(In high demands in cyber Security job market)
A significant risk highlighted to most of SMEs, based on many threats and breaches that become something usually seen every day in the news, security breaches, malware, ransomware and many other attacks threaten all organizations with any size.
The need for in-depth monitoring of the network behavior became mandatory to know at least what is going on in your network,
Regular IT Department structure with every thing managed by IT team is not enough to defend today's attacks.
A separate team with skilled personnel is highly required to take this function further and to perform it in highly professional manner.
SOC is a special room equipped with some screens, not like NOC but it's more focused on monitoring the traffic, perform particular analysis, log review, and many other tasks related to the investigation and analyzing every thing traveling through the organization borders.
We can divide The SOC into three categories, that we can explain later in some details
Threat focused SOC
Operation focused SOC
Compliance Focused SOC
The skills required to be a SOC member
Experience of using Cyber Security tools to respond to threats (essential) rapidly
Networking Security / Technical Background - IDS/IPS, DLP, TCP/IP, Firewalls, Switches, Routers
Implement continuous enhancements for security improvements
Knowledge of data protection legislation (essential)
Familiarity with SIEM technologies (necessary)
Intrusion Detection, Perimeter Security, Vulnerability Management
Experience of taking total ownership of the escalation of the support tickets
Awareness of Threats and how they may impact the business