As the security landscape is expanding, a SOC team offers high quality IT-security services to actively detect potential cyber threats/attacks and quickly respond to security incidents. Organizations need skilled SOC Analysts who can serve as the front-line defenders, warning other professionals of emerging and present cyber threats. The CSA program covers the fundamentals of SOC operations, together with the knowledge of log management and correlation, SIEM deployment, advanced incident detection, and incident response.

Recent years have witnessed the evolution of cyber risks, creating an unsafe environment for the players of various sectors. To handle these sophisticated threats, enterprises need advanced cybersecurity solutions along with traditional methods of defense. Practicing good cybersecurity hygiene and implementing an appropriate line of defense and incorporating a security operations center (SOC) have become reasonable solutions. The team pursues twenty-four-hour and “follow-the-sun” coverage for performing security monitoring, security incident management, vulnerability management, security device management, and network flow monitoring.

A SOC Analyst continuously monitors and detects potential threats, triages the alerts, and appropriately escalates them. Without a SOC analyst, processes such as monitoring, detection, analysis, and triaging will lose their effectiveness, ultimately negatively affecting the organization.

The lab-intensive Certified SOC Analyst (CSA) program emphasizes the holistic approach to deliver elementary as well as advanced knowledge of how to identify and validate intrusion attempts. Through this, you will learn to use SIEM solutions and predictive capabilities using threat intelligence. The program also introduces the practical aspect of SIEM using advanced and the most frequently used tools. You will learn to perform enhanced threat detection using the predictive capabilities of Threat Intelligence.

Training includes:

  • Instructor-led, streaming video training modules – 1-year access
  • Official EC-Council e-courseware – 1-year access
  • CyberQ Labs, virtual lab platform – 6 months access
  • Certification Exam Voucher
  • Certificate of Attendance

Course outline:

  • Module 01: Security Operations and Management
  • Module 02: Understanding Cyber Threats, IoCs, and Attack Methodology
  • Module 03: Incidents, Events, and Logging
  • Module 04: Incident Detection with Security Information and Event Management (SIEM)
  • Module 05: Enhanced Incident Detection with Threat Intelligence
  • Module 06: Incident Response

Who is it for:

  • SOC Analysts (Tier I and Tier II)
  • Network and Security Administrators, Network and Security Engineers, Network Defense Analyst, Network Defense Technicians, Network Security Specialist, Network Security Operator, and any security professional handling network security operations
  • Cybersecurity Analyst
  • Entry-level cybersecurity professionals
  • Anyone who wants to become a SOC Analyst.


Network or Security administration experience recommended

Duration: 24 hours or 3 full-day sessions

Cost: $1,900 + HST

ORION Flexible Online Training courses are exclusively for ORION constituents. Organizers have the right to restrict access to online resources accordingly.


For more information, please contact ORION’s Community Development team at