top of page
Abstract Blue Light
Certified Security Operation Centre (SOC) Manager (CSOCM-906)
27.png

Target Students​

SOC managers, security professionals, and IT leaders responsible for overseeing the operations of a Security Operations Center (SOC), managing teams, and ensuring effective incident detection and response.

Duration :  40 hours (5 days)
Learning Objectives

-Master the skills required to manage and lead a Security Operations Center.

-Understand SOC processes, workflows, and team roles.

-Learn to implement and optimize SOC technologies and tools.

-Develop strategies for incident management, threat intelligence, and   continuous monitoring.

-Gain experience in building and scaling SOC capabilities.

Exam Codes: CNST-905
Exam Formats
 

100 multiple-choice questions

Exam Options
 

Online

In-Person

Exam Duration: 2 hours
Passing Score​: 70% 

Course Outline

Foundations of SOC Management
Module 1: Overview of SOC Functions

  • Overview of SOC Functions

  • Understanding the Role and Importance of a SOC in Cybersecurity

  • Key Components of a SOC: People, Processes, and Technology

  • SOC Maturity Models and Metrics for Success

  • SOC Team Structure and Role

  • Roles and Responsibilities within a SOC: SOC Manager, Analysts, Engineers

  • Building an Effective SOC Team: Skills, Training, and Development

  • Case Study: Organizational Structures of Successful SOCs

Module 2: SOC Processes and Workflows

  • SOC Process Implementation

  • Understanding and Implementing SOC Processes: Incident Response, Threat Intelligence, Vulnerability Management

  • Developing and Managing SOC Playbooks

  • Case Study: Streamlining SOC Processes for Efficiency
     

  • Workflow Automation in SOCs

  • Introduction to Security Orchestration, Automation, and Response (SOAR)
    Automating Repetitive Tasks to Enhance SOC Efficiency
    Case Study: Implementing SOAR in a Large SOC
     

SOC Technologies and Tools
Module 3: Implementing SOC Technologies

  • SIEM Systems in SOCs

  • Overview of SIEM (Security Information and Event Management) Systems
    Best Practices for SIEM Deployment, Configuration, and Management
    Case Study: Optimizing SIEM for Large Enterprises

  • Integrating SOC Tools

  • Integration of Security Tools: IDS/IPS, Firewalls, Endpoint Security, Threat Intelligence Platforms

  • Building a Unified Security Platform in a SOC Environment

  • Case Study: Tool Integration Challenges and Solutions in a SOC

Module 4: Advanced SOC Management Techniques

  • Threat Intelligence in SOC Operations

  • Leveraging Threat Intelligence for Proactive Defense

  • Integration of Threat Intelligence into SOC Processes

  • Case Study: Using Threat Intelligence to Prevent Advanced Threats

  • Incident Management and Response

  • Developing and Managing an Incident Response Program

  • Best Practices for Incident Handling, Reporting, and Communication

  • Case Study: Incident Management in a Critical Infrastructure SOC

Strategic SOC Management
Module 5: Scaling and Optimizing SOC Operations

  • Scaling SOC Capabilities

  • Strategies for Scaling SOC Operations as Organizations Grow

  • Managing SOC Resources: Budgeting, Staffing, and Technology Investments

  • Case Study: Scaling SOC Operations in a Multinational Corporation

  • Continuous Monitoring and Improvement

  • Establishing Continuous Monitoring Programs

  • Metrics and KPIs for SOC Performance Improvement

  • Case Study: Continuous Improvement in SOC Operations

Module 6: Compliance and Reporting in SOCs

  • Regulatory Compliance and SOC Operation

  • Overview of Regulatory Requirements: GDPR, HIPAA, PCI-DSS, and NIST

  • Ensuring SOC Compliance with Regulatory Frameworks

  • Case Study: Achieving and Maintaining Compliance in SOC Operations

  • SOC Reporting and Communicatio

  • Writing and Presenting SOC Reports: Incident Reports, Threat Intelligence Briefings, and Executive Summaries

  • Communicating SOC Findings to Executives and Stakeholders

  • Case Study: Effective Communication in SOC Management

Practical Application and Capstone Project
Module 7: SOC Management Simulation

  • End-to-End SOC Management Exercise

  • Intelligence Integration, and Reporting

  • Real-World Scenario Simulation: Managing a SOC during a Major Security Incident

  • Peer Review and Instructor Feedback on SOC Management Techniques

  • Advanced SOC Management Strategies

  • Exploring Cutting-Edge SOC Management Techniques: AI in SOC, Predictive Analytics, and SOC as a Service

  • Case Study: Implementing Advanced Strategies in a Live SOC Environment

Module 8: Capstone Project and Exam Preparation
​​

  • Capstone Project

  • Participants Work on a Comprehensive Capstone Project that Encapsulates All Skills Learned Throughout the Course

  • Focus on Real-World Application, Reporting, and Analysis

  • Peer Review and Presentation of Capstone Project

  • Exam Preparation and Review

  • Review of Key Concepts and Techniques Covered During the Course

  • Sample Exam Questions and Group Discussions

  • Final Q&A Session and Wrap-Up

Original Logo.png

1487 Chain Bridge Rd, McLean,

VA 22101, USA

certification[at]cerns.org

NAVIGATION

HOME

ABOUT US

CERTIFICATION

RESOURCES

STAY CONNECTED

CONTACT US

JOIN OUR MAILING LIST

CERNS @2024. All Right Reserved.

bottom of page