Job Description

What is a SOC analyst? SOC analysts can be understood as the first point of contact to any incident/threat in basic terms. SOC stands for Security Operations Center, and it consists of multiple analysts who work 24x7 rotational shifts to fight against threats that could harm an organization. A SOC analyst generally is responsible for assessing the endpoints and look for vulnerabilities using various tools and technologies. However, the role of a SOC analyst is not limited to this: SOC Analyst Job Duties and Responsibilities: Evaluate critical security incidents using detection tools. Investigate event alerts and logs from multiple endpoints. Analyze and co-relate logs from the firewall, IDS/IPS, AVs, O365, etc. Work in a 24x7 pro-active environment and respond to security alerts. Document and report incidents/offenses to the clients. Use Endpoint detection tools to detect malware across the client s environment. Maintain and send monthly, weekly reports and other client-specific documentation. Work on industry standard SIEM solutions to analyze incidents and create complex indexed searches. Using analytical skills to whitelist False Positives incidents. Keep yourself updated on security news/vulnerabilities and compose a set of Use Cases. Use basic scripting knowledge to automate processes. Onboarding new clients from scratch and configuring their network environment. Identifying compromised Endpoints by analyzing payloads/logs and notifying clients. Work on latest security technologies, including Email filtering, Compliance and Patch management, Syslog management, MDR, and SIEM.