0845 450 6120

Certified Security Operations Centre Analyst

This fundamentals-level course provides the basic skills and knowledge for individuals who are looking to be or are currently employed within a private or public sector Security Operations Centre (SOC).

This 5 day course will enable you to understand how a SOC functions and provide you with the fundamental knowledge and understanding required for employment within a SOC. You will spend a good portion of the course practising and honing key skills and methodologies which replicate real-life security threat scenarios faced by SOC’s today

We don't currently have any courses listed for Certified Security Operations Centre Analyst, would you like to view all courses for Information & Cyber Security?

Learning Objectives


You will learn and practice core level and advanced skills to be an effective SOC analyst or team member. Upon completion of the course you will have learnt:

  • The threats and risks to a business network
  • Gain a better understanding of threat intelligence using OSINT
  • How malicious software can compromise a system
  • Using SIEM tools to collate and analyse data of interest
  • Fundamental and in-depth logging
  • Analytical techniques


This course will enable you to gain confidence within a SOC environment by reinforcing or learning new information and methodologies.


This course was specifically designed for individuals who intend to be or have recently joined as a SOC analysist or team member or to recognise those more seasoned individuals employed within the SOC. SYLLABUS Throughout the course your time will be split between being taught the methods and principles of working within a SOC and applying these in practical, hands-on exercises based on real-life scenarios.


You will need a basic understanding of IT infrastructure.

Course Content

Topics covered are:

1. The Security Operations Centre

a. What is a SOC

b. SOC types

c. Staff Roles

d. Decision Making

2. Threats & Risks

a. The Threat

b. Attacker Motivation

c. Attack Types

d. Threat Attribution

e. Threat Assessments

f. Business Threats

g. Employee Threats

h. Cyber Kill Chain

j. ATT&CK Framework

3. Computer Networks

a. Network Types

b. Network Topologies

c. network Models

d. IP Address & MAC Address

e. Ports

f. Protocols

4. Malicious Software

a. The Basics

b. Identification

c. Infection Methods

d. Persistence Mechanisms

e. Beacons

f. Understanding Antivirus technologies

5. Open Source Intelligence

a. Search Engines


c. Online Tools

d. Social Networking & Communities

e. Internet Archive

f. Dark Web

g. Threat Reporting

h. Threat Intelligence

i. IOC Concepts

6. Cyber Security Incident Response

a. CSIR Plan

b. CSIR Models

7. Logging Fundamentals

a. Sources

b. Formats

c. Implementation & Use

d. Analysis

8. Security Event & Incident Management

a. What are SIEMs?

b. Logging

c. Evaluation

d. Analytics

e. Detection

f. Threat Intelligence

9. Preservation & Collection

a. Reasons

b. Initial Considerations

c. Guidelines & Standards

d. Further Considerations

10. Logging In-Depth

a. Normalising Logs

b. False Positive Reduction

c. Prioritising Alerts

d. Identifying Genuine Incidents

e. Analytics

Exams & Certification


Upon successful completion you will be awarded the Certified Security Operations Centre Analyst (CSOCA) qualification

One Month
Two Months
Three Months
More than Three Months
PRINCE2 Foundation & Practitioner
MSP Foundation & Practitioner
APMP Certificate
ITIL Foundation
Scrum in One Day
Certified ScrumMaster
ISTQB Software Test Foundation
Microsoft Project
BCS Business Analysis Practice
Other - Please Specify Below

Online Courses

You may prefer an online course if you are looking for a flexible and cost-effective solution. Online courses allow you to study at your own pace, at a time that suits you.

We have the following eLearning options available:

Our Customers Include