analysis to both technical and non-technical audiences
2
Security Operations Center Analyst Job Description
Job Description Example
Our growing company is looking to fill the role of security operations center analyst. Please review the list of responsibilities and qualifications. While this is our ideal list, we will consider candidates that do not necessarily have all of the qualifications, but have sufficient experience and talent.
Responsibilities for security operations center analyst
- Operate SEIM (Trustwave) consoles in order to monitor the environment for events of interest
- Perform analysis of security logs in an attempt to detect unauthorized access
- Participate in the creation, modification and maintenance of all SOC policies and procedures
- Tier 1 security event monitoring and device oriented activities in the SOC with guidance of short-term projects such as upgrades, migrations and implementations on the part of the tier 3 and 4 staff
- Monitor IT defense perimeter and scanning infrastructure and communicate security events and incidents to applicable Computer Emergency Response Team personnel and/or management
- Perform reviews/audits of mixed UNIX and Microsoft Windows environments, including network devices, databases, web services, and enterprise applications
- Coordinate with infrastructure support teams to maintain/trouble shoot defense perimeter and monitoring integrity
- Working rotational shifts (1st, 2nd or 3rd)
- Monitoring telephones and operating radios and computer equipment in the security operations center
- Interacting routinely with employees, executives and contractors
Qualifications for security operations center analyst
- Good knowledge of Windows, Linux and Unix
- Knowledge of Intrusion Detection and Prevention techniques
- Knowledge of vulnerability scanners such as Nessus, Tenable
- Demonstrated experience with access control systems such as Active Directory and Virtual Private Network (VPN)
- Working knowledge of Tivoli, IBM End Point Manager
- Strong interpersonal and communication skills (verbal and written with both technical and non-technical staff)
3
Security Operations Center Analyst Job Description
Job Description Example
Our growing company is looking to fill the role of security operations center analyst. To join our growing team, please review the list of responsibilities and qualifications.
Responsibilities for security operations center analyst
- Providing oversight to the contract security staff as directed by the Security Supervisor
- Initiating and directing the appropriate response to security and facility-related incidents
- Answering multiple phone lines promptly, politely, and professionally
- Accurately recording information and details of events/incidents reported to security
- Building and maintaining effective relationships with others
- Functioning effectively in a team environment
- Processing and issuing access credentials to employees and contractors
- Providing security-related service to internal customers
- Monitoring and directing the appropriate response and notification requirements for various security alarm systems
- Directing emergency and non-emergency response to site-related situations
Qualifications for security operations center analyst
- Successful candidates will possess a solid understanding of information technology and security best practices
- Able to handle work pressure while remaining detail oriented
- CISSP and SANS (GSEC) certification preferred
- Understanding of statistical analysis tools such as R, Weka preferred
- Bachelor’s degree from an accrediated college or unviersity required
- Experience participating in Tier 1-3 SOC Teams including vulnerability management, incident handling and forensics
4
Security Operations Center Analyst Job Description
Job Description Example
Our company is growing rapidly and is searching for experienced candidates for the position of security operations center analyst. To join our growing team, please review the list of responsibilities and qualifications.
Responsibilities for security operations center analyst
- Monitoring the operation of security equipment for all Houston locations and coordinate service when required
- Maintaining computer-generated reports and informational databases, including the incident reporting application
- Handling of sensitive and confidential information with limited supervision
- Help coordinate and report on cyber incidents impacting the client
- This position involves critical duties and responsibilities that must continue to be performed during crisis situations and contingency operations, which may necessitate extended hours of work as Analyst will be working in a 24x7 Security Operation Center (SOC) environment
- Provide expertise on engagements related but not limited to Operations & Maintenance, Helpdesk Operations, Software and Application Development and Maintenance, Financial Operations, and Project and Acquisition Management
- Answers, documents, and responds to calls coming in on the Critical Incident Phone Line
- Understand and maintain the appropriate knowledge of tools, security procedures, and services within the SOC, ensuring all tools are functioning properly
- Oversee and ensure P1 and P2 incidents are handled according to operational procedures
- Keep current with emerging security threats and risks
Qualifications for security operations center analyst
- Demonstrated written and oral communication skills with the ability to effectively communicate with information technology professionals senior management and auditors, assessors, and consultants
- Results driven individual who can manage assignments based on criticality, in a timely and professional manner
- U.S. Citizen in possession of a valid U.S. Passport
- Experience developing and documenting processes and procedures related to IT security operations
- Bachelor’s Degree in CS / IS / ISS, or equivalent technical experience
- Bachelor’s degree in computer science, information systems security or other IT related field from an accredited institution preferred, additional experience in place of degree will be considered
5
Security Operations Center Analyst Job Description
Job Description Example
Our growing company is looking to fill the role of security operations center analyst. Thank you in advance for taking a look at the list of responsibilities and qualifications. We look forward to reviewing your resume.
Responsibilities for security operations center analyst
- Provide guidance and support to all SOC personnel and ensure that each individual has a clear understanding of SOC policies and procedures their individual responsibilities
- Assist Analysts in monitoring network traffic and security alerts for potential events/incidents trending and historical analysis and complete ticket audits and reviews
- Mentor and guide personnel growth into roles which align with the needs of the SOC
- Provide support to security operational teams on escalated incidents including troubleshooting, analysis and resolution
- Stay informed of current events in the security industry including the latest exploits and threats preventative measures, remediation, and restoration techniques
- Provide continuous Security Threat Analysis for Antivirus, Malware, and Ransomware attacks across multiple platforms
- Research security threats in our customer environments
- Update rules and use cases to ensure proactive protection of our customer's IT environments
- Ensure quality service delivery and professional service management is provided to our customer
- Produce standard and custom reports to meet service level and operational level agreements
Qualifications for security operations center analyst
- Experience on a Computer Incident Response Team (CIRT)
- At lease one year of experience with security operations, computer network defense or intelligence analysis
- Passion for IT security
- General IT background (networking, OS, applications)
- 6 days at work (2 mornings, 2 afternoons, 2 nights)
- 4 days off afterwards