Lesson 6 of 7
In Progress

People, Process & Technology Profile of a SOC

Over time, recurring patterns have emerged for SOC implementations, which provide some key benefits:

  • Reduces the need to reinvent the wheel.
  • Agnostic of in-house, managed, or hybrid models.
  • Establishes a framework of repeatable and reusable methodologies, programs, and content to copy success.
  • Defines minimum viable requirements for successful service provision.
  • Provides a benchmark for procurement of internal and external services

People

Technical

  • Security Analyst
  • Security Engineer
  • Security Specialist
  • Security Architect
  • Threat Intelligence Analyst
  • Data Scientist

Governance & Management

  • SOC Manager
  • Team Leader
  • Incident Handler
  • Incident Manager
  • Compliance Manager
  • Service Manager

Process

Service Modelling​

  • Service Catalogue Definition​
  • On-boarding Workflows​
  • Off-boarding Workflows​
  • Specific IR Workflows​
  • Incident Handover Management Plan​
  • Service Management Process​
  • Service Level Agreements​
  • Customer Interfaces

Scenario Modelling​

  • Define Applicable Attack Scenarios​
  • Define Applicable Use Cases
  • Validate Attack Scenarios and Use Cases against any specific requirements​

Resource Modelling​

  • Resource Definition
  • Skills Profile Definition
  • Eligibility Definition​
  • RASCI Modelling
  • Skills Development Plan​
  • Career Progression Planning​

SOC Management

  • Service Management
  • Non-SIEM Event Reporting
  • Shift Management
  • Shift Handover Plan
  • Incident Workflows
  • Incident Response Plan
  • Triage Planning
  • Monitoring Plan
  • Change Control Plan
  • Knowledge Management
  • KPIs & Reporting Metrics

Technology