What is SOC Analyst and how much you make in this career
You will learn what a security operations center (SOC) analyst is and
The following topics will be covered in this chapter:
• What is a SOC analyst?
• How much can you make in this career?
What is a SOC analyst?
SOC analysts work as members of a managed security services team. There are typically
three tiers of SOC analysts, and job-specific duties may vary based on the organization
you work for:
• SOC level 1 (tier 1)
analysts typically monitor security tools, such as endpoint
detection and response (EDR) and security information and event management
(SIEM) tools, to identify potential anomalous activity on networks and systems. If
anomalous activity is detected, they then escalate it to level 2 analysts.
• SOC level 2 (tier 2)
analysts investigate anomalous behavior. In some instances,
they may perform incident response (IR) duties and initial malware analysis. You
might build IR playbooks and perform scripting to automate routine tasks. You
might also see level 2 skills being requested for incident responder job postings.
Your tier 2 SOC analyst might also set up the access for jump boxes and do light
forensic investigation work.
• SOC level 3 (tier 3)
analysts perform IR and also typically perform threat hunting
and threat profiling. They may also do some work in reverse engineering malware
and digital forensics depending on their organization. You might see these job
openings listed as incident responders or threat analysts/hunters. One thing to keep
in mind if you are transitioning from another career to cybersecurity is you can
often find non-traditional jobs at a cybersecurity product company and use this
as the starting point for your career. As an example, if you are transitioning from
selling used cars, you could get a job with the sales team at a security company such
as Splunk. The company will then train you on all of their cybersecurity product
and service offerings for free, then in 6 to 12 months, you will have a better chance
of getting a cybersecurity job because you will then have experience at Splunk and
you have experience with their different product offerings so you have in-demand
skills. Many people focus on getting jobs as a SOC analyst or penetration tester
because that’s what their guidance counselor tells them to do, but it is often a
better idea to look at non-traditional jobs to get your start in a cybersecurity career
because others are not applying for those jobs. If you look at the Splunk company
website, you will see hundreds of open non-traditional jobs, at the time of writing,
that can be leveraged to get your start in a rewarding cybersecurity career.
How much can you make in this career?
SOC analyst salaries can vary significantly by location, company, and other factors. In the
United States, you can expect to make between $60,000 and $85,000 for an entry-level
SOC level 1 role.
What other careers can you do?
A career as a SOC analyst builds a solid foundational skill set and can help you prepare for
many cybersecurity careers. Some examples are a forensic investigator, reverse engineer,
penetration tester, GRC analyst, and CISO.