SANS Cybersecurity Leadership Courses by Job Role

Performing IT security audits at the enterprise level can be an overwhelming task. Its difficult to know where to start and which controls should be audited first. Audits often focus on things that are not as important, wasting precious time and resources. Management is left in the dark about the real risk to the organization's mission. Operations staff cannotuse the audit report to reproduce or remediate findings. AUD507 gives the student the tools, techniques and thought processes required to perform meaningful risk assessments and audits. Learn to use risk assessments to recommend which controls should be used and where they should be placed. Know which tools will help you focus your efforts and learn how to automate those tools for maximum effectiveness.

MGT415 will provide students with an introduction to thinking practically about risk management and teach the skills necessary to perform risk assessments. Not only will students learn foundational concepts of risk, but they will be given templates and tools that they can take back to their office immediately after class to perform risk assessments. Throughout the class students will learn introductory concepts of Governance, Risk, and Compliance (GRC) that they can use to mature their cyber security programs.

Security managers need both technical knowledge and management skills to gain the respect of technical team members, understand what technical staff are actually doing, and appropriately plan and manage security projects and initiatives. This is a big and important job that requires an understanding of a wide array of security topics. This course empowers you to become an effective security manager and get up to speed quickly on information security issues and terminology. You won't just learn about security, you will learn how to manage and lead security teams and programs by playing through twenty-three Cyber42 activities throughout the class, approximately 60-80 minutes daily.

Vulnerability, patch, and configuration management are not new security topics. In fact, they are some of the oldest security functions. Yet, we still struggle to manage these capabilities effectively. The quantity of outstanding vulnerabilities for most large organizations is overwhelming, and all organizations struggle to keep up with the never-ending onslaught of new vulnerabilities in their infrastructure and applications. When you add in the cloud and the increasing speed with which all organizations must deliver systems, applications, and features to both their internal and external customers, security may seem unachievable. This course will show you the most effective ways to mature your vulnerability management program and move from identifying vulnerabilities to successfully treating them. 16 Cyber42 and lab exercises

While the cloud environment may appear similar to running a traditional IT environment on the premises, the cloud solutions protection requirements are in fact very different because the traditional network perimeter is no longer the best line of defense, and the threat vectors are not the same. Effective defense of the organizations cloud environment requires significant planning and governance by a well-informed management team. This course provides the information security leaders need to drive a secure cloud model and leapfrog on security to leverage the security capabilities in the cloud. We will walk through the key aspects of managing cloud transition and ensuring security in the continuous operations post-migration that are common across organizations on the same journey. Nine scenario-based labs are included.

Many cybersecurity professionals are highly technical but often unfamiliar with project management terminology, methodologies, resource management, and leading teams. Overseeing diverse groups of stakeholders and team members, estimating resources accurately, as well as analyzing risk as applied to different organizational structures and relationships is a struggle for many new technical project leaders. Today's virtual work environment only increases these complexities. It is critically important to understand how to leverage a wide range of development approaches and project management framework components to maximize resources across various business units for project success. Confidently lead security initiatives that deliver on time, within budget, reduce organizational risk and complexity while driving bottom line value.

Certification: GIAC Certified Project Manager (GCPM)

Information technology is so tightly woven into the fabric of modern business that cyber risk has become business risk. SOC teams are facing more pressure than ever before to help manage this risk by identifying and responding to threats across a diverse set of infrastructures, business processes, and users. Furthermore, SOC managers are in the unique position of having to bridge the gap between business processes and the highly technical work that goes on in the SOC. MGT551 students will learn how to design their defenses around their unique organizational requirements and risk profile. We will give you the tools to build an intelligence-driven defense, measure progress towards your goals, and develop more advanced processes like threat hunting, active defense, and continuous SOC assessment. 15 Hands-On Exercises

Certification: GIAC Security Operations Manager (GSOM)

High-profile cybersecurity attacks indicate that offensive attacks are outperforming defensive measures. Cybersecurity engineers, auditors, privacy, and compliance team members are asking how they can practically protect and defend their systems and data, and how they should implement a prioritized list of cybersecurity hygiene controls. In SANS SEC566, students will learn how an organization can defend its information by using vetted cybersecurity frameworks and standards. Students will specifically learn how to navigate security control requirements defined by the Center for Internet Security's (CIS) Controls (v7.1 / 8.0), the NIST Cybersecurity Framework (CSF) the Cybersecurity Maturity Model Certification (CMMC), NIST SP 800-171, ISO/IEC 27000, and other frameworks into a cohesive strategy to defend their organization while complying with industry standards.

Certification: GIAC Critical Controls Certification (GCCC)