SOC Analyst Job Description
SOC analyst
provides threat management overview for firewalls, intrusion detection systems, enterprise anti-virus and log monitoring tools.
SOC Analyst Duties & Responsibilities
To write an effective SOC analyst job description, begin by listing detailed duties, responsibilities and expectations. We have included SOC analyst job description templates that you can modify and use.
Sample responsibilities for this position include:
Configure, manage, and upgrade Firewall (FW), Intrusion Detection Systems (IDS), Internal Vulnerability Scanners (IVS), and Intrusion Protection Systems (IPS) platforms
Analyze and respond to security events from FWs, IDS, IPS, AV and other security data sources
Monitoring and responding to security events from our SIEM
Creating new alert rules and logic to detect events of interest
Assisting in the design, documentation, and execution of security awareness programs
Participating and risk-based analysis of security controls and requirements
Providing technical assistance to other IT functions with regards to security objectives and requirements
Enumerate all existing S/MIME, Wifi, SSL and Code Signing Certificates
Deploy updated root CA to integrate into existing intermediate CAs
Work with certificate owners to generate updated certificates via CSRs or an enrollment GUI
SOC Analyst Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for SOC Analyst
List any licenses or certifications required by the position: SANS, GIAC, GCFA, CEH, CISSP, OSCP, WLAN, GCIH, GSEC, GISF
Education for SOC Analyst
Typically a job would require a certain level of education.
Employers hiring for the SOC analyst job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Master's Degree in Computer Science, Information Technology, Education, Computer Engineering, Information Systems, Information Security, Engineering, Technical, Cyber Security, Associates
Skills for SOC Analyst
Desired skills for SOC analyst include:
IDS
Enterprise Anti-Virus
Full Packet Capture and Host/Network Threat Analysis
Threat Monitoring Procedures
Common and standard Internet protocols and applications
Splunk
Antivirus
Footholds
HTTP
Lateral movement
Desired experience for SOC analyst includes:
Experience with enterprise AV management solutions such as Symantec, McAfee EPO, Sophos
Bachelor's degree or an equivalent, relevant formal academic/vocational qualification
Cisco certifications are a big plus
Maintain and recommend enhancements to the security posture
Security related certifications (such as SANS GIAC, GSEC, CISSP, CISM, CEH, ) are a plus
Intermediate level functional understanding of the assigned retail business area (logistics, credit, and so forth) and how it interacts with other areas of the business and detail processes
SOC Analyst Examples
1
SOC Analyst Job Description
Job Description Example
Our innovative and growing company is searching for experienced candidates for the position of SOC analyst. To join our growing team, please review the list of responsibilities and qualifications.
Responsibilities for SOC analyst
- Update infrastructure with newly deployed CA certificates
- Update existing processes and policies around PKI
- Successful handling of Security Events and Incidents
- Recognition as an Information Security professional
- Keeping up to date with latest industry knowledge and trends
- Handles initial investigation of DDoS, Malware related alerts (JavaScripts, *.php )
- Handles initial investigation of Malware related alerts (JavaScripts, *.php )
- Monitoring and responding to security events from SIEM
- Respond in a timely manner (within documented SLA) to support tickets
- Be available, ready, and able to promptly handle incoming support calls in support of our contractual customer SLA’s
Qualifications for SOC analyst
- Intermediate level presentation and written and verbal communication skills
- Experience with HPOpenview, HP Insight, NetIQ, Lotus Notes and Clarify is a plus
- Experience in a Network Operating Center is a plus
- Bachelor's degree preferred and 2-4 years of experience of related experience and/or equivalent combination of education and experience
- Understanding of electronic investigation and log correlation Proficiency with the latest intrusion detection platforms
- Scripting or programming knowledge (Shell scripting, Power Shell, C, C#, Java)
2
SOC Analyst Job Description
Job Description Example
Our growing company is looking to fill the role of SOC analyst. Thank you in advance for taking a look at the list of responsibilities and qualifications. We look forward to reviewing your resume.
Responsibilities for SOC analyst
- Monitor the client's monitoring and alert systems
- Utilizing established policies, standards and procedures, determine which security alerts and notifications should be identified as information security incidents
- Officers, security managers, other security personnel and agency personnel to resolve minor security incidents as defined and directed
- Serve as initial recipient of information security and cyber-security vulnerability and threat information received from information systems and sources including but not limited to information system vulnerability monitoring tools, the Multi-State Information Sharing and Analysis Center (MS-ISAC), the Illinois Statewide Terrorism Intelligence Center (STIC), software and hardware vendors, and internal security personnel
- Monitor on-line information security related websites, blogs, articles, reports, other security intelligence sources to keep up-to-date on the latest security threats and trends
- Assist senior security personnel during incident response activities of more serious and/or complex security incidents
- Responsible for simultaneous multiple incident management and reporting
- Responsible for senior customer liaison
- Responsible for resource planning
- Responsible for personal development of team members
Qualifications for SOC analyst
- Event and Incident management
- Task activities
- Perform accurate and precise real-time analysis and correlation of logs/alerts from a multitude of
- Experience with UWCC and CA7/CA11 batch scheduling tools
- Basic understanding of SIEM technologies (HP ArcSight and McAfee ESM)
- Network+, CCENT, CCT, or other industry standard certifications in networking
3
SOC Analyst Job Description
Job Description Example
Our innovative and growing company is hiring for a SOC analyst. To join our growing team, please review the list of responsibilities and qualifications.
Responsibilities for SOC analyst
- Keep abreast of relevant technology changes and plan for new technology insertion
- Communication and follow-up of potential security risks detected by the SOC-infrastructure
- Primary interface to the SOC provider
- Manage security incidents identified by SOC infrastructure
- Respond to Security Incidents according to the Security Incident Response processes
- Run PMR processed for security incidents
- Process security events identified by the SOC environment
- Vulnerability management according to predefined processes
- Follow-up on mitigation of vulnerabilities
- Delivery of security reports according to KPIs to various stake-holders
Qualifications for SOC analyst
- Security+, GISF, GSEC, GCIA, CISSP, or other industry standard certifications in information security
- Security+, GCIA, CEH, CIH, or CISSP certification preferred
- SANS Security Essentials Bootcamp
- SANS Certified Incident Handler
- Ability to take direction from supervisors and/or lead workers
- Ability to utilize agency supplied materials/equipment (e.g., cell phone, laptop)
4
SOC Analyst Job Description
Job Description Example
Our growing company is hiring for a SOC analyst. If you are looking for an exciting place to work, please take a look at the list of qualifications below.
Responsibilities for SOC analyst
- Define and review reports/alerts in order to detect security policies/standard violations
- Ensure availability of SOC infrastructure/services
- Support of forensic analysis
- Participation in the evaluation of new technologies (HW and software) in respect to SOC
- Monitor intrusion detection and prevention systems and other security event data sources on the appointed shift
- Develop and utilize “Case Management” processes for incident and resolution tracking
- You will build up and improve real-time security monitoring and incident response framework as part of a newly established group
- Operating security infrastructure and technologies and establishing security monitoring processes
- Incident response protocols and constant improvement of security measures within the organization
- Utilize industry standard network and host forensic tools in order to fully understand the scope of an incident
Qualifications for SOC analyst
- Experience of working with a variety of delivery models
- Previous experience as a security analyst within a SOC
- Previous experience of working within a commercial environment
- Evidence of leading large distributed teams
- CREST – CRIA, CCHIA, CCNIA
- Experience with ISO27001 standards and ITIL framework
5
SOC Analyst Job Description
Job Description Example
Our growing company is hiring for a SOC analyst. To join our growing team, please review the list of responsibilities and qualifications.
Responsibilities for SOC analyst
- Handle user reported cases of potential phishing, and spear phishing campaigns
- Research, and analyze wide variety of commodity and APT based malware and techniques
- Search our existing infrastructure for signs of malware, and malicious events not detected by our existing security controls
- Help develop, implement, and maintain SOC policies, processes and procedures
- Consolidate and conduct comprehensive analysis of threat data obtained from classified, proprietary, and open source resources to provide indication and warnings of impending attacks against agency unclassified networks
- Perform cyber and technical threat analyses of hostile nation‐states, hacker groups, terrorist organizations and other bad actors able to do harm to NRC networks
- Conduct link analysis of technical data using software tools to identify trends in attacks, targeting, and timing of suspicious/malicious activity
- Produce situational, incident‐related reports on cyber threats that could affect agency networks
- Assist the Government in tracking and reporting trends on APT attacks and intrusion incidents
- Perform advanced analyses of potentially malicious activities that have occurred, or are believed to have occurred, on the agency network
Qualifications for SOC analyst
- A good knowledge in networking technology and network security
- High school diploma or GED and combination of six years related post-secondary education and/or experience in Information Security or Information Technology
- Subject Matter Expert (SME) in security domains
- Demonstrate experience related to TCP/IP, networking, packet analysis, malware prevention, threat detection, incident response, reporting, and general IT infrastructure
- Possess a firm understanding of business risks, information security principles, controls, and technologies
- Solid working knowledge and understanding of multiple operating systems and commands, understanding of IT security and network best practices and software/hardware solutions