SOC Analyst Job Description
SOC Analyst Duties & Responsibilities
To write an effective SOC analyst job description, begin by listing detailed duties, responsibilities and expectations. We have included SOC analyst job description templates that you can modify and use.
Sample responsibilities for this position include:
SOC Analyst Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for SOC Analyst
List any licenses or certifications required by the position: SANS, GIAC, GCFA, CEH, CISSP, OSCP, WLAN, GCIH, GSEC, GISF
Education for SOC Analyst
Typically a job would require a certain level of education.
Employers hiring for the SOC analyst job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Master's Degree in Computer Science, Information Technology, Education, Computer Engineering, Information Systems, Information Security, Engineering, Technical, Cyber Security, Associates
Skills for SOC Analyst
Desired skills for SOC analyst include:
Desired experience for SOC analyst includes:
SOC Analyst Examples
SOC Analyst Job Description
- Update infrastructure with newly deployed CA certificates
- Update existing processes and policies around PKI
- Successful handling of Security Events and Incidents
- Recognition as an Information Security professional
- Keeping up to date with latest industry knowledge and trends
- Handles initial investigation of DDoS, Malware related alerts (JavaScripts, *.php )
- Handles initial investigation of Malware related alerts (JavaScripts, *.php )
- Monitoring and responding to security events from SIEM
- Respond in a timely manner (within documented SLA) to support tickets
- Be available, ready, and able to promptly handle incoming support calls in support of our contractual customer SLA’s
- Intermediate level presentation and written and verbal communication skills
- Experience with HPOpenview, HP Insight, NetIQ, Lotus Notes and Clarify is a plus
- Experience in a Network Operating Center is a plus
- Bachelor's degree preferred and 2-4 years of experience of related experience and/or equivalent combination of education and experience
- Understanding of electronic investigation and log correlation Proficiency with the latest intrusion detection platforms
- Scripting or programming knowledge (Shell scripting, Power Shell, C, C#, Java)
SOC Analyst Job Description
- Monitor the client's monitoring and alert systems
- Utilizing established policies, standards and procedures, determine which security alerts and notifications should be identified as information security incidents
- Officers, security managers, other security personnel and agency personnel to resolve minor security incidents as defined and directed
- Serve as initial recipient of information security and cyber-security vulnerability and threat information received from information systems and sources including but not limited to information system vulnerability monitoring tools, the Multi-State Information Sharing and Analysis Center (MS-ISAC), the Illinois Statewide Terrorism Intelligence Center (STIC), software and hardware vendors, and internal security personnel
- Monitor on-line information security related websites, blogs, articles, reports, other security intelligence sources to keep up-to-date on the latest security threats and trends
- Assist senior security personnel during incident response activities of more serious and/or complex security incidents
- Responsible for simultaneous multiple incident management and reporting
- Responsible for senior customer liaison
- Responsible for resource planning
- Responsible for personal development of team members
- Event and Incident management
- Task activities
- Perform accurate and precise real-time analysis and correlation of logs/alerts from a multitude of
- Experience with UWCC and CA7/CA11 batch scheduling tools
- Basic understanding of SIEM technologies (HP ArcSight and McAfee ESM)
- Network+, CCENT, CCT, or other industry standard certifications in networking
SOC Analyst Job Description
- Keep abreast of relevant technology changes and plan for new technology insertion
- Communication and follow-up of potential security risks detected by the SOC-infrastructure
- Primary interface to the SOC provider
- Manage security incidents identified by SOC infrastructure
- Respond to Security Incidents according to the Security Incident Response processes
- Run PMR processed for security incidents
- Process security events identified by the SOC environment
- Vulnerability management according to predefined processes
- Follow-up on mitigation of vulnerabilities
- Delivery of security reports according to KPIs to various stake-holders
- Security+, GISF, GSEC, GCIA, CISSP, or other industry standard certifications in information security
- Security+, GCIA, CEH, CIH, or CISSP certification preferred
- SANS Security Essentials Bootcamp
- SANS Certified Incident Handler
- Ability to take direction from supervisors and/or lead workers
- Ability to utilize agency supplied materials/equipment (e.g., cell phone, laptop)
SOC Analyst Job Description
- Define and review reports/alerts in order to detect security policies/standard violations
- Ensure availability of SOC infrastructure/services
- Support of forensic analysis
- Participation in the evaluation of new technologies (HW and software) in respect to SOC
- Monitor intrusion detection and prevention systems and other security event data sources on the appointed shift
- Develop and utilize “Case Management” processes for incident and resolution tracking
- You will build up and improve real-time security monitoring and incident response framework as part of a newly established group
- Operating security infrastructure and technologies and establishing security monitoring processes
- Incident response protocols and constant improvement of security measures within the organization
- Utilize industry standard network and host forensic tools in order to fully understand the scope of an incident
- Experience of working with a variety of delivery models
- Previous experience as a security analyst within a SOC
- Previous experience of working within a commercial environment
- Evidence of leading large distributed teams
- CREST – CRIA, CCHIA, CCNIA
- Experience with ISO27001 standards and ITIL framework
SOC Analyst Job Description
- Handle user reported cases of potential phishing, and spear phishing campaigns
- Research, and analyze wide variety of commodity and APT based malware and techniques
- Search our existing infrastructure for signs of malware, and malicious events not detected by our existing security controls
- Help develop, implement, and maintain SOC policies, processes and procedures
- Consolidate and conduct comprehensive analysis of threat data obtained from classified, proprietary, and open source resources to provide indication and warnings of impending attacks against agency unclassified networks
- Perform cyber and technical threat analyses of hostile nation‐states, hacker groups, terrorist organizations and other bad actors able to do harm to NRC networks
- Conduct link analysis of technical data using software tools to identify trends in attacks, targeting, and timing of suspicious/malicious activity
- Produce situational, incident‐related reports on cyber threats that could affect agency networks
- Assist the Government in tracking and reporting trends on APT attacks and intrusion incidents
- Perform advanced analyses of potentially malicious activities that have occurred, or are believed to have occurred, on the agency network
- A good knowledge in networking technology and network security
- High school diploma or GED and combination of six years related post-secondary education and/or experience in Information Security or Information Technology
- Subject Matter Expert (SME) in security domains
- Demonstrate experience related to TCP/IP, networking, packet analysis, malware prevention, threat detection, incident response, reporting, and general IT infrastructure
- Possess a firm understanding of business risks, information security principles, controls, and technologies
- Solid working knowledge and understanding of multiple operating systems and commands, understanding of IT security and network best practices and software/hardware solutions