QA's hands-on SOC analyst programme is a purposeful pathway for new security analysts, but also provides a platform for re-skilling existing IT teams.
The typical ten week programme starts at a foundation level and accelerates at a pace designed to increase both knowledge and confidence of the individual at a sustainable rate.
In order to increase response time and accuracy to security incidents and vulnerabilities, cyber security analysts, in any organisation, need to be able to assess and manage cyber risk through effective security incident triage and hands-on technical experience. QA is leading the way with its cyber SOC analyst academy providing a public SOC analyst programmes, to complement our existing closed SOC analyst programmes, aligned to a client syllabus and a public Complete Cyber Analyst™ portfolio.
QA's hands-on SOC analyst programme provides a platform for re-skilling existing IT and technical teams or a purposeful pathway for new tier 1 and 2 security analysts. Knowledge check points, are at regular stages in the programme and designed to test and validate understanding and highlight any issues at an early stage. In our experience this structure and level of support maximise the attainment of a 95% success rate. Notwithstanding any industry specific security examinations taken at agreed phases within the programme.
The typical ten week programme starts at a foundation level and accelerates at a pace designed to increase both knowledge and confidence of the individual at a sustainable rate. Through the cyber threat lifecycle, looking at common and advanced attack vectors, threat hunting and detection, reporting and collaboration. Including specific learning interventions on malware, reverse engineering, ethics and legalities, vulnerability management and incident response. Enabling the learner to become a proactive security collaborator within their business, enhancing their organisations security posture. During the programme additional learning support and coaching is offered to those individuals struggling with any technical aspect of the programme, with extracurricular content and labs designed to support the learner's journey to ensure each module's learning objectives are met. QA also provide a cyber assessment process used to streamline SOC analysts for specific roles which is aligned to specific cyber pathways.
Technical aspects of the programme include network intrusion detection and prevention. Analysts learn tactics, techniques and safe procedures to collect, analyse, identify, prevent and respond to malicious activities on the network using full packet capture and logs. The learner will look at the techniques, tools and responses to the identification malicious activities on the system. Cyber situational awareness training within the programme enables a strategic response to the current and emerging threat environment. This also covers the management of security event data from many system sources including event logs and network security devices. The use of correlation engines to analyse and identify real time security related events, whilst combined with threat intelligence. Plus the collection and analysis of open / closed source information to enhance our understanding of the digital world and to identify the sources of intelligence that can support our cyber defence, response, management and penetration testing goals. This is underpinned by security information collection and analysis and the humanistic techniques for proactively identifying and responding to advanced threats. The training utilises scenario based training in the realistic SOC simulation environment.
QA bring the SOC analyst 'use cases' to life by providing analysts with a representative environment using the techniques, processes and procedures that have been previously trained within the QA cyber labs. The training provides for the full management of exercises with the ability to pause, replay and conduct after action and post learning review of exercises. Incorporating offensive defence exercises for Red, Blue and Purple teams. With, for example, during scenario based training to have Red (injection of threats etc.), Blue (analysts under test) and Purple (management of the exercise). Alignment with appropriate ethical and legal guidelines ensure that through the programme analysts appreciate the role and management of any evidence collection which needs to be conducted in such a way to maintain the chain of custody. Underpinning the programme are the development of SOC analyst level skills vital for collective cyber defence development including IT security planning, cyber security risk management, implementation and maintenance of security standards, applicable cyber compliance and the law, end to end analysis of security related incidents and incident response report writing.
Delegates can attend the entire programme or choose to join one or more of the three SOC Analyst Programme modules (Foundation, Investigator and Responder). This is easily achieved through our public schedule offering with multiple phased start dates. Should you have up to ten individuals ready to join the programme and would prefer an on-site or closed programme, talk to your account manager today.