SOC (Security Operations Center)
​
Why should you apply
SOC profile is the easiest to learn for a fresher and the respective jobs are available in plenty across many companies. This profile is the start for many freshers in cyber security domain. The work is exciting as it involves monitoring and defending an organization against Cyber attacks. Cyber Security has a mention in the National agenda of all countries and India. It is not just a commercial profession but governments also require assistance in protecting the Cyber borders of countries. Starting salaries for an SOC professional could range from Rs 3 lakhs to Rs 10 lakhs.
What is SOC profession
​
Assist organizations in monitoring of cyber security events and identify if there is malicious activity on the organization network amongst thousands of alerts being received every second. The profile starts at L1 which is level 1 and the person should understand the interface of SIEM (Security Information and event management) tool and how to use it, how to read an alert, understand the ticketing tool, assign a ticket , follow up for conclusion or closure and lots of coordination & communication. Then there are L2, L3 and further levels which require designing the SOC architecture, improving the quality of logs being received, improving the coverage of logs, creating rules for alerting based on the logs being received, understanding SIEM architecture, writing parsers to understand the logs, integrate devices in to SIEM, fine tuning the rules to reduce false positives, assist in investigations if needed etc.
​
Further Details
The profession requires a good understanding of networking, OSI model, protocols, port numbers, basic cyber security attacks such as OWASP top 10 and a conceptual understanding of them, understanding of at least one SIEM tool to the extent of being able to use it, understanding of a ticketing tool, good email writing skills (for coordination), good coordination / communication skills. Above knowledge is good for a person to get hired for an L1 SOC job. For further levels understanding of logging level of devices, how to integrate devices, how to write parsers, SIEM architecture, fine tuning of rules etc. is required and can be developed by a fresher as well.
What technical skills are required
Technical bent of mind and good knowledge of networking and just a basic understanding of SIEM tools are a good starting point.
Good coordination skills, communication skills are an advantage.
Education background - BTech / BSc / BCA / any other degree with computer subject or knowledge