ConSecur Academy

Customised training L1 Security Analyst Team

Companies and organisations have IT infrastructures that are individually designed to map their business processes. ConSecur Academy training programmes integrate these special features as well as all regulatory requirements.

"L1 Security Analysts trained by ConSecur will "be able to run themselves"."

Matthias Rammes
IT consultant and lecturer at the ConSecur Academy

Training

Training for the L1 Security Analyst Team

Duration: 3 - 6 months incl. final exam
Target group: Beginners to IT security employees
Prerequisites: At least basic IT knowledge (e.g. training as an IT specialist), ideally with initial experience in the field of IT security
Focal points: Individualisation to company-specific circumstances and requirements
"Training on the job" / shadowing
Secure identification and analysis of potential security incidents according to binding rules, recognising patterns and getting behind them

Trained IT security analysts at the CDC analyse the thinking of others.

Modules

Training content

01 Information security basics
Definitions, terminology and standards. When is Cyber KiIl Chain?

02 Defence in Depth

Security awareness and defence concept and the human being?

03 Communication protocols

Networks and communication channels and their vulnerability

04 Malware

Recognising malware without AV and EDR

05 Basics of incident handling
And now? What do I do with the incident now?

TRAINING contents

Individualised training L1 Security Analyst Team (m/f/d)

In the kick-off meeting, we take up these requirements and special features so that all potential IT security analysts find themselves in a familiar environment after their training.
In this phase, we also familiarise ourselves with the level of knowledge of the people from the group of trainees in order to deepen training content if necessary or to be able to look at it more intensively on an individual basis.

We also familiarise them with the requirements and industry-specific practices.
After six months of training, the IT security analysts are ready for work.
They know the tools and applications used by the company or organisation.

They are also familiar with the specifications and practices that apply to certain companies and sectors. Examples of these special features include the requirements of the data protection officer, the Money Laundering Act or the rights of a works council.

Kick-off meeting

The collaboration begins with an assessment of the situation for the individual training programme

The development of the common thread begins in the kick-off meeting with the responsible persons.

Before we start training at the ConSecur Academy, we familiarise ourselves with the IT infrastructure on site:

How is the IT infrastructure set up?
Which applications and tools are running?
How are they used?
How are security incidents documented in the company's own tools?
Security analysis - how are security alarms generated?
What existing processes are in place?
Which people are responsible for which areas within these processes?
Who makes which decisions?

The inventory gives us a complete picture of the situation on site.

We combine this with the training content from the ConSecur Academy so that all participants find themselves within their familiar environment during their training.

The common thread

Binding processes for your own cyber defence centre

A cyber defence centre (CDC) is successful when the IT security analysts working there operate as a team.

That is why we at the ConSecur Academy attach great importance to the common thread of cooperation in order to be able to offer a binding, standardised quality of work and processes in the CDC, regardless of the individual.

We call the playbook, also known as the runbook, standard operations procedure or event procedure, the reference book that

rules of cooperation,
describes procedures for the clean, court-proof documentation of security incidents,
defines rules for the individual roles in the Cyber Defence Centre and
the procedure in the event of an alarm.

"If I don't know it myself, I know where to find it!"
The playbook contains rules and answers.

The common thread also includes personalised support for the individual. In communication and personality training sessions, for example, we encourage and empower introverts to find their words and their way in presentations or within the group.

"If required, we at ConSecur can also take over the recruitment of suitable candidates for the L1 Security Analyst training programme."

Matthias Rammes
IT consultant and lecturer at the ConSecur Academy

Be able to walk yourself

Always question. Stay curious. Ask questions.
Recognise patterns. Be prepared for the impossible.

The IT security analysts at the Cyber Defence Center are concerned with the thinking of others. Your task will be to remain professionally curious in order to track down attackers.

In dialogue with the ConSecur IT consultant, they will have learned how to apply and use the five W questions.

What has happened?
Where did it happen?
Who caused it?
When did it happen?
How did it happen?

Attacker profiling will be second nature to IT security analysts after on-the-job training. After their training, they will have learnt to ask the right questions to track down the important information within the network.

Trained IT security analysts will be able to "run themselves".

download

ConSecur Academy - Successfully training IT-Security-Fachkraft

Learning from IT consultants and CDC managers from practice for practice - the ConSecur Academy imparts the knowledge to work successfully as an IT security analyst. The core of our training and further education courses has always been the preparation for secure, independent use in practice, analysing security incidents and documenting them securely.

Solution sheet ConSecur Academy Download

Feel free to contact us

Do you have any questions about the ConSecur Academy or do you need advice on training your own IT security experts?
Our team of experts will be happy to help!

Book a consultation appointment now