Why Do Courses
As a way to keep learning or if you are starting out courses are a great thing to do. They teach you new skills and are a way for any employer to know what skills you have.
The courses I am suggesting are ones I have done myself. They have a combination of a great instructor and helpful information. I can not guarantee that these are ones your employer recommends or wants you to complete. I however found them to be helpful in my career.
Effective Information Security Writing
URL - https://www.networkdefense.io/library/effective-information-security-writing-26037/55514/about/
Instructor - Chris Sanders
One factor of being in the SOC is being able to write a good report. For every signal you work on you will need to write a report advising your customer of what you have detected.
The effective information security writing course is a great one to teach you how to write a concise report that people who are not technical can read.
The instructor is Chris Sanders who delivers this course in an upbeat way. You have optional activities which you can complete and submit to Chris who will give you feedback on it.
There is no exam but you can submit a report to Chris to assess for your certificate. If you choose not to you will still get your certificate for completing the course.
13 cubed Windows Endpoint Forensics
URL - https://training.13cubed.com/investigating-windows-endpoints
Instructor - Richard Davis
This is one of the best courses I have completed so far. It teaches you how to investigate windows event logs, the registry and so much more.
Richard Davis is the instructor and has a lot of experience in the field. He has ran courses for various companies like the SANS Institute. With the windows endpoint course he is very engaging and delivers this course in a way which keeps you focused.
This course is set up so you can follow along and carry out the work at the same time as Richard does it. It has a lot of information but it is stuff that will put you on the front foot when learning how to investigate.
The exam is 80 questions with a pass mark of 70 points. It has theory as well as practical questions. It is an open book so you can have your notes. It is not an easy exam but if you take good notes and the time to go through all the sections a few times you can pass the first go.
I recommend this as the first course you should do as it covers most areas you will need when starting in a SOC.