Lecture 4 Flashcards
SOC Services and Job Roles
Describe the role of a penetration tester in a SOC.
Identifying and testing vulnerabilities in a manner similar to how an adversary would, using red team skills.
What certifications are commonly required for a security analyst in a SOC?
CEH, GCIH, GCIA, and CISM.
What skills are important for an incident responder in a SOC?
Rapid response to IT security threats, incident handling, penetration and vulnerability testing, and network forensics.
What is the primary responsibility of a systems analyst in a SOC?
Monitoring and interpreting different forms of data, such as logs from security tools and alerts from networking equipment.
What are the key tasks of a systems administrator in a SOC?
Managing IT-related security and safety issues, developing and overseeing policies, and implementing solutions to prevent cyber threats.
What is the role of a security engineer in a SOC?
Performing security monitoring, data/log analysis, forensic analysis, maintaining security technologies, and developing security policies.
What certifications are beneficial for a security trainer?
CISSP and a relevant college degree.
Describe the responsibilities of a security architect.
Overseeing the implementation of network and computer security, creating security structures, and responding to security incidents.
What are the main tasks of a cryptographer/cryptologist?
Researching and developing stronger encryption algorithms, and analyzing encrypted information from malicious software.
What is the focus of a forensic engineer in a SOC?
Collecting evidence regarding security incidents without altering the data, and assisting with legal investigations.
What certifications are important for a chief information security officer (CISO)?
CISA, CISM, and CISSP.
What soft skills are essential for SOC professionals?
Problem-solving, analytical skills, communication, negotiation and diplomacy, detail-oriented, and organizational skills.
Why is security clearance important for some SOC roles?
To have access to specific content that requires authorization by law or organizational policies.
What are the onboarding requirements for new SOC employees?
Obtaining authorization to access sensitive resources, learning existing processes, attending training, and signing compliance documentation.
How can job retention be maintained in a SOC?
By understanding what motivates employees, documenting goals in development plans, and aligning business objectives with employee career growth.
