The roles listed here are the typical roles or functions of a Security Operations Center (SOC). Determine the role or roles that you perform in the SOC. You can use these functions as a guide to decide how to set up and navigate RSA NetWitness Platform so that you can efficiently perform your job tasks.

AsocTeam_96x142.png    SocMgr_120x163.png



  • Manage SOC readiness
  • Respond to incidents
  • Respond to data breaches
  • Monitor and protect privacy
    and sensitive information
IR_105x123.png Hunt_86x122.png ConExp_105x115.png SysAdm_81x125.png
  • Respond to incidents
  • Remediate incidents
  • Hunt for threats

  • Conduct forensic analysis

  • Recommend issues for remediation

  • Remediate issues

  • Investigate new threat intelligence

  • Evaluate and create new feeds

  • Create correlation rules to flag indicators of compromise

  • Install and configure equipment and software

  • Manage user access

  • Monitor and fine tune performance

  • Backup and restore data

  • Manage storage and archives

  • Update software

  • Create reports for regulatory compliance