|Senior Cyber Security Analyst|
|Cyber Security Analyst|
|HTM Senior Information Security Analyst|
|Mayo Clinic||Rochester, Mississippi, United States||07/06/2022|
|Senior Security Analyst|
|Accenture||Herndon, Virginia, United States||06/06/2022|
|Cyber Security Analyst (Hybrid)|
|Sunbelt Rentals||Fort Mill, South Carolina, United States||05/06/2022|
|Sr. IT Security Analyst - Security Programs & Policies|
|The Federal Reserve Bank of San Francisco||San Francisco, California, United States||01/06/2022|
|Cyber Security Analyst - Active Clearance Required|
|Lawrence Livermore National Laboratory||Livermore, California, United States||29/05/2022|
|Cyber Security Analyst II/III|
|Federal Reserve Bank of Chicago||Cleveland, Ohio, United States||29/06/2022|
|Senior Information Security Analyst|
|Wells Fargo||Charlotte, North Carolina, United States||22/06/2022|
|Senior Information Security Analyst|
|Wells Fargo||Minneapolis, Minnesota, United States||22/06/2022|
A SOC Analyst is part of a team of analysts within a security operations center that monitors and fights threats to a companies IT infrastructure. They also assess security systems and find weaknesses and improvements to them. SOC stands for security operations center. This is typically the name of the team an analyst would be a part of, which is made of multiple analysts and other professionals.
This is a great stepping stone into the cybersecurity field from an IT position. This position can be demanding and repetitive. A SOC Analyst position can be held by “infosec” (procedures and measures that are used to protect digital information from unauthorized use or access) beginners or by pros in the field.
Prelude Institute gave a great description of what a SOC Analyst is, saying that “SOC analysts act as watchdogs and security advisors.” Their job is all about protecting data when it is under attack and finding ways to keep it safe.
There are many responsibilities for SOC analysts. They are the first cybersecurity professionals that respond to incidents and attacks on a company’s IT systems. Here is a list of a few of them:
The SOC analyst is the last line of defense against cybercriminals. As mentioned above, they work with a team composed of security managers and cybersecurity engineers. The team then answers to the company’s Chief Information Security Officer (CISO).
Ultimately, the level of responsibility will depend on the size of the company. A candidate will have to weigh the amount of responsibility they are comfortable with when applying for a position.
There is typically a four-tiered system to rise up in the SOC Analyst career field. Here’s a breakdown of each tier and their general responsibilities:
This would be considered an entry-level position for someone who wants to start an SOC analyst job and career path. This level is responsible for more of the day-to-day checks and reviews or systems. They will conduct a test to be sure an actual threat is occurring, as well as oversee and configure the security monitoring tools.
This job level has more responsibility in that they will take alerts and threats brought up by the tier one Support Security Analyst and analyze them. They use indicators of compromise (IOCs) and other rules to find the affected systems and determine how large the attack was.
They are also the ones that will attempt to find the perpetrator, the type of attack used, and what was impacted by the attack. They will then come up with a plan for containment and recovery of the lost data.
This level deals with critical incidents. They will run tests on systems to check the vulnerabilities and find ways to fix them. They focus most on vulnerabilities of a company’s organization and the best way to fix those before an attack. In the event of an attack, they will review alerts, threat intelligence, and security data. They will also identify threats, gaps, and vulnerabilities to a system that are currently unknown.
This is the highest-ranking of the four tiers. This position is responsible for handing out projects to subordinates. They will also prioritize the actions needed during each step in an incident. They are also the team member that will report to any stakeholders, internal or external, on any incidents that happen.
It is important to note that some SOC analysts will not start in a tier 1 position. Some will begin in an IT position and then make the switch to cyber security.
A SOC Analyst can work just about anywhere. There are positions in most major cities in the United States. Remote options are also available, although there are many more in-person positions open.
Like many jobs out there, employers looking for a SOC analyst want them to have experience in some form of IT. However, there are certifications and degrees to be obtained that will show an applicant’s qualifications.
When it comes to a college degree that will help obtain SOC analyst jobs, there are a few options. A bachelor’s in cybersecurity, information security, or a related field will provide the necessary background. An IT degree would also work for this position.
According to CSO, two certifications that can be helpful are the Cisco Certified CyberOps Associate and the Certified SCO Analyst (CSA). Both offer real-world experience and practice and will illustrate to potential employers the skills necessary for this position. However, CSO also mentions that many SCO analysts have recommended the EC-Council’s Certified Ethical Hacker.
Other skills and qualifications include:
On average, the typical SOC analyst will make $65,827 a year, according to Glassdoor. The average base pay is a little less at $51,836 a year. The typical scale will be between $32,000 and $141,000 a year. See our salary guide for more detailed information.