Professional & Academic

Certifications

CREST, CREST Certified Incident Manager

The (CCIM) examination tests a candidates’ knowledge across a range of areas wider than traditional intrusion analysis including conventional incident response technical tasks and also a wide range of general technology areas to ensure they are competent to assess and handle a range of potential incident scenarios.  The detail in these areas is high level but broad with “an awareness of” being a good description of the level of detail required. 

http://www.crest-approved.org/professional-examinations/certified-incident-manager-2/index.html

Courses

EMC2, RSA SOC Simulation Challenge

RSA SOCSim, a forensic analysis experience, exposes participants to network and forensic analysis within a real-world breach scenario using simulated SOC dynamics. Participants are presented with a use case that requires them to analyze data flowing over the network. They are guided through the analysis by challenge questions using a “Jeopardy!” style interface based on the Cyber Kill Chain methodology. Answers are derived through data exploration and investigation of sophisticated "puzzles within puzzles" such as protocol and application analysis, steganography, reverse engineering encryption/decryption, open source intelligence and much more... At the end of the challenge, the RSA facilitator will provide an overview of the breach scenario, including key analytical discoveries for each phase of the Cyber Kill Chain and respond to outstanding questions that participants may have.

https://education.emc.com/guest/widgets_template4.aspx

SANS, SEC511: Continuous Monitoring and Security Operations

SEC511: Continuous Monitoring and Security Operations. We continue to underestimate the tenacity of our adversaries! Organizations are investing a significant amount of time and financial and human resources trying to combat cyber threats and prevent cyber attacks, but despite this tremendous effort organizations are still getting compromised. The traditional perimeter-focused, prevention-dominant approach to security architecture has failed to prevent intrusions.

http://www.sans.org/course/continuous-monitoring-security-operations

SANS, MGT512: SANS Security Leadership Essentials For Managers with Knowledge Compression™

This completely updated course is designed to empower advancing managers who want to get up to speed quickly on information security issues and terminology. You won't just learn about security, you will learn how to manage security. Lecture sections are intense; the most common student comment is that it's like drinking from a fire hose. The diligent manager will gain vital, up-to-date knowledge and skills required to supervise the security component of any information technology project.

http://www.sans.org/course/security-leadership-essentials-managers-knowledge-compression

Skills For Security, Level 3 Award in Advanced Security Operations course

This course is suitable for anyone wishing to develop a specialised understanding of security operations and is also suitable for existing or aspiring security supervisors.

http://www.skillsforsecurity.org.uk/index.php/training/2/154

InfoSec Skills, Solution Architecture Security Practitioner

It is rare for today’s’ IT systems to have no security facilities within them. Many organisations, or projects, cannot afford to have an assigned security architect. Yet many solutions or technical architects do not have a good understanding of Information Assurance (IA). This means that many systems are being designed and built that do not mitigate many of the current and emerging threats from today’s interconnected IT world. The Solution Architecture Security Practitioner (SASP) course is targeted at Solution Architects wishing to know how to design secure systems and gain the knowledge of how to architect into a system a wide range of security controls.

https://www.infosecskills.com/products/information-assurance-architecture