EC-Council Certified SOC Analyst (CSA) is a certification course that prepares analysts for roles in Security Operations Centres. Students learn the SOC workflow from log ingestion and SIEM monitoring through alert triage, threat categorization, incident escalation, and basic threat hunting. The course covers the tools, processes, and technical skills that define the day-to-day work of Tier 1 and Tier 2 SOC analysts in enterprise security environments.
What You Will Learn
- Understand SOC architecture, team structure, and the role of Tier 1, 2, and 3 analysts
- Monitor security events and alerts using SIEM platforms and security analytics dashboards
- Triage security alerts and classify incidents using threat intelligence and attack frameworks
- Investigate and escalate incidents including network intrusions, malware events, and phishing attacks
- Use threat intelligence feeds and the MITRE ATT&CK framework to contextualize and enrich investigations
Who Should Attend
Aspiring SOC analysts, helpdesk professionals transitioning to security, and junior security staff who want a structured path to SOC analyst roles.
Prerequisites
Basic networking and security concepts. Completion of CompTIA Security+ or equivalent is recommended.
