What does a SOC Analyst do?
A security operations center (SOC) analyst is responsible for analyzing and monitoring network traﬃc for security events and vulnerabilities. SOC analysts also investigate, document and report on information systems weaknesses. SOC analysts also monitor ﬁrewall, email, web and DNS logs to identify and mitigate intrusion attempts.
Associated NICE Work Roles
All Infosec training maps directly to the NICE Workforce Framework for Cybersecurity to guide you from beginner to expert across 52 Work Roles.
- Systems Security Analyst
- Cyber Defense Analyst
- Vulnerability Assessment Analyst
- Cyber Defense Incident Responder
- Cyber Defense Infrastructure Support Specialist
SOC Analyst career paths
Network Traffic Analysis for Incident Response
Plans & pricing
- Team administration and reporting
- Dedicated client success manager
Single sign-on (SSO)
Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
Integrations via API
Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
- 190+ role-guided learning paths and assessments (e.g., Incident Response)
- 100s of hands-on labs in cloud-hosted cyber ranges
- Create and assign custom learning paths
- Custom certification practice exams (e.g., CISSP, CISA)
- Optional upgrade: Guarantee team certification with live boot camps
Frequently asked questions
What does a SOC Analyst do?
SOC analysts use their networking, computer science, research and collaboration skills to assess security systems for vulnerabilities and malicious activities and to identify potential controls to mitigate them. SOC analysts can also be expected to perform many other tasks:
- Monitor security systems for suspicious network or application behavior
- Document security incidents and implement response plans
- Assist with cybersecurity risk assessments, vulnerability testing and compliance activities
- Monitor and perform security and patch management
How do I become a SOC analyst?
To help the creation of your development plan, the Bureau of Labor Statistics (BLS) notes that successful SOC analysts typically display the following characteristics: Analytical skills: SOC analysts must carefully study computer systems and networks and assess risks to determine how security policies and protocols can be improved Detail-oriented: Because cyberattacks can be difficult to detect, SOC analysts must pay careful attention to computer systems and watch for minor changes in performance Ingenuity: SOC analysts must anticipate SOC risks and implement new ways to protect their organization’s computer systems and networks Problem-solving skills: SOC analysts must respond to security alerts, uncover and fix flaws in computer systems and networks
What education does a SOC Analyst need?
Most SOC analyst vacancies are looking for candidates with a bachelor’s degree in computer science, information assurance or a related field. However, given the large critical skills gap across the cybersecurity industry, many employers’ emphasis on four-year degrees has lessened if the candidate can show tangible technical skills, and related on-the-job experience.
What certifications does a SOC analyst need?
There is no industry-wide or CompTIA SOC analyst certification path, or certified SOC analyst training program available right now. But several related programs cover many of the relevant skills an analyst would need, regardless of the industry in which they would be employed. One example is CompTIA’s intermediate-level Cybersecurity Analyst (CySA+) certification, or CompTIA’s Security+ and Network+ certifications. There are other certifications one could use to improve their skills and validate their understanding of important security fundamentals:
What skills does a SOC analyst need?
SOC analyst day-to-day activities require them to demonstrate competency across the following security domains:
- Network defense
- Ethical hacking
- Incident response
- Computer forensics
- Reverse engineering
How much does a SOC analyst earn?
Here are average salaries for industries employing the most SOC analysts:
- Finance and insurance: $103,510
- Computer systems design and related services: $101,980
- Information: $100,560
- Management of companies and enterprises: $97,440
- Administrative and support services: $96,190
Where does a SOC analyst work?
One source lists New Jersey, Delaware, New York, Massachusetts and Maryland as the top employer of security analysts. Given the size of the federal government, Virginia and the District of Columbia can also be expected to employ a lot of SOC analysts.