Abstract

This research-in-progress proposes a framework for measuring strategy coherence in Security Operations Centers (SOCs) by systematically connecting publicly stated analyst job tasks to organizational cybersecurity goals. Using Large Language Model (LLM)-assisted semantic analysis with human-in-the-loop validation, we distilled 49 job descriptions to isolate the essential Tier I SOC analyst job duties. We identify 211 unique tasks and consolidate them into thematic categories for future expert verification. The human-LLM validation method for the semantic mapping phase demonstrates high cross-model agreement (exceeding 85% thematic overlap), which aligns with emerging best practices in qualitative research. Preliminary analysis reveals significant potential for misalignment between common SOC metrics (ticket volume, response times) and strategic goals (threat detection quality, proactive intelligence). Expert validation surveys and statistical coherence scoring represent ongoing future work essential for completion of the proposed Goal Coherence Matrix.

Download

Share

COinS