Identifying Your Role

The roles listed here are the typical roles or functions of a Security Operations Center (SOC). Determine the role or roles that you perform in the SOC. You can use these functions as a guide to decide how to set up and navigate RSA NetWitness Platform so that you can efficiently perform your job tasks.

Image of SOC team SOC Manager (SOC Management and Reporting)

Data Privacy Officer

  • Manage SOC readiness
  • Respond to incidents
  • Respond to data breaches
  • Monitor and protect privacy
    and sensitive information
Incident Responder (T1 Analyst) Threat Hunter (T2/T3 Analyst) Content Expert (Threat Intelligence) System Administrator
  • Respond to incidents
  • Remediate incidents
  • Hunt for threats

  • Conduct forensic analysis

  • Recommend issues for remediation

  • Remediate issues

  • Investigate new threat intelligence

  • Evaluate and create new feeds

  • Create correlation rules to flag indicators of compromise

  • Install and configure equipment and software

  • Manage user access

  • Monitor and fine tune performance

  • Backup and restore data

  • Manage storage and archives

  • Update software

  • Create reports for regulatory compliance