SOC Lead

Aeries Technology3.6
164 Reviews

7 - 12 years
10-20 Lacs P.A.
Hyderabad/Secunderabad, Bangalore/Bengaluru, Mumbai (All Areas)
Send me jobs like this
Posted: 24 days agoJob Applicants: 286

SOC Lead
Aeries Technology3.6
164 Reviews
Send me jobs like this
Job match score
Early Applicant
Keyskills
Location
Work Experience

Job description
Job Responsibilities:

 Manage and lead SOC operations, security incidents, investigations, threat detection
& preventions
 Implement and operationalise CSIRT, SOAR, SIEM, DLP, Network monitoring,
Forensic tools and etc.
 Well versed with well-known security frameworks such as ISO 27001:2013 / NIST
CSF / PCI DSS / ISO 22301 / STRIDE / MITRE / SSAE16 etc.
 Ensure key information security risks and issues are identified, addressed and
resolved in a timely manner.
 Acquire artifacts from a client or server during an investigation using different tools
 Assess efficacy of security controls, document and report control failures and gaps to
stakeholders. Provide remediation guidance and prepare management reports to track
remediation activities.
 Develop relevant metrics, analyse data, identify trends and help drive improvements
to the control environment
 Recommend security monitoring or device tuning to reduce false positive detections
 Build and run various phishing, vishing, smishing campaigns
  Must have experience working on following technologies: End point detection and
response, PowerShell, anti-virus, email security, Linux, DLP, deception tools, cloud
platform security
 Implement SOC Automation and mature operations excellence Roles and
Responsibilities

Skills:

 Strong security mindset

 Strong hands-on experience of the security technologies such as SIEM, APT threats,
VA/PT, Malware analysis, Forensics, Incident response tools, DLP, NGAV, EDR,
CASB, PIM/PAM, Firewall, Proxy, Email security, Cloud Security, WAF etc.
 Developing and implementing enterprise SOC, Blue team and Read teams with
incident response, forensics, threat haunting strategy and solutions
 Questions status quo and navigates through roadblocks
 Security project management and planning
 Defining problems, collecting and analyzing data, establishing facts and drawing valid
conclusions
 Using judgment and ingenuity in maintaining objectives and technical standards

Qualification:

 B.E/B.Tech/M.Tech/MS in relevant field i.e. computer science, cyber security etc.

 Strong knowledge of incident management, problem management, and change
management best practices.
 Relevant industry certification such as Certified SOC Analyst (CSA)/CHE/ CISSP /
SANS GSOC /GIAC/GCFA etc. (at least two) is highly desirable.
 Superior communication skills and ability to brief senior government officials.
 Overall 7+ years of Information Security / Cybersecurity experience.
 At least 4 years working in a security operations centre.
 Expertise with industry-standard frameworks (ISO, NIST, GDPR, PCI).
 Experience maintaining metrics and SLAs.

Role: Manager Information Security

Industry Type: IT Services & Consulting
Department: IT & Information Security
Employment Type: Full Time, Permanent
Role Category: IT Security
Education
UG: Any Graduate
Key Skills
Skills highlighted with ‘‘ are preferred keyskills
SOCSIEM
PCI DSSPCINistCSIRTSecurity Operations Center
Report this job
About company
Founded in 2012, Aeries is a global services company providing technology, business process
management and consulting services to some of the leading global organizations. We have a
proven track record of helping our clients identify and deliver significant bottom line
improvements using our expertise in finance, legal, HR and information technology related
services. Our unique business engagement model is purpose-built to offer our client partners
with best-in-class service through dedicated resources such as people, technology,
infrastructure, and top management support. For more information, log on
tohttp://www.aeriestechnology.com

Company Info
Address:3rd Floor, Sahas, Twin Towers Lane, Prabhadevi MUMBAI - 400025 Maharashtra,
India

SOC Analyst: Job Description, Roles &

Responsibilities
Blog Author

Zeshan Naz

Published

14th Jul, 2023

Views

8,015

Read Time

14 Mins

In this article

1. What is SOC?
2. What is a SOC Analyst?
3. What Does a SOC Analyst Do?
4. SOC Analyst Job Description
5. Roles & Responsibilities of SOC Analyst
6. SOC Analyst Skills and Qualifications
7. Top SOC Analyst Tools
8. SOC Analyst Career Path
9. Conclusion
10. Frequently Asked Questions (FAQs)
In this article

1. What is SOC?
2. What is a SOC Analyst?
3. What Does a SOC Analyst Do?
4. SOC Analyst Job Description
5. Roles & Responsibilities of SOC Analyst
6. SOC Analyst Skills and Qualifications
7. Top SOC Analyst Tools
8. SOC Analyst Career Path
9. Conclusion
10. Frequently Asked Questions (FAQs)

View All
SOC Analysts are a part of the modern-day security operation center teams that are an
inseparable part of every organization nowadays. As a member of the Security Operations
Center (SOC) team, an SOC analyst monitors, analyzes and responds to security issues. They
investigate attacks with other team members once they have been detected. The main purpose
of building a SOC unit with a SOC Analyst as its head is to build situational awareness in a
company and train employees for any security threat.

SOC Analyst job description includes implementing and incorporating multiple tools and
technologies. These tools and technologies help companies to find potential security threats,
analyze them, and inform the management about the same so that they can take effective
measures to resolve them. If you want to become a SOC Analyst and explore the field of
work, then you can register yourself for the best CISSP course, which will help you to
understand all the basics that a SOC Analyst performs.

What is SOC?
SOC stands for Security Operations Center, and it is a centralized unit for security operations
in a company. Every company builds a SOC team, and the main aim of this team is to
monitor, analyze and protect the company and its assets from any kind of security threats
such as cyber-attacks, data threats, viruses, malware, etc.
A SOC Analyst and the SOC team of a company protect the sensitive data and information of
a company that is stored in a computer device so that hackers do not get their hands on it and
uses this information for malicious activities and purposes. It may include important
company Data integrity of the systems or the company's confidential information.

The SOC team of a company is responsible for strategizing and implementing various
methods for maintaining an organization's cyber security, as it is the main point of contact for
preventing and avoiding cyber-attacks.

What is a SOC Analyst?

To understand 'what SOC Analysts do', you first need to know what a SOC Analyst is. A
SOC Analyst is a professional who deals with a company's cyber security and security
operations. They are the first to respond to and take action against cyber-attacks. They
identify, analyze and resolve the issues related to security.

They also inform the management about the cyber threats so that the stakeholders can take
necessary measures to ensure the security of the sensitive information and data of the
company from hackers and malicious activities.

SOC Analyst description can simply be provided to you as someone who reviews incident
notifications, after which they perform multiple vulnerability assessments so that they can
derive conclusions and report them to senior management. So, it is clear that if you want to
become a SOC Analyst, then you will have to take care of the security operations and data
safety of the company you are working in.

What does a SOC Analyst do?

A SOC Analyst has certain duties to perform that are essential for the daily operations of a
company. To understand 'what is an SOC Security analyst', you must understand his duties.
The following are the tasks that a SOC Analyst has to perform:

1. Constantly monitors the Networks and servers of the company.

2. Identifies any security breach that can harm the sensitive data and information of the
organization.
3. Analyzes the type of security threat that has attacked the company's security operations.
4. Effectively respond to the immediate threats to the security of the company.
5. Builds temporary fixes to eliminate security threats and restore the company's data and
information security.
6. Collaborate with other departments and team members to implement security procedures,
methods, and best practices.
7. Stay updated about the latest security threats.

SOC Analyst Job Description

A SOC analyst is in charge of monitoring and auditing the company's systems. They also
keep an eye on network traffic to ensure that no suspicious behavior is taking place. Here are
the responsibilities that come under a SOC analyst's job description:
  The purpose of a SOC analyst is to monitor an organization's IT infrastructure. This
includes monitoring security systems, apps, and networks for anomalies that could
suggest a breach or assault.
 A SOC analyst detects, assesses, and mitigates security threats. When SOC analyst
sees a threat, they will collaborate with their team to understand what caused the
anomaly within the system and how to avoid it in the future.
 A SOC analyst reacts and investigates the incidents. If necessary, the SOC analyst
will collaborate with other team members to conduct additional investigations into the
occurrence before reporting to law enforcement agencies. After thoroughly examining
each circumstance, they will share any new knowledge obtained about current cyber
threats or vulnerabilities inside their network so that future events can be avoided, if
possible, by immediate fixes.
 SOC analysts work with other team members to ensure that the company's protocols
are in place to continue functioning so that it may continue to operate safely and
securely. This involves both the implementation of new systems and the updating of
current ones as needed.
 Security audits are critical for ensuring the organization's security because they allow
you to uncover vulnerabilities before hackers or hostile actors can exploit them. A
SOC Analyst directly participates in these audits by assisting with preparing and
evaluating data afterward.
 SOC analysts must stay current on the most recent cyber risks to their firm's security,
whether by learning about fresh phishing scams or keeping track of which bad actors
are currently employing hacking tools. This understanding enables them to respond
promptly to potential concerns before they cause difficulties for your firm.

Roles and Responsibilities of SOC Analysts

The roles and responsibilities of SOC analysts are multiple in nature as they ensure the
security of the company operations, ensure that the sensitive data and information of an
organization are safe, they protect the company systems from hackers and malicious
activities. SOC Analyst roles and responsibilities include being enumerated as follows:
Implement and Manage Security Tools

SOC analysts have access to the company's important technologies to ensure important data
security and build a safe environment throughout the organization. Certain relevant security
tools are provided to them, and they are trained to handle and use them effectively. The most
common security tools include firewalls, threat and vulnerability management tools, data
security tools, intrusion detection and prevention technology, Data Analytics platforms, etc.

SOC Analysts also have access to forensic tools, which helps to ensure response
investigations to certain security incidents. SOC Analyst duties are important and can prove
efficient for the company and the analysts and help find those security threats that traditional
tools could not.

Investigate Suspicious Activities and Prevent Them

SOC analysts look within the IT systems and networks to find security threads with the help
of modern tools and technologies. They receive alerts from the SIEM that contain possible
security threats and compromises with protecting a company's data security. Analysts focus
on those alerts, analyze the extent of threats, and resolve them.

SOC professionals cannot stop threats from entering their security network completely, but
they can prevent them from spreading across all networks. The compromised network is
eliminated, and a new system is installed to restore the security system properly. The
correlation and validation of the alerts are an integral part of the security system that the SOC
Analysts perform.
Reduce Downtime and Ensure Business Continuity

Companies are very keen to ensure that their operations run with very less or no downtime.
Previously, professionals used to shut down the infected server to clean up the virus. Still,
today, companies cannot afford to shut down a server completely as it may harm business
operations and critical infrastructures.

If any breach of security happens, SOC Analysts are responsible for informing about the
same to the upper management so that they can take necessary actions. The redundancy of the
error is reduced, and in a way, security risks are mitigated before they cause any greater
damage.

Providing Security Services to the Organization as a Whole

The Roles and responsibilities of SOC Analysts include providing security services to the
organization in a centralized manner. They provide valuable insights to the upper
management of the company and help the stakeholders to take major steps so that they can
meet their goals. Multiple departments come together to assist SOC Analysts so that they can
take up the charge of maintaining the security of data and information throughout the
organization.

Responsibility for anything related to the company's security is on the shoulders of SOC
Analysts. If any security breach happens, they are the first ones to deal with it. A clear line of
authority and communication should be maintained throughout the organization to avoid
discrepancies in security operations.

Audit and Compliance Support

Another important role of SOC Analyst is to perform audit activities to meet compliance
requirements for other corporate, government, public offices, etc. Essential compliance
consists of access to patch levels, threat information, identity, and data access control.

Previously, SOC analysts used to create documentation and templates for performing audit
activities which were prone to errors and consumed a lot of time. Modern security leverage
tools, for instance, SIEM aggregates data related to security from across the company so that
it becomes easy for analysts to generate reports related to audits and compliance.

A SOC Analyst has to perform these roles and responsibilities so that they can prove to be an
asset to the company. Acquire the necessary certifications for Cyber Security to ace the
corporate world.

SOC Analyst Skills and Qualifications

You need a particular skill set to get a job in this discipline and have a flourishing career.
You need to acquire the following necessary skills to become a SOC Analyst:

1. Network Defenders: Defending the networks from possible security threats is one of the
major duties of a SOC Analyst. It will help you monitor, analyze, and eliminate security
threats from your network. The networks are prone to get infected as it is easy for hackers to
 attack them because they are connected to the internet. You should have the required skills
to protect your company's Networks from hackers' attacks.
2. Ethical Hacking: SOC professionals with knowledge of ethical hacking are always preferred in
any company. They must find out the probable threats and protect the security networks of
the company. You should also have a basic understanding of perpetrations, networks, web
applications, and testing to test systems to identify vulnerabilities.
3. Response to Incidents: As a SOC Analyst, you must know how to eliminate the malicious
activities that are taking place in your security systems and how to deal with incidents
involving security breaches. You may suggest changes in the companies' security systems so
they can stay protected from future threats.
4. Computer Forensics: To prevent your computer security system from any sort of Cybercrime,
as a SOC professional, you must become familiar with computer forensics. This will help you
collect, analyze and report security data to the company's upper management.
5. Reverse Engineering: With relevant skills in reverse engineering, you will also get the hang of
the given software program, derive conclusions from it, and help you patch a bug.

Required Qualification

To pursue a career as a SOC Analyst, it will be beneficial for you if you have a bachelor's
degree in the field of computer science or some other STEM-related subject. But even if you
do not belong to a science background, you can still become a SOC Analyst if you do certain
certification courses that are relevant to the particular discipline. Many analysts get into this
job by doing certain cybersecurity courses or registering for various boot camps. These
courses will help you understand how to identify and analyze data and its threats.

Top SOC Analyst Tools

There are multiple tools and technologies that can be used to create strong security protocols
in an organization. The most commonly used and top open-source SOC tools are stated as
follows:

1. Delta: This tool helps SOC Analysts to detect the possible issues and threats in a software-
defined network and can stop hackers from accessing your networks. It can analyze both
known and unknown network issues.
2. Honeynet: It helps SOC professionals to understand some of the common attacking patterns
used by hackers. It then designs strategies to protect the security systems and safeguard the
assets.
3. Lynis: It is a common tool used for UNIX systems. It helps experts to monitor and perform
utilities on the UNIX platform to identify their configurations and vulnerabilities.
4. Ettercap: It is one of the best tools for testing man-in-the-middle attacks. It helps to
understand the response to cyber-attacks.
5. Malte go: This tool offers a huge transformation library that helps deal with potential
security threats. It is generally used for data mining and link analysis.
6. Infection Monkey: This tool keeps track of the events that can happen if any hacker tries to
gain unauthorized access to your security system.
7. Snort: This tool installs an intrusion detection and prevention system that helps analysts
perform real-time cyber-attack analysis.
8. Vega: It is a web security scanner and a testing platform that runs a check on the different
web applications and other similar problems in scripting.
 9. OpenVAS: It is a scanner whose purpose is to identify the company assets and anomalies
that may make the network open to vulnerabilities and cyber-attacks.
10. Nagios: This tool allows the SOC Analysts to completely monitor the security networks,
connected servers, and infrastructure.

SOC Analyst Career Path

You must be wondering if you become a SOC Analyst then how much salary can you expect
to earn even if you step into this field of work? Will it be productive for you in the coming
years or not? So here is the answer to your dilemma:

SOC Analyst Salary

Here is the salary range which you can earn based on your level of experience:

 As a Fresher: At the entry-level, you can expect to earn an average annual salary of $81,787.
This salary range will continue till you gain at least 3 years of experience.
 With Minimum Experience: SOC Analysts in the mid-level earn an average salary of $90,537
per year.
 Senior Level: With years of experience working as a SOC Analyst, after 10 to 14 years of work
experience, you can expect to earn an annual salary of $1,19,749 every year.

Industry Growth

A SOC Analyst has an exciting career with many opportunities to excel and progress. It is a
rewarding career option with plenty of job titles and opportunities. you only have to have the
right side of skills and knowledge to reach the peak of your career along with relevant
experience. As the business industry is completely focused on becoming technologically
dependent, they are having more and more SOC Analysts so that they can protect the security
of their computer systems and sensitive data. Thus, it is a great career choice in recent times,
and it will only flourish in the coming years.

SOC Analyst Certification and Training

A basic requirement of being a SOC Analyst is to have a bachelor's degree in computer

science or Computer engineering and gain some practical experience in relevant roles. Apart
from that, you can do the following certification courses to make your resume a better one
than your competitors:

 Cisco Certified CyberOps Associate: It will enlighten you with the real-world tasks that are
performed in the SOC environment.
 EC-Council Certified SOC Analyst (CSA): It is a short course that is beneficial for SOC Analysts
at the entry-level.
 EC-Council Certified Ethical Hacker: It teaches to identify tools used by hackers, emerging
attack vectors, and practical experience in malware identification, analysis, etc.
 CompTIA Security+: It gives proper training to the candidates for performing the entire
security life cycle in modern IT environments.

Conclusion
Now you know what SOC Analyst means, their career opportunities, job descriptions, and
roles and responsibilities of a SOC Analyst. If you want to choose this flourishing discipline
as your career, then enroll yourself for KnowledgeHut best CISSP course that will help you
to gain in-depth knowledge and insights about what you will have to do as a SOC Analyst
and how you can protect sensitive data and information of your company.

Zeshan Naz
Blog Author

Zeshan Naz holds 6 years of work experience in Content Marketing. EdTech is her field of
expertise and she looks forward to helping more professionals get ahead in their careers.
Zeshan is an avid reader and in her leisure time, loves traveling around and exploring places.

Responsibilities
1. JOB PURPOSE

RESG/GTS is the entity in charge of the entire IT infrastructure of Société Générale.

The RESG/GTS/SEC/SOC department, which corresponds to the Société Générale SOC

(SOC SG), is in charge of operational detection, incident response and prevention activities
within the scope of GTS across the businesses. The mission of the SOC is to identify, protect,
detect, respond and using the security platforms for the detection/reaction and prevention and
resolution of security incidents. The SG SOC consists of Cyber Defense (incident
management) Cyber Tools (management of SOC tools including the SIEM), Cyber Control
(Prevention and Compliance) and Governance.
This role is for a SOC L3(Consultant) will be part of the GTS Security SOC team. In this
role, you will involved in supporting India and global regional needs. The objectives of the
Security Department (RESG/GTS/SEC) are to manage the strategy for all RESG/GTS in
terms of security, technical standards, processes and tools, and thus to cover many cross-
functional functions within the company and subsidiaries across all regions.

1. PRINCIPAL ACCOUNTABILITIES

(List the responsibilities/duties associated with the job and the major activities associated
with each responsibility. For each responsibility/duty listed, give the factors on which an
individual’s performance is judged).

 Lead and manage all high priority & Critical Security Incidents including end to end
incident mgmt.
 Support/help and guide the L1/L2 in managing complex issues/incidents
 Lead and engage in Study/POC of Tools and technologies aligning to the security
roadmap
 Will be an expert in 1 or 2 key security technologies/tools globally and be part of the
global SOC L3/Experts – Example Areas: Threat Hunting, Forensic Analysis, IPS,
EDR, DLP, etc.
 Contribution to the risk detection management approach, consistent with the SG
MITRE Matrix approach and other industry standard relevant approaches
 Analysis support for complex investigations and improve reaction procedures/run
book definitions/ enhancements
 Support for analyses on cybersecurity technical plans, analysis approach and incident
management
 Identify different security tools and technologies to make security operations more
effective.
 Identification of security gaps, mitigation strategy, implementation & tracking till
closure
 Work with various regional SOC and CERT teams on the security aspects an
incidents where required
 Recognized as consultant for cyber domains with internal teams and business
 Assist functional head in building technical capabilities, strategic cyber roadmaps and
team competencies based on priorities and policies of Group and GSC
 Work as technical expert for the domain(s) and execute cyber programs of medium to
complex nature and support in delivery
 Help functional manager in identifying technical loopholes in processes and
interdependencies
 Develop holistic solutions and manage transversal cyber programs
 Act as a consultant on key cyber topics
 Stakeholder management and relationship building with technical counterparts

Profile required
1. SKILLS AND KNOWLEDGE

(State the minimum acceptable proficiency for this job which best indicates the education
and/or experience requirements of this job and not the incumbent).
 Advanced knowledge of cybersecurity concepts: must have an in-depth understanding
of cybersecurity concepts, such as threat intelligence, incident response, vulnerability
assessment, and risk management.
 Advanced knowledge of networking: must be proficient in using security technologies
and tools, such as SIEM, IDS/IPS, EDR, and vulnerability scanners, should have a
strong understanding of TCP/IP, DNS, HTTP, SMTP, and other networking
protocols, and be able to analyze network traffic to identify security threats.
 Expertise in security technologies: Should have experience working with security
technologies such as firewalls, intrusion detection/prevention systems, SIEMs
(Security Information and Event Management), and endpoint detection and response
(EDR) tools. Knowledge of SIEM products (e.g. Splunk and RSA NetWitness)
 Proficiency in threat hunting: Should have advanced skills in threat hunting and be
able to identify, investigate, and resolve advanced persistent threats (APTs). Must be
skilled in threat hunting techniques and be able to proactively search for new and
emerging threats that may not be detected by traditional security tools.
 Familiarity with cloud security: Should have knowledge of cloud security
technologies, including cloud access security brokers (CASBs), cloud workload
protection platforms (CWPPs), and cloud security posture management (CSPM) tools.
 Strong analytical and problem-solving skills: Must be able to analyze large volumes
of data and identify patterns and anomalies that may indicate a security threat. They
should also be able to develop and implement solutions to mitigate risks and prevent
future incidents.
 Advanced incident response skills: Should have advanced skills in incident response,
including triage, investigation, containment, eradication, and recovery. They should
be able to perform memory analysis, malware analysis, and forensic investigations.
 Knowledge of compliance regulations: Should be familiar with compliance
regulations such as PCI DSS, HIPAA, and GDPR, and be able to ensure their
organization is meeting these requirements.
 Scripting and automation skills: Should have experience with scripting languages
such as Python and PowerShell, and be able to automate repetitive tasks to increase
efficiency.
 Collaboration and communication: Should be able to work collaboratively with other
security team members, as well as other departments within the organization. Must
have strong communication skills to interact effectively with stakeholders, including
senior management, technical staff, and external partners. They should be able to
articulate concepts in a clear and concise manner to both technical and non-technical
audiences.
 Knowledge on security framework (MITRE ATT&CK, NIST)
 Experience in managing and responding to internal & external SOC audits
 Knowledge of the global architecture of a network, and the security of its components
(routers, switches, ...)
 Knowledge of attack procedures and malicious code (exploits, attack vectors,
phishing, ...)
 Bachelor's degree in Computer Science, Information Systems, or related field.
Masters’ degree in relevant domain is a plus.
 12+ years of experience working with security teams in lead roles in SOC etc.
 Relevant security certifications, such as CISSP (Certified Information Systems
Security Professional), CISM (Certified Information Security Manager), and/or GCIH
(GIAC Certified Incident Handler), GSOC (GIAC Security Operations Certified),
GSOM (GIAC Security operations manager certification)
 
o Functional Expertise - Keeps up to date with emerging technology, business,
and market trends
o Technical Skills - Demonstrates strong technical skills required for the role,
pays attention to detail, takes initiative to broaden his/her knowledge and
demonstrates appropriate analytical skills
o Drive and Motivation - Successfully handles multiple tasks, takes initiative
to improve his/her own performance, works intensely towards extremely
challenging goals and persists in the face of obstacles or setbacks
o Client and Business Focus - Effectively handles difficult requests, builds
trusting, long-term relationships with clients, helps the client to identify/define
needs and manages client/business expectations
o Teamwork – Gives evidence of being a strong team player, collaborates with
others within and across teams, encourages other team members to participate
and contribute and acknowledges others' contributions. Ability to work
effectively both independently and in a team environment.
o Communication Skills - Excellent written and verbal communication skills.
Communicates what is relevant and important in a clear and concise
manner and shares information/new ideas with others
o Judgement and Problem solving - Thinks ahead, anticipates questions, plans
for contingencies, finds alternative solutions, and identifies clear objectives.
Sees the big picture and effectively analyses complex issues. Strong analytical
and problem-solving skills.
o Creativity/Innovation - Looks for new ways to improve current processes
and develop creative solutions that are grounded and have practical value

Influencing Outcomes - Presents sound, persuasive rationale for ideas or opinions. Takes a
position on issues and influences others' opinions and presents persuasive recommendations