SANS

LDR551: Building and Leading Security Operations Centers

Global Industrial Cyber Security Professional (GICSP)
GSOM

LDR551: Building and Leading Security Operations Centers Training (GSOM)

If you are a SOC manager or leader looking to unlock the power of proactive, intelligence-informed cyber defense, then LDR551 is the perfect course for you! In a world where IT environments and threat actors evolve faster than many teams can track, position your SOC to defend against highly motivated threat actors. Highly dynamic modern environments require a cyber defense capability that is forward-looking, fast-paced, and intelligence-driven. This SOC manager training course will guide you through these critical activities from start to finish and teach you how to design defenses with your organization’s unique risk profile in mind.

Training at a glance

Level

Advanced

Duration

6 Days

Experience

4 years: IT & Security

Average Salary

$121,000

Labs

Yes

Level

Advanced

Duration

6 Days

Experience

4 years: IT & Security

Average Salary

$121,000

Labs

Yes

Training Details

The skills learned with this class:

  • Construct a strong SOC foundation based on a clear mission, charter, and organizational goals
  • Collect the most important logs and network data
  • Build, train, and empower a diverse team
  • Create playbooks and manage detection use cases
  • Use threat intelligence to focus detection efforts on true priorities
  • Apply threat hunting process and active defense strategies
  • Implement efficient alert triage and investigation workflow
  • Operate effective incident response planning and execution
  • Choose metrics and long-term strategy to improve the SOC
  • Employ team member training, retention, and prevention of burnout
  • Perform SOC assessment through capacity planning, purple team testing, and adversary emulation
 
You Will Be Able To
  • Implement strategies for aligning cyber defense to organizational goals
  • Decrease risk profile due to improved security validation tools and techniques
  • Apply methodologies for recruiting, hiring, training, and retaining talented cyber defenders
  • Streamline effective cross-team coordination and collaboration
  • Employ immediate security optimization improvements using current assets
  • Reduce financial spend due to smoother cyber security operations

Lesson 1: SOC Design and Operational Planning

Lesson 2: SOC Telemetry and Analysis

Lesson 3: Attack Detection, Hunting, and Triage

Lesson 4: Incident Response

Lesson 5: Metrics, Automation, and Continuous Improvement

 

Hands-On Cybersecurity Training

While LDR551 is focused on management and leadership, it is by no means limited to non-technical processes and theory. The course uses the Cyber42 interactive leadership simulation game to put you in real-world scenarios that spur discussion and critical thinking of situations that you will encounter at work. Throughout the five days of instruction, students will work on seventeen hands-on exercises covering everything from playbook implementation to use case database creation, attack and detection capability prioritization and visualization, purple team planning, threat hunting, and reporting. Attendees will leave with a framework for understanding where a SOC manager should be focusing efforts, how to track and organize defensive capabilities, and how to drive, verify, and communicate SOC improvements.

This course is intended for those who are looking to build a Security Operations Center for the first time or improve the one their organization is already running. Ideal student job roles for this course include:

  • Security Operations Center Managers or Leads
  • Security Directors
  • New Security Operations Team Members
  • Lead / Senior SOC Analysts
  • Technical CISOs and Security Directors

 

NICE Framework Work Roles

  • Information Systems Security Manager, OV-MGT-001
  • Cyber Policy and Strategy Planner, OV-SSP-002
  • Executive Cyber Leadership, OV-EXL-001
  • Program Manager, OV-PMA-001
  • Cyber Defense Incident Responder, PR-CIR-001
  • OT SOC Operator, ZZ-ICS-004

 

This course does not have any specific prerequisites, but it is suggested that students have some experience in an operational security role. SANS courses such as SEC450: Blue Team Fundamentals: Security Operations and Analysis or MGT512: Security Leadership Essentials for Managers will give students a solid base-level understanding of the concepts that will be discussed.

LDR516: Building and Leading Vulnerability Management Programs

SEC566: Implementing and Auditing CIS Controls

Upcoming Classes

We Offer More Than Just SANS Training

Our successful training results keep our corporate and military clients returning. That’s because we provide everything you need to succeed. This is true for all of our courses.

Strategic Planning & Project Management

From Lean Six Sigma to Project Management Institute Project Management Professional, Agile and SCRUM, we offer the best-in-class strategic planning and project management training available. Work closely with our seasoned multi-decade project managers.

IT & Cybersecurity

ATA is the leading OffSec and Hack the Box US training provider, and a CompTIA and EC-Council award-winning training partner. We offer the best offensive and defensive cyber training to keep your team ahead of the technology skills curve.

Leadership & Management

Let us teach your team the high-level traits and micro-level tools & strategies of effective 21st-century leadership. Empower your team to play to each others’ strengths, inspire others and build a culture that values communication, authenticity, and community.

From Lean Six Sigma to Project Management Institute Project Management Professional, Agile and SCRUM, we offer the best-in-class strategic planning and project management training available. Work closely with our seasoned multi-decade project managers.
ATA is the leading OffSec and Hack the Box US training provider, and a CompTIA and EC-Council award-winning training partner. We offer the best offensive and defensive cyber training to keep your team ahead of the technology skills curve.
Let us teach your team the high-level traits and micro-level tools & strategies of effective 21st-century leadership. Empower your team to play to each others’ strengths, inspire others and build a culture that values communication, authenticity, and community.