Security Operation Center SOC

What is SOC Analyst ? 

SOC analysts are the first responders to cyber-incidents. They report cyber threats and then implement changes to protect an organization.

Job duties include:

  • Provide threat and vulnerability analysis
  • Investigate, document and report on information security issues and emerging trends
  • Analyze and respond to previously undisclosed software and hardware vulnerabilities
  • Prepare organizational disaster recovery plans

Why Do Companies need Penetration test ? 

Building a Security Operations Center (SOC) from scratch or revamping an underperforming one is a daunting leadership challenge. Of all the tasks you have to think about, finding and hiring a set of SOC analysts with the right skill set has to be a top priority.

  • Proactive detection of malicious network and system activity.
  • Threat awareness to adjust defenses before the threat hits you.
  • Vulnerability management to see what may be vulnerable on your network to new threats before you get hit with them.
  • Awareness of hardware and software assets running on your network so you can be aware of developing threats to them.
  • Log management to give you and any authorities the ability to complete forensics if you do incur an incident or breach.

What Tools do SOC Analysts use ?

As SOC Analyst is part of Security Operation Center (SOC), A modern SOC cannot operate without security tools. Traditional tools used in the SOC include:

  • Security information and event management (SIEM)
  • Governance, risk and compliance (GRC) systems
  • Vulnerability scanners and penetration testing tools
  • Intrusion detection systems (IDS), intrusion prevention systems (IPS), and wireless intrusion prevention
  • Firewalls and next-generation firewalls (NGFW) which can function as an IPS
  • Log management systems (commonly as part of the SIEM)
  • Cyber threat intelligence feeds and databases

What are SOC Analyst professional Certifications ? 

Security certifications look good on résumés, but they’re not always necessary for certain positions – check the job requirements. In addition, some of these certifications (e.g. CISSP) require a number of years of experience:

  • EC-Council: (CEH, CySA+, ECSA)
  • GIAC Security Certifications: GSEC / GCIH / GCIA: 

What are the skills required for SOC Analyst ?

Threats to cybersecurity are always changing, as are solutions. Information security analysts have to continually update their knowledge of the latest data-protection news, cybersecurity legislation, and practices and techniques. A good information security analyst seeks out this information and uses it to shape his or her problem-solving strategies.

Below minimal required skills for SOC Analyst:

  • Administers Information Security Software and Controls
  • Analyze Security System Logs, Security Tools, and Data
  • Communicate Up, Down, and Across All Levels of the Organization
  • Create, Modify, and Update Intrusion Detection Systems (IDS) 
  • Create, Modify, and Update Security Information Event Management (SIEM) Tools
  • Evaluate and Deconstruct Malware Software
  • Experience With Intrusion Prevention Systems
  • Familiar with Security Regulations and Standards
  • Install Firewall and Data Encryption Programs