SOC Analyst and his Roles
Here’s a simple breakdown of SOC Analyst roles (L1, L2, L3): L1 (Level 1) Analysts: Role: Entry-level, such as the “eyes” of the SOC. They watch security tools (e.g., Splunk or QRadar) for alerts, such as a suspicious login attempt, and resolve minor incidents (e.g., resetting a hacked password). Example: If a SIEM alerts on […]