What is SOC Analyst ? SOC analysts are the first responders to cyber-incidents. They report cyber threats and then implement changes to protect an organization. Job duties include: Provide threat and vulnerability analysisInvestigate, document and report on information security issues and emerging trendsAnalyze and respond to previously undisclosed software and hardware vulnerabilitiesPrepare organizational disaster recovery plans Why Do Companies need Penetration test ? Building a Security Operations Center (SOC) from scratch or revamping an underperforming one is a daunting leadership challenge. Of all the tasks you have to think about, finding and hiring a set of SOC analysts with the right skill set has to be a top priority. Proactive detection of malicious network and system activity.Threat awareness to adjust defenses before the threat hits you.Vulnerability management to see what may be vulnerable on your network to new threats before you get hit with them.Awareness of hardware and software assets running on your network so you can be aware of developing threats to them.Log management to give you and any authorities the ability to complete forensics if you do incur an incident or breach. What Tools do SOC Analysts use ? As SOC Analyst is part of Security Operation Center (SOC), A modern SOC cannot operate without security tools. Traditional tools used in the SOC include: Security information and event management (SIEM)Governance, risk and compliance (GRC) systemsVulnerability scanners and penetration testing toolsIntrusion detection systems (IDS), intrusion prevention systems (IPS), and wireless intrusion preventionFirewalls and next-generation firewalls (NGFW) which can function as an IPSLog management systems (commonly as part of the SIEM)Cyber threat intelligence feeds and databases What are SOC Analyst professional Certifications ? Security certifications look good on résumés, but they’re not always necessary for certain positions – check the job requirements. In addition, some of these certifications (e.g. CISSP) require a number of years of experience: EC-Council: (CEH, CySA+, ECSA)GIAC Security Certifications: GSEC / GCIH / GCIA: What are the skills required for SOC Analyst ? Threats to cybersecurity are always changing, as are solutions. Information security analysts have to continually update their knowledge of the latest data-protection news, cybersecurity legislation, and practices and techniques. A good information security analyst seeks out this information and uses it to shape his or her problem-solving strategies. Below minimal required skills for SOC Analyst: Administers Information Security Software and ControlsAnalyze Security System Logs, Security Tools, and DataCommunicate Up, Down, and Across All Levels of the OrganizationCreate, Modify, and Update Intrusion Detection Systems (IDS) Create, Modify, and Update Security Information Event Management (SIEM) ToolsEvaluate and Deconstruct Malware SoftwareExperience With Intrusion Prevention SystemsFamiliar with Security Regulations and StandardsInstall Firewall and Data Encryption Programs