SOC Analyst

Build the skills a successful security operations center (SOC) analyst needs with our library of role-based courses and learning paths.

The role

What does a SOC Analyst do?

A security operations center (SOC) analyst is responsible for analyzing and monitoring network traffic for security events and vulnerabilities. SOC analysts also investigate, document and report on information systems weaknesses. SOC analysts also monitor firewall, email, web and DNS logs to identify and mitigate intrusion attempts.

The details

SOC Analyst career paths

Domain knowledge

  • Cyber defense analysis
  • Systems analysis

Related job titles

  • Security analyst
  • Security specialist
  • Incident analyst

Associated NICE Work Roles

All Infosec training maps directly to the NICE Workforce Framework for Cybersecurity to guide you from beginner to expert across 52 Work Roles.

  • Systems Security Analyst
  • Cyber Defense Analyst
  • Vulnerability Assessment Analyst
  • Cyber Defense Incident Responder
  • Cyber Defense Infrastructure Support Specialist

Plans & pricing

Infosec Skills Personal

$299 / year

  • 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Custom certification practice exams (e.g., CISSP, Security+)
  • Skill assessments
  • Infosec peer community support

Infosec Skills Teams

$799 per license / year

  • Team administration and reporting
  • Dedicated client success manager
  • Single sign-on (SSO)
    Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
  • Integrations via API
    Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
  • 190+ role-guided learning paths and assessments (e.g., Incident Response)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Create and assign custom learning paths
  • Custom certification practice exams (e.g., CISSP, CISA)
  • Optional upgrade: Guarantee team certification with live boot camps

Learn about scholarships and financing with

Affirm logo

Unlock 7 days of free training

  • 1,400+ hands-on courses and labs
  • Certification practice exams
  • Skill assessments


Frequently asked questions

What does a SOC Analyst do?

SOC analysts use their networking, computer science, research and collaboration skills to assess security systems for vulnerabilities and malicious activities and to identify potential controls to mitigate them. SOC analysts can also be expected to perform many other tasks:

  • Monitor security systems for suspicious network or application behavior
  • Document security incidents and implement response plans
  • Assist with cybersecurity risk assessments, vulnerability testing and compliance activities
  • Monitor and perform security and patch management
How do I become a SOC analyst?

To help the creation of your development plan, the Bureau of Labor Statistics (BLS) notes that successful SOC analysts typically display the following characteristics: Analytical skills: SOC analysts must carefully study computer systems and networks and assess risks to determine how security policies and protocols can be improved Detail-oriented: Because cyberattacks can be difficult to detect, SOC analysts must pay careful attention to computer systems and watch for minor changes in performance Ingenuity: SOC analysts must anticipate SOC risks and implement new ways to protect their organization’s computer systems and networks Problem-solving skills: SOC analysts must respond to security alerts, uncover and fix flaws in computer systems and networks

What education does a SOC Analyst need?

Most SOC analyst vacancies are looking for candidates with a bachelor’s degree in computer science, information assurance or a related field. However, given the large critical skills gap across the cybersecurity industry, many employers’ emphasis on four-year degrees has lessened if the candidate can show tangible technical skills, and related on-the-job experience.

What certifications does a SOC analyst need?

There is no industry-wide or CompTIA SOC analyst certification path, or certified SOC analyst training program available right now. But several related programs cover many of the relevant skills an analyst would need, regardless of the industry in which they would be employed. One example is CompTIA’s intermediate-level Cybersecurity Analyst (CySA+) certification, or CompTIA’s Security+ and Network+ certifications. There are other certifications one could use to improve their skills and validate their understanding of important security fundamentals:

What skills does a SOC analyst need?

SOC analyst day-to-day activities require them to demonstrate competency across the following security domains:

  • Network defense
  • Ethical hacking
  • Incident response
  • Computer forensics
  • Reverse engineering
How much does a SOC analyst earn?

Here are average salaries for industries employing the most SOC analysts:

  • Finance and insurance: $103,510
  • Computer systems design and related services: $101,980
  • Information: $100,560
  • Management of companies and enterprises: $97,440
  • Administrative and support services: $96,190
Where does a SOC analyst work?

One source lists New Jersey, Delaware, New York, Massachusetts and Maryland as the top employer of security analysts. Given the size of the federal government, Virginia and the District of Columbia can also be expected to employ a lot of SOC analysts.