Security Operations Center (SOC) ROLES
The SOC manager should develop a workflow model and implement SOPs for incident-handling that guide the analysts through the triage and response procedures. Security analyst tiered responsibilities may include: Tier 1 Continuously monitors the alert queue Triages security alerts Monitors the health of the security sensors and endpoints Collects data and context necessary to initiate Tier 2 work Tier 2 Performs deep-dive incident analysis by correlating data from various sources Determines if a critical system or data set has been…