- Career vs. Job
- Developing Job Roles
- SOC Job Roles
- NICE Cybersecurity Workforce Framework
- Role Tiers
- SOC Services and Associated Job Roles
- Soft Skills
- Security Clearance Requirements
- Onboarding Employees
- Managing People
- Job Retention
- Evaluating Training Providers
- Company Culture
Evaluating Training Providers
Different training providers will offer their own version of a certification program. For example, EC-Council, SANS, and Offensive Security all offer a penetration testing certification. Some of the content will be similar, while other parts of the program will be unique based on how the provider develops its material. It is recommended to consider the following when evaluating a program:
What steps/efforts are required to learn and achieve a certification?
What are the upfront and annual costs following completing the certification? Some programs require recurring fees.
What are the recertification requirements?
How respected is the certification/program based on industry feedback?
Do the learning objectives align with your own learning objectives?
Who will be developing the content and teaching the content? Some programs push live classes with generic teachers that provide little value for the high cost of the course.
When is the training offered and does it meet your training timeline?
Are there better competitive training options that accomplish similar learning objectives?
Does the training and testing format mesh with your learning style?
Training should not be limited to individual learning or technical knowledge. The SOC should also train as a unit to improve its services. One popular approach to accomplish SOC training is performing tabletop exercises.