SOC staff monitor information systems for alarms and conditions to prevent, detect and manage cyber-attacks and other IT security incidents. They normally follow processes and procedures based on information security management and computer security incident management. They often employ tools such as network discovery and vulnerability assessment systems; governance, risk and compliance (GRC) systems; web site assessment and monitoring systems, application and database scanners; penetration testing tools; intrusion detection systems (IDS); intrusion prevention system (IPS); log management systems; security information and event management (SIEM); network behavior analysis and denial of service monitoring; wireless intrusion prevention system; firewalls, enterprise antivirus and unified threat management (UTM).
The SOC typically scans applications and identifies security vulnerabilities and their potential business impact. The SOC works with the application business owners and IT staff to ensure understanding and help them appropriately correct weaknesses before they are exploited. The SOC also monitors applications to identify a possible cyber-attack or intrusion (event) and determine if it is a real, malicious threat (incident), and if it could have business impact. The SOC manages incidents for the enterprise, ensuring they are properly identified, analyzed, communicated, actioned/defended, investigated and reported.
SOC engineers and watch officers are seasoned information and communication systems professionals. They are usually trained in computer engineering, cryptography, network engineering, or computer science and are credentialed (e.g. Certified Information Systems Security Professional (CISSP) from (ISC)², GIAC from SANS, or Certified Information Security Manager (CISM) from ISACA).
SOCs usually are well protected with physical, electronic, computer, and personnel security. Centers are often laid out with desks facing a video wall, which displays significant status, events and alarms; ongoing incidents; a corner of the wall is sometimes used for showing a news or weather TV channel, as this can keep the SOC staff aware of current events which may have an impact on information systems. The back wall of the SOC is often transparent, with a room attached to this wall which is used by team members to meet while able to watch events unfolding in the SOC. Individual desks are generally assigned to a specific group of systems, technology or geographic area. A security engineer or security technician may have several computer monitors on their desk, with the extra monitors used for monitoring the systems covered from that desk.
Read more about this topic: Security Operations Center (computing)
Other articles related to "role, technical":
... for Fuel, Power, and National Resources, Bhutto played a key role in setting up of the Pakistan Atomic Energy Commission (PAEC) administrative research bodies and institutes ... Soon, Bhutto offered a technical post to Munir Ahmad Khan in PAEC in 1958, and lobbied for Abdus Salam as being appointed as Science Adviser in 1960 ... Munir Ahmad Khan working at a senior technical post at the IAEA, informed him of the status of Indian nuclear programme and the options Pakistan had to develop its own nuclear capability ...
Famous quotes containing the words role and/or technical:
“Mental health data from the 1950s on middle-aged women showed them to be a particularly distressed group, vulnerable to depression and feelings of uselessness. This isnt surprising. If society tells you that your main role is to be attractive to men and you are getting crows feet, and to be a mother to children and yours are leaving home, no wonder you are distressed.”
—Grace Baruch (20th century)
“The best work of artists in any age is the work of innocence liberated by technical knowledge. The laboratory experiments that led to the theory of pure color equipped the impressionists to paint nature as if it had only just been created.”
—Nancy Hale (b. 1908)