LDR551: Building and Leading Security Operations Centers
LDR551: Building and Leading Security Operations Centers Training (GSOM)
If you are a SOC manager or leader looking to unlock the power of proactive, intelligence-informed cyber defense, then LDR551 is the perfect course for you! In a world where IT environments and threat actors evolve faster than many teams can track, position your SOC to defend against highly motivated threat actors. Highly dynamic modern environments require a cyber defense capability that is forward-looking, fast-paced, and intelligence-driven. This SOC manager training course will guide you through these critical activities from start to finish and teach you how to design defenses with your organization’s unique risk profile in mind.
Training at a glance
Level
Advanced
Duration
6 Days
Experience
4 years: IT & Security
Average Salary
$121,000
Labs
Yes
Level
Advanced
Duration
6 Days
Experience
4 years: IT & Security
Average Salary
$121,000
Labs
Yes
Training Details
The skills learned with this class:
- Construct a strong SOC foundation based on a clear mission, charter, and organizational goals
- Collect the most important logs and network data
- Build, train, and empower a diverse team
- Create playbooks and manage detection use cases
- Use threat intelligence to focus detection efforts on true priorities
- Apply threat hunting process and active defense strategies
- Implement efficient alert triage and investigation workflow
- Operate effective incident response planning and execution
- Choose metrics and long-term strategy to improve the SOC
- Employ team member training, retention, and prevention of burnout
- Perform SOC assessment through capacity planning, purple team testing, and adversary emulation
You Will Be Able To
- Implement strategies for aligning cyber defense to organizational goals
- Decrease risk profile due to improved security validation tools and techniques
- Apply methodologies for recruiting, hiring, training, and retaining talented cyber defenders
- Streamline effective cross-team coordination and collaboration
- Employ immediate security optimization improvements using current assets
- Reduce financial spend due to smoother cyber security operations
Lesson 1: SOC Design and Operational Planning
Lesson 2: SOC Telemetry and Analysis
Lesson 3: Attack Detection, Hunting, and Triage
Lesson 4: Incident Response
Lesson 5: Metrics, Automation, and Continuous Improvement
Hands-On Cybersecurity Training
While LDR551 is focused on management and leadership, it is by no means limited to non-technical processes and theory. The course uses the Cyber42 interactive leadership simulation game to put you in real-world scenarios that spur discussion and critical thinking of situations that you will encounter at work. Throughout the five days of instruction, students will work on seventeen hands-on exercises covering everything from playbook implementation to use case database creation, attack and detection capability prioritization and visualization, purple team planning, threat hunting, and reporting. Attendees will leave with a framework for understanding where a SOC manager should be focusing efforts, how to track and organize defensive capabilities, and how to drive, verify, and communicate SOC improvements.
This course is intended for those who are looking to build a Security Operations Center for the first time or improve the one their organization is already running. Ideal student job roles for this course include:
- Security Operations Center Managers or Leads
- Security Directors
- New Security Operations Team Members
- Lead / Senior SOC Analysts
- Technical CISOs and Security Directors
NICE Framework Work Roles
- Information Systems Security Manager, OV-MGT-001
- Cyber Policy and Strategy Planner, OV-SSP-002
- Executive Cyber Leadership, OV-EXL-001
- Program Manager, OV-PMA-001
- Cyber Defense Incident Responder, PR-CIR-001
- OT SOC Operator, ZZ-ICS-004
This course does not have any specific prerequisites, but it is suggested that students have some experience in an operational security role. SANS courses such as SEC450: Blue Team Fundamentals: Security Operations and Analysis or MGT512: Security Leadership Essentials for Managers will give students a solid base-level understanding of the concepts that will be discussed.
LDR516: Building and Leading Vulnerability Management Programs
SEC566: Implementing and Auditing CIS Controls
Upcoming Classes
We Offer More Than Just SANS Training
Our successful training results keep our corporate and military clients returning. That’s because we provide everything you need to succeed. This is true for all of our courses.
Strategic Planning & Project Management
From Lean Six Sigma to Project Management Institute Project Management Professional, Agile and SCRUM, we offer the best-in-class strategic planning and project management training available. Work closely with our seasoned multi-decade project managers.
IT & Cybersecurity
ATA is the leading OffSec and Hack the Box US training provider, and a CompTIA and EC-Council award-winning training partner. We offer the best offensive and defensive cyber training to keep your team ahead of the technology skills curve.
Leadership & Management
Let us teach your team the high-level traits and micro-level tools & strategies of effective 21st-century leadership. Empower your team to play to each others’ strengths, inspire others and build a culture that values communication, authenticity, and community.