Key Responsibilities:
Incident Management Support: Assist in the coordination and management of security incidents, ensuring timely detection, analysis, containment, eradication, and recovery.
Team Leadership and Supervision: Support in leading and mentoring SOC analysts, providing guidance, training, and performance feedback. May directly supervise a shift or a team of analysts.
Shift Management: Oversee the daily operations of the SOC during assigned shifts, ensuring proper coverage, workflow management, and adherence to established procedures.
Monitoring and Analysis Oversight: Ensure that security monitoring tools and systems are functioning correctly and that alerts are being triaged and analyzed effectively.
Procedure Development and Improvement: Assist in the development, documentation, and maintenance of SOC procedures, workflows, and playbooks. Identify areas for improvement and recommend solutions.
Reporting and Communication: Prepare and deliver regular reports on SOC activities, incident status, and performance metrics. Communicate effectively with other teams and stakeholders.
Escalation Management: Handle escalated security incidents, providing guidance to analysts and coordinating with other teams as needed.
Tool and Technology Management: Assist in the evaluation, implementation, and management of security tools and technologies used in the SOC.
Threat Intelligence: Stay up-to-date on the latest cybersecurity threats, trends, and vulnerabilities, and ensure that this information is incorporated into SOC operations.
Compliance and Auditing: Support compliance efforts by ensuring that SOC operations adhere to relevant security policies, standards, and regulations.