Save $200 on this intake
Limited seats available at this price
3-Day Instructor-Led Programme
Strengthen Tier 2 SOC investigation and response workflows with structured case handling, escalation control, and defensible evidence practices. Mentor-led sessions use practical scenarios to build judgement, coordination, and response decision-making under pressure.
Duration
3 Days
Price
$2,599
(was $1,999)
Pricing applies to the current cohort only. Book now to secure this rate.
SOC Career Path L2 is designed for analysts moving beyond Tier 1 triage into deeper investigation and response ownership. You will learn how to develop stronger hypotheses, build timelines across multiple data sources, and decide when to contain, when to monitor, and when to escalate.
Delivered through mentor-led sessions, the course uses practical scenarios that reflect real SOC operations: incomplete data, time pressure, multi-stakeholder coordination, and handovers between shifts. You will practise running investigations to a clear conclusion, maintaining disciplined documentation, and producing response-ready outputs.
Over three days, you will build a repeatable Tier 2 workflow and produce case packs that demonstrate investigation depth, response thinking, and professional communication. Aligned with recognised best practices including ISO, GDPR, NIST and SOC 2, ensuring skills remain practical and deployable in real organisations. All prices are exclusive of VAT (where applicable). Group enrolments and custom packages available.
Multi-stage investigation scenarios, response decision drills, and case simulations with evidence packs and containment recommendations.
Mentor-led walkthroughs, investigation clinics, and feedback on analyst judgement, timelines, and case quality.
Tier 2 workflows for investigation depth, response coordination, and consistent case outcomes.
Design a Tier 2 investigation workflow with clear decision points.
Analyse complex cases to build defensible timelines and scope.
Implement response recommendations using process-led containment options.
Lead coordinated escalation with clear tasks and ownership.
Communicate investigation status to stakeholders professionally.
Evaluate case outcomes to improve playbooks and reduce repeat noise.
Experience with SOC triage fundamentals
Basic understanding of Windows and networking
Familiarity with security alert terminology
Step-by-step learning journey from basics to professional practice
Master these in-demand skills through hands-on practice
A clear view of the roles this programme supports, what typically comes next, and where learners progress over time
Choose the learning format that works best for you and your team
Instructor-Led Training
Join live instructor-led sessions from anywhere. Interactive, engaging, and flexible.
Price per person
Group enrolments and early planning options available.
Custom quotes for teams and organisations
We come to you. Training delivered at your workplace for teams of 6 or more.
Custom pricing based on:
No obligation. Response within 1 business day.
Classroom training at a professional venue. Ideal for focused, immersive learning.
Custom pricing based on:
No obligation. Response within 1 business day.
Combine online and in-person learning for maximum flexibility and impact.
Timeline tailored to learner availability
Custom pricing based on:
No obligation. Response within 1 business day.
All prices are exclusive of VAT where applicable. Group enrolments and custom packages available on request.
Not everyone learns best in a group. If you want focused guidance, faster clarity, and confidence you can use on the job, our 1-to-1 Fast-Track Training gives you private, mentor-led support tailored to your experience and goals.
"Many learners choose 1-to-1 when they want understanding, not memorisation."
Everything you need to know about the certification exams
ou will receive an Xcademia certificate of completion based on participation and successful completion of multi-stage scenario simulations and Tier 2 case pack deliverables.
Everything you need to know about this course
It is best for analysts who already understand Tier 1 triage and want to move into deeper investigations and response ownership, or for new Tier 2 analysts who want a structured workflow.
Take the next step in your professional development