Security Operations Center (SOC) Analyst Job Description Template
Our company is looking for a Security Operations Center (SOC) Analyst to join our team.
Responsibilities:
- Develop new signatures and correlated searches based on a variety of requirements;
- Document work within a security operations ticketing system;
- Identify data sources and analytics for inclusion into SIEM;
- Manage and administer a SIEM, develop reports and other capabilities to support the needs of our clients;
- Security test and evaluation;
- Development of security policies, processes and procedure;
- Development and delivery of presentations;
- STIG/Checklist auditing;
- Security monitoring, analysis and incident response;
- Workload estimating;
- Tracking, and reporting of security patch/upgrade implementation;
- Conducting security audits;
- Scheduling, execution and tracking of vulnerability remediation activities;
- Security product trade studies;
- Information gathering, port and vulnerability scanning and analysis according to policy.
Requirements:
- Direct experience with any SIEM or log aggregation system, Splunk preferred;
- Knowledge of security monitoring technologies and cored security principles;
- Scripting skills in any common language (Python, Perl, Bash or Powershell) is a plus;
- Ability to review captured network traffic, and compare against the contents of a security alert to verify the nature of the detection;
- Experience analyzing Firewall, IDS, IPS, DNS, DHCP, Web Proxy, Anti-Virus and SMTP data for security-related concerns and events;
- Skilled at using multiple operating systems;
- Ability to suggest technical solutions to complicated problems;
- Experience and familiarity with IT management products and services.