Required Skills for a certificate of Qualified Security Operations Center (SOC) Analyst

Being an effective Security Operations Center Analyst (SOC Analyst) requires understanding and hands-on skills in many areas of technology as well as people skills. To get the certificate proving your qualifications for a SOC analyst, you will be assessed on technical skills as listed below.

  • Security architecture and foundational principles
  • TCP/IP Networking
  • Introduction to network /system security services (IDS, WAF, Web
  • Content Filtering, DNS, DHCP, Email, Web Servers, AD, AV/EDR, etc.)
  • Operating Systems (Windows & Linux)
  • Encryption
  • Telemetry data collection (Syslogs, APIs, NetFlow, Full packet capture, Wireshark)
  • SIEM technologies
  • Machine Learning, anomaly detection
  • Threat Intelligence (STIX/TAXII, ATT&CK
  • Threat Hunting
  • Incident Triage, Investigation and Response (planning, execution, root cause analysis, contain, remediate, meet audit/legal requirements for proper documentation and evidence protection)
  • Vulnerability Management
  • Cloud technologies
  • Communications, ticketing
  • Open Source Tools (Wireshark,
  • Soft skills (communications
  • Exam + Research Paper

Following is a list of non-technical skills required for this position:

  • Pattern recognition
  • Understanding biases and investigating facts without getting emotional involvement
  • Puzzle solving
  • Intellectual curiosity
  • Attention to detail
  • Stress management
  • Ability to breakdown complex issues in simple terms and communicate horizontally and vertically