Everything you need for a career as a SOC analyst
If you're looking for a career in cyber security, you'll find there are a wide range of options available within the sector. Among the most common roles - especially for people aiming to move into the cyber sector for the first time - are information security analyst positions.
These are in high demand among firms of all sizes, but there are also a few specialties within them you can work toward in order to improve your chances of finding the right job for you. And among the most popular of these are SOC analyst jobs.
What is a SOC analyst?
SOC stands for Security Operations Centre, and it's at the heart of any business' cybersecurity strategy. SOC professionals will cover a number of roles, including SOC analysts, incident responders and network engineers, who will work together to prevent cyber attacks.
What does a SOC analyst do?
The job of a SOC analyst is to be on the front line of their company's cyber defences. This means everything from conducting threat analysis to investigating reports of any new issues and preparing and testing disaster recovery plans.
SOC analysts usually work as part of a larger team that covers threat intelligence, information security analysis and incident response, with each member bringing their own unique skills and responsibilities to build a comprehensive cyber security defence strategy.
What are the different SOC analyst levels?
SOC analyst jobs are generally split into three levels, or tiers based on their primary specialties. Each will have their own key set of responsibilities and role to play in securing a business' networks and data from cyber security threats.
The levels are:
Tier 1 - These analysts' primary role is to monitor systems to identify threats. A tier 1 SOC analyst will respond to alerts and carry out triage operations to determine what type of response, if any, is required. They also scan systems for vulnerabilities and manage monitoring and reporting tools.
Tier 2 - The next step in the process, tier 2 analysts are responsible for responding to cyber attacks. These professionals will look at the scope of any attacks escalated to them from tier 1 analysts and initiate the most appropriate recovery processes.
Tier 3 - The final tier is focused on proactive threat hunting. These specialists look for vulnerabilities, study new trends and come up with new solutions to counter emerging threats.
What tools should I get used to as a SOC analyst?
Most SOC analysts will spend a great deal of their time working with security incident and event management (SIEM) platforms, so a good knowledge of these systems will be essential for any information security analysts.
A SIEM platform will typically include a range of tools to help security operation centre professionals monitor and protect systems. These include:
- Threat hunting features to help with locating and identifying vulnerabilities
- Threat intelligence and security analytics solutions
- Digital forensic tools for investigating cyberattacks
- Advanced analytics visualisations
According to cyber security training provider the EC-Council, SIEM systems "facilitate a comprehensive approach to cybersecurity by giving SOCs the ability to monitor data in real time and establish security policies that improve overall network safety".
How do you start a career as a SOC analyst?
The nature of the role means that SOC analysts can vary widely in experience and seniority. But with this comes a number of opportunities to build skills and advance your career path. If you are looking to get into this area, you'll find plenty of options to move forward to more senior positions.
Do you need IT experience to be a SOC analyst?
Some IT experience is highly useful if you're looking to move into this area, as it will give you a solid grounding on all the basics you'll need, such as networking, operating systems and the fundamentals of programming. However, a specific background in cyber security often isn't necessary. In fact, a junior SOC analyst position is many cyber security professionals' first job in the sector.
In general, some of the common top-level skills you may see in a job description that will be vital for cyber security success include:
- Network defence
- Ethical hacking
- Incident response
- Computer forensics
- Cloud security
- Reverse engineering
Once on the job, many of these skills can be picked up as you go, while there are a range of specialised certifications you can study for in order to boost your skill set.
What certifications are required to become a SOC analyst?
A bachelor's degree in a related subject, such as computer science, is helpful if you're looking for SOC security analyst jobs, but this isn't required, as an understanding of IT systems and networking picked up from other areas will often stand you in good stead.
However, completing a dedicated cyber security course can be useful, and there are a few certifications that may help set you apart from other applicants. Hiring managers for SOC analyst jobs will look positively on certifications such as the EC-Council's Certified SOC Analyst (CSA) or CompTIA's Security+, as these give professionals a good grounding in the specific skills needed for these roles.
If you're looking for a senior SOC analyst role - typically those at tier 3 - more advanced certifications may prove useful. Qualifications such as (ISC)2's advanced Certified Information Systems Security Professional (CISSP), for example, are in high demand for more senior security engineer and security analyst roles.
How to get a SOC analyst job
A career as a cyber security analyst can offer many benefits. As well as working in an interesting, fast-moving area with plenty of potential for advancement, it offers the opportunities for good salaries and perks, as these professionals are in high demand across all types of businesses.
How much can a SOC analyst make?
How much you can earn as a SOC analyst can vary significantly depending on your exact role, responsibilities and experience. In general, however, tier 1 positions are often advertised as entry-level positions, whereas tier 3 professionals may be some of the most experienced individuals in a cyber security team.
Salaries for UK SOC analyst jobs range from around £25,000 for entry-level positions up to the region of £75,000 for the most experienced and senior roles, with the average salary in the UK standing at just over £52,500.
Where can you find SOC analyst jobs?
The best place to find openings to start or advance your SOC analyst career is a dedicated jobs board that specialises in cyber security roles, such as Cyber SecurityJobsite.com. Recruiters trust these services because they give professionals access to a strong talent pool of professionals. Indeed, if you upload your CV to these services, employers can even find you directly.
If you're looking for career advice, you should also consider attending one of our Cyber Security Expos. These job fairs not only give applicants a chance to connect directly with recruiters at some of the UK's biggest employers, but also offer speaker sessions and networking opportunities to help expand your knowledge and understanding of what employers are looking for.