EC Council, Netlynx’ partner providing IT Security Certification and Training Programs, announced today a new program available immediately. The SOC Analyst Certification focusses on the Protect and Defend area of the National Initiative for Cybersecurity Education (NICE) framework.
What is a Secure Operations Center (SOC) Analyst?
In short: plan, implement and execute THREAT DETECTION STRATEGIES to detect and respond to threats that one couldn’t prevent otherwise. Key functions of both a SCO and a SOC Analyst include:
- Monitor and triage thousands of alerts and events from various sources.
- Perform initial analysis on alerts and events to validate and prioritize the most important.
- Determine the alerts for which the escalation to the incident response (IR) team is needed for further in-depth analysis and remediation
Within the security incident response team jobs ans resposibilities might be split up as in the picture below. Smaller organisations will often combine responsibilities and functions.
Typical SOC Workflow
The typical SOC workflow consist of a number of stages and activities as pictured below. Within the CSA course these stages are investigated, practiced and documented.
Course Duration and Certification
The Certified SOC Analyst course typically takes 3 days of classroom training plus a 3 -hour exam. A detailed description is available from the CSO page on this website. Please check with any of our partners on the availability of classroom training and exams from late August onwards.