TCM’s rapidly developing SOC training and certification catalog includes hands-on skill development from basic IT Help Desk > SOC Analyst > Malware Researcher. More courses and certifications are on the way, including the SOC 201 course, which will be released soon for those desiring a bridge from T1 and T2 duties into the abilities of Senior SOC professionals and beyond.
A Bounty of Blue Team
Although TCM began as a teacher and tester of offensive techniques, we understand that pentesting is only one facet of cyber security. We also recognize that those who are starting from zero experience may have a difficult time finding a pentesting position, even though they possess the drive to reach that goal. Open defensive job positions outnumber offensive positions by a wide margin, and many in the industry cite experience on one ‘team’ complementing and improving their abilities in the other.
To that end, we are developing more blue team training and certifications alongside our red team offerings in pentesting and web app pentesting. This will include the anticipated SOC 201 course developed and taught by CLI kung-fu master Andrew Prince, which will be released soon, as well as an advanced practical blue team certification further in the future. So be on the lookout!
Beginner to Help Desk Certified
If you are just getting started on a blue team career, the help desk is a common place to start, and for good reason. In addition to improving soft skills and getting hands-on experience with hardware and software, there are many responsibilities that are directly related to security. The following training and certification provide foundational knowledge and practical skills in essential troubleshooting and support techniques.
Practical Help Desk | 7+ hours
The Practical Help Desk Course offers a hands-on, step-by-step guide to understanding common IT problems, customer service principles, and resolving technical issues. Over seven hours of content, learners will gain practical experience in real-world help desk scenarios, including network troubleshooting, remote support, ticket resolution, and setting up/administering a Windows Active Directory environment.
Practical Help Desk Associate (PHDA) | 8 hour exam + Documentation report
The capstone of our free-tier entry-level IT courses, the Practical Help Desk Associate certification validates your expertise in providing real IT support, problem-solving, and customer service. The unique exam style simulates an 8-hour workday in the life of a Help Desk Professional, with a realistic testing environment and IT support tickets to triage, research, close, and document, including a professional report. By passing this certification exam, the student proves their ability to perform the duties required in most Help Desk roles from day one.
Help Desk to SOC Analyst
Whether you start in a help desk role, or have the experience and self-study to move into security analysis immediately, the Security Operations Center is likely to be your next step. We offer an extensive dive into the tools and methods that SOC analysts use daily to detect, monitor, and report on incidents, a certification of those skills, and training that branches into related disciplines.
Security Operations (SOC) 101 | 30+ hours
The Security Operations (SOC) 101 Course includes over 30 hours of in-depth training in the practical skills necessary for analysis and response in a Security Operations Center. The course covers the tools and methodology required for phishing analysis, threat detection, log analysis, SIEM management, and more. Suitable for those looking to gain skills in a T1-T2 SOC position.
Practical SOC Analyst Associate (PSAA) | 48 hour exam / 48 hour report writing
The Practical SOC Analyst Associate certification demonstrates your proficiency in handling security incidents, managing alerts, and monitoring network activity in a SOC. The fully practical exam tests the student’s ability to use tools and techniques to analyze, interpret, and investigate data in real-world situations. After the 2-day investigation is complete, 2 more days are allotted for writing a detailed professional report to round out the experience of a SOC analyst and certify they are ready to hit the ground running in a security analyst role.
Practical Windows Forensics | 11+ Hours
This course dives into the process of collecting and analyzing digital evidence from Windows systems by setting up a lab and walking through an attack and investigation. With 11 hours of content and hands-on labs, students will learn practical techniques for analyzing artifacts and conducting investigations, providing the forensic skills needed to tackle real-world cyber incidents.
Detection Engineering for Beginners | 11+ Hours
For those who want to learn even more about the essentials of building detection mechanisms to identify and respond to cyber threats. The course walks through building a home detection lab using Virtual Box and Elastic and then guides the student through three different attack scenarios to learn the process of crafting real detection rules and security alerts.
A Branch Into GRC
While not always imagined as the most glamorous of roles in cyber security, Governance, Risk, and Compliance is a vital position in medium to large organizations and can be a way to gain valuable experience, network, and pivot into other roles. It also allows a glimpse into the business side of cyber security, which is a valuable perspective for success and advancement. And if you just enjoy security policy, then GRC might be the perfect place for you.
The Definitive GRC Analyst Master Class | 7+ Hours
In The Definitive GRC Analyst Masterclass, students gain a comprehensive understanding of governance, risk management, and compliance (GRC) within cybersecurity. This 7+ hour course equips future GRC analysts with the knowledge to assess and manage risk, ensuring organizations meet legal and regulatory requirements.
SOC Analyst to Malware Researcher
Once you have some SOC experience under your belt and are looking for your next challenge, malware analysis is a good skill to pick up. This course and certification prepares SOC analysts to specialize in malware analysis and reverse engineering with an emphasis on the skills needed to identify, dissect, and mitigate advanced malware threats, opening doors to more advanced cybersecurity roles.
Practical Malware Analysis and Triage | 9+ Hours
This course will allow you to safely go beyond theory with real malware samples, walking through isolated environment creation and how to handle malware. You will learn how to analyze and triage malware using practical techniques through 9+ hours of content and develop a deep understanding of malware behavior and how to effectively combat cyber threats at the source.
Practical Malware Research Professional (PMRP) | 120 hour exam / 48 hour report writing
Learning how to analyze malware is important for advancement in some higher-level cyber security disciplines. The Practical Malware Research Professional is a method for proving you have those skills by actually dissecting malware in a 5-day hands-on research exam with 2 days to produce a professional report. Whether you want to pursue reverse engineering or advanced adversary emulation, diving deep into malware research is an important step. This certification is a testament to your abilities in identifying and mitigating malware.
Conclusion
This roadmap represents TCM’s path for learning and proving abilities in defensive cyber security disciplines. With the practical knowledge of the tools, techniques, and methods provided in these courses you will be able to perform the duties of a SOC analyst and you can certify those skills through our practical exams.
While our training will give you the ‘experience’ of a real-life blue team professional, having the skills and becoming certified is no guarantee of employment. But continued advancement through education, home labs, and self-study, along with sharing your insight and networking within the community, can improve your chances.
Good luck out there!
About the Author: Josh Daniels
Josh is an avid storyteller and writer who loves learning about the behind-the-scenes of the digital world we live in. While his professional experience is in content marketing, Josh began pursuing a career in cybersecurity in 2022, gaining a Sec+ certificate along with other training from industry professionals and a life long learner attitude.
When he is not writing, Josh enjoys outdoor adventures with his family, watching movies, reading, and an unofficial (unpaid) side gig as a Game Master Consultant for several friends who play table top RPGs. At TCM, Josh has found a home where his passion for storytelling and cybersecurity meet.
“Once men turned their thinking over to machines in the hope that this would set them free. But that only permitted other men with machines to enslave them.”
– Frank Herbert
About TCM Security
TCM Security is a veteran-owned, cybersecurity services and education company founded in Charlotte, NC. Our services division has the mission of protecting people, sensitive data, and systems. With decades of combined experience, thousands of hours of practice, and core values from our time in service, we use our skill set to secure your environment. The TCM Security Academy is an educational platform dedicated to providing affordable, top-notch cybersecurity training to our individual students and corporate clients including both self-paced and instructor-led online courses as well as custom training solutions. We also provide several vendor-agnostic, practical hands-on certification exams to ensure proven job-ready skills to prospective employers.
Pentest Services: https://tcm-sec.com/our-services/
Follow Us: Email List | LinkedIn | YouTube | Twitter | Facebook | Instagram | TikTok
Contact Us: [email protected]
See How We Can Secure Your Assets
Let’s talk about how TCM Security can solve your cybersecurity needs. Give us a call, send us an e-mail, or fill out the contact form below to get started.