Description

This hands-on course prepares aspiring and current security leaders to build, lead, and optimize a modern Security Operations Center (SOC). Whether you're launching a SOC or improving an existing one, you'll gain the strategic, operational, and technical skills to align SOC efforts with business and security goals. Over 5 days, students will explore SOC design, threat modeling, detection strategies, incident response planning, team development, and cloud-based operations. You'll work with tools like MITRE ATT&CK, Wireshark, STIX, TCPdump, and Jupyter to implement real-world use cases and improve SOC performance.

By the end of this course, you will be able to:

• Build and operate a SOC aligned to business needs
• Apply frameworks to improve threat detection and response
• Lead incident response with structured playbooks
• Define and use SOC metrics for performance improvement
• Recruit and retain effective, high-performing teams

The course also prepares students for the GIAC Security Operations Manager (GSOM) certification and reinforces leadership through practical application.