Become a SOC Analyst - Level 2

Advance in your SOC Analyst Career Path, level 2 opens the door to Incident Response and Computer Hacking Forensics to protect your organization across their threat landscape.

Already a Tier 2 Analyst, Threat Analyst?

Check our Catalog and let us help sharpen your skills

Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *

Already have an account? Sign In »

This Career Path is for a Security Operations Center Analyst (SOC Analyst). This particular Career Path covers a more intermediate-level SOC role. As a SOC Analyst, your primary duty is to ensure that the organization’s digital assets are secure and protected from unauthorized access. That means that you are responsible for protecting both online and on-premise infrastructures, monitoring data to identify suspicious activity, and identifying and mitigating risks before there is a breach. In the event that a breach does occur, a SOC analyst will be on the front line, working to counter the attack. This career path is aligned to the Cyber Defense Incident Responder NICE/NIST Work Role.

Frequently Asked Questions

As a SOC analyst, your primary duty is to ensure that the organization’s digital assets are secure and protected from unauthorized access. You protect both the online and on-premise infrastructures, monitor metrics and data to identify suspicious activity, and identify and mitigate risks before adversaries breach your system. Some adversaries will still breach your system, and a SOC analyst fights the frontline battle.

Broadly, a Level 1 Analyst conducts initial triage of alerts to identify potential, false positives, policy violations, intrusion attempts and compromises. A Level 2 Analyst is expected to validate those findings, provide the context necessary to escalate triaged alerts for deeper analysts and review, and possibly initiate Tier-III or Incident Response work.

As a more experienced analyst, you will be expected to have hands-on experience with packet capture technology, IDS and SIEM technologies, and network and endpoint security tools. You should also have excellent analytical and problem solving skills, strong communication skills, self-discipline to work according to playbook and time requirements, passion for cybersecurity and a willingness to learn and stay up-to-date with current threats, tools and techniques, as well as new security technologies, products and incident analysis and response approaches.

No two days are alike in a security operations center – adversaries don’t follow a specific schedule, and how much time you have to spend on an individual incident can depend on many factors. You may be able to circumvent an attack quickly in some cases, while others might take much more time, attention, and work. On a daily basis, you will need to ascertain the weaknesses of hardware, software, and network infrastructure and establish ways to protect it. But the nature of information security means each day may bring different situations, tasks, and challenges, so you’ll rarely feel bored. When a threat or an attack arises, your team will likely work nonstop to expose the attack, shut down access to your systems, resolve the issue, work to prevent the same type of attack from happening in the future, and document and communicate appropriate information to management or clients.

Most organizations look for someone with 3-4 years of hands-on experience in Information Security, as well as experience as an entry-level SOC Analyst. IT or Offensive Security Certifications are seen as added benefits. For professionals with less than 3 years of experience, we recommend the SOC Analyst 1 career path.

How Long Will It Take To Be Job Ready?

I can dedicate

hours per week

4 months to complete this career path

What Our Learners Are saying

"I was able to earn my CISSP certification within 60 days of signing up for Cybrary Insider Pro and got hired as a Security Analyst conducting security assessments and penetration testing."

"I was able to earn both my Security+ and CySA+ in two months. I give all the credit to Cybrary."

"The knowledge and skills I gained with Cybrary helped me to land my first IT role as a Digital Field Support Administrator. Knowing that I have the Cybrary community behind me has been helpful as I continue to learn and advance my career goals."

Career Prospects

Salary Range in the U.S. (Yearly)

Average Salary via

What Will I Learn?

Defensive Security

Focused on trying to find the bad guys. Topics such as threat intelligence, threat hunting, network monitoring, incident response. Defensive security is a reactive measure taken once a vulnerability is found through prevention, detection, and response.