Managing Security Operations entails the design, build, operation and ongoing growth of all facets of the security capability of the organization. An effective SOC has many moving parts and must be designed with the ability to adjust and work within the constraints of the organization. To run a successful SOC, managers need to provide tactical and strategic direction and inform staff of the changing threat environment as well as provide guidance and training for employees. This course covers design, deployment and operation of the security program to empower leadership through technical excellence.
The course covers the functional areas: Communications, Network Security Monitoring, Threat Intelligence, Incident Response, Forensics, and Self-Assessment. We discuss establishing Security Operations governance for:
- Business alignment and ongoing adjustment of capabilities and objectives
- Designing the SOC and the associated objectives of functional areas
- Software and hardware technology required for performance of functions
- Knowledge, Skills and Abilities of staff roles as well as hiring and cultivating staff
- and execution of ongoing operations.
You will walk out of this course armed with a roadmap to design, build and operate an effective SOC tailored to the needs of your organization.
- Design security operations to address all needed functions for the organization
- Select technologies needed to implement the functions for SOC
- Maintain appropriate business alignment with the security capability and the organization
- Develop and streamline security operations processes
- Mature capability
- Collect data for metrics and report meaningful metrics to the business as well as maintaining internal SOC performance metrics
- Hire appropriate SOC staff and keep existing SOC staff up to date
If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.