SOC Analysts – The Front line

It is important to know that being vigilant is a very important trait in the field of information security, in this article we will discuss about SOC Analysts, whose main role is first of all to be vigilant and for that reason, they are also called “ The Front line “ of security.

The fields of cyber and information security are very wide and are expanding with each passing day, due to the ever-increasing threats (Thank the hackers for creating a job for us).

At the same time as the changing reality, new areas of responsibility are added for those involved in the security profession and job definitions are changing and flexible, sometimes you can find holders of different degrees performing the same tasks, or holders of identical degrees performing completely different tasks on a daily basis, according to the needs of the organization in which they work.

One of the professions that grew out of the needs in information security (and stars in many information security job ads) is an information security analyst, who are also called SOC Analysts.

‘Always alert’

SOC, which stands for Security Operating Center (also called SIEM – Security Information and Event Management) constitutes the monitoring and control center of the organization’s information security.

The activity of this center is usually carried out in a continuous format at all hours of the day (and night) and all days of the year in order to provide uninterrupted protection for the organization’s information assets. All the information security officials in the organization work from this center, and probably also its analysts.

As mentioned before, SOC Analysts are on the front line of cyber defense, detecting and responding to many cyber attacks/event in real time, which shows how important their vigilance is to the proper performance of their duties.

SOC analysts responsibilities include :

  • Analyzing threats and vulnerabilities, they sometimes make these types of assessments before events takes place in order to prevent them.
  • Investigating, documenting, and reporting on any information security issues – A thing that splits in two :
    1. Since they are the first to deal with such incidents, it’s important that their documentation and reporting to be accurate so that others will understand what happened exactly and, in addition, to draw the best conclusions.
    2. Since they are always present and alert, part of their job is to prepare and update the defense of the system also against new threats that are discovered every moment.
  • Recovery – No wall is impenetrable, and because of that, the chances that an attack on us will not happen are very slim, so the analysts must always be prepare in case of a failure and act immediately to minimize the damage done and return the system to normal as soon as possible.

There are several types of SOC Analysts.

The main two are Security Analyst and Network Behavior Analyst. Sometimes, there are analysts who do both roles.

  • Security Analyst – The role of an information security analyst focuses on protecting organizational information from risks lurking outside the organization (attacks will usually come from “outside”).
  • Network Behavior Analyst – Compared to a security analyst, this type of analyst will deal with Behavior Analysis. A network behavior analyst may find himself focused on monitoring the security of the internal network in the organization, monitoring it’s traffic and checking for anomalies of a particular department or of the entire organization, this means that the attacks can come from within the organization itself!

It can be said with certainty that the threshold requirements for such a position is can range from a thorough familiarity with operating systems and communication systems, to having a background working with various programming languages.

Sometimes, the candidate interviewing for a position is required to present a bachelor’s degree in computer science or formal certificates of certain training he has undergone in the field.

I’m sure that if you’re here, then you already know more or less what a SOC analyst does.

So yes, the money do talks – but so are the headaches involved.

Stay alerted, choose Kayran.

Passwords 101

Unlike basketballs, “passwords” are things we don’t want to be passed around, especially in a society built around the idea that “mystery” is appealing. We

Read More »

Red Team

You’ve probably heard that there are teams in the Cyber field called Red Team and Blue Team. Let’s talk about the red one, shall we?

Read More »