SOC Analyst: SIEM, Splunk & Threat Detection

Name: SOC Analyst: SIEM, Splunk & Threat Detection
Availability: InStock

Master the core skills of a modern Security Operations Center (SOC) analyst. From understanding the MITRE ATT&CK framework and SIEM architecture to writing Splunk SPL queries, triaging alerts, and proactively hunting for threats, this hands-on course prepares you to detect and respond to real-world cyber incidents using industry-standard tooling.

4.80/5.0

11 hours

0 enrolled

Updated May 2026

Course Content ↓

This course is included in Pro — $19.99/moUpgrade →

By Marcus Reid

What You'll Learn

Explain the structure and mission of a Security Operations Center and its analyst tiers

Map attacker behaviours to MITRE ATT&CK tactics, techniques, and sub-techniques

Describe SIEM architecture including data ingestion, normalisation, indexing, and search

Configure Splunk inputs, write SPL queries, and build dashboards and scheduled alerts

Apply correlation rules to detect threats, triage alerts, and escalate genuine incidents

Conduct proactive threat hunts using hypothesis-driven SPL searches and threat intelligence

Automate repetitive response tasks using SOAR playbooks and understand their role in a modern SOC

Prerequisites

Basic networking concepts (TCP/IP, DNS, HTTP)
Familiarity with the Linux command line
Understanding of common cybersecurity concepts (firewalls, IDS, malware)
No prior Splunk or SIEM experience required

About the Instructor

Marcus Reid

Expert instructor with hands-on industry experience in Security.

Included in paid plans

LevelIntermediate

Duration11 hours

Lessons—

Students0

Rating4.80 / 5.0

This course includes

Hands-on practice labs
AI-powered explanations
Progress tracking
Certificate of completion
Lifetime access

30-day money-back guarantee