SOC (Security Operations Centre) Training | CyTek Academy
Cybersecurity
SOC (Security Operations Centre) Training
Start your career in Security Operations with industry-led, hands-on SOC training at CyTek
signal_cellular_altAdvanced
timelapse~16 h
menu_book1 lessons
Welcome to SOC (Security Operations Center) Training at CyTek Academy.
Are you ready to start a rewarding career in a Security Operations Center (SOC)?
This programme includes everything you need to begin your journey in this fast-growing field. It is designed for beginners entering security operations—whether you are a student or a career switcher—and helps you take your first confident step.
What You Will Gain
Learn SOC skills from industry experts
Master current SOC tools and techniques
Build fundamentals in cybersecurity: SIEM (Security Information and Event Management), threat intelligence, and more
Career support: resume tips and mock interviews
Profile marketing and LinkedIn optimisation
Who Is This Course For?
Programme
Full programme details
Extended overview of what this course covers.
Curriculum
Module 1: Security Operation Centre
Understand SOC fundamentals
Discuss SOC components: people, processes, and technology
Understand SOC implementation
Module 2: Understanding Cyber Threat and Attack Methodology
Describe cyber threats and attacks
Understand network-level attacks
Understand host-level attacks
Understand application-level attacks
Understand Indicators of Compromise (IoCs)
Discuss the attacker's hacking methodology
Module 3: Incident Detection in a SIEM Environment
Understand basic concepts of Security Information and Event Management (SIEM)
Discuss different SIEM solutions
Understand SIEM deployment
Use case examples: application-level incident detection
Use case examples: insider incident detection
Use case examples: network-level incident detection
Use case examples: host-level incident detection
Use case examples: compliance
Understand alert triaging, handling, and analysis
Module 4: Incident Response
Syllabus
Curriculum preview
Lesson outline for this programme. Full content unlocks in the classroom after enrolment.
01
lockModule 2: Understanding Cyber Threat and Attack Methodology
Create an account to enrol and access the full classroom, progress tracking, and materials.
Understand fundamental concepts of incident response
Learn the phases of the incident response process
Respond to network security incidents
Respond to application security incidents
Respond to email security incidents
Respond to insider incidents
Respond to malware incidents
Module 5: Incident Events and Logging
Understand fundamentals of incidents, events, and logging
Explain local logging concepts
Explain centralised logging concepts
Module 6: Vulnerability Management
Understand vulnerability management fundamentals
Identify, assess, and prioritise vulnerabilities
Support remediation and reporting in a SOC context
Hands-On Labs and Live Projects
Splunk — Monitoring and Alerts
Learn to use Splunk, a leading SIEM tool, to collect, search, analyse, and visualise log data from servers, firewalls, endpoints, and other sources.
Wireshark — Network Traffic Analysis
Capture and inspect live network traffic; detect suspicious packets, analyse protocols, and identify indicators of compromise (IoCs) in network activity.
MITRE ATT&CK Framework
Explore how real-world attackers operate; map attack techniques to detection strategies using logs and threat intelligence.
Linux — Log Analysis
Analyse logs to identify brute-force attacks, privilege escalation, and unauthorised access using command-line tools such as `grep`, `awk`, and `journalctl`.
