SOC analyst job description, salary, and certification>
CSO Online, from IDG – Josh Fruhlinger
Working as an analyst in a security operations center is a first infosec job for many, and can be a career path stepping stone. The Prelude Institute describes SOC analysts as “watchdogs and security advisors,” which is a good way to capture their dual roles: they both keep an eye out for attacks in progress and try to figure out ways to beef up defenses to prevent or mitigate future attacks. The key thing to remember is that, as Jonathan Gonzalez, Lead Member of Technical Staff at AT&T says in this interview, “There’s no such thing as an entry-level job in cybersecurity.” Most people work for at least a year or two in networking or some similar IT discipline before moving over to a security job. The EC-Council’s blog has a detailed breakdown of the differences among those tiers, but to sum up: ⢠Tier 1 SOC analysts are triage specialists who monitor, manage, and configure security tools, review incidents to assess their urgency, and escalate incidents if necessary. ⢠Tier 2 SOC analysts are incident responders, remediating serious attacks escalated from Tier 1, assessing the scope of the attack and affected systems, and collecting data for further analysis. Tier 3 SOC analysts are threat hunters, working proactively to seek out weaknesses and stealthy attackers, conducting penetration tests, and reviewing vulnerability assessments. There are also SOC engineers, who are responsible for building and maintaining the systems that the analysts use, and at the top of the heap are SOC managers, who oversee the entire operation. The EC-Council describes the top-level skills a SOC analyst needs as follows: ⢠Network defense ⢠Ethical hacking ⢠Incident response ⢠Computer forensics ⢠Reverse engineering We’ve established that on-the-job experience from within IT is what you most need to get a SOC analyst job. But there are certifications out there that can signal your knowledge base to potential employers, and plenty of online education and training resources you can use to study up for them. Our favorite piece of advice: “Competent analysts donât use buzzwords. They demonstrate an in-depth understanding of each step, each mechanism and object as well as the authentication framework.” It can be difficult to parse out SOC analyst salaries from the aggregated data on security analysts generally, but as of March 2020 Glassdoor estimated the average base pay at around $71,000 a year, with a range between $50,000 and $97,000.
Link: https://www.csoonline.com/article/3537510/soc-analyst-job-description-salary-and-certification.html