Cyber Security Operations Associate

Transcription

1 ST Electronics (Info-Security) Pte Ltd ST Electronics (Info-Security) Page 1

2 Cyber Security Operations Essentials: Live cyber security training to build Detection, Response & Recovery capability In today s ever-evolving security environment, organisations, enterprises and governmental institutions face new threats and the possibility of cyber-attacks every day. To counter these threats, organisations invest heavily in the Protection aspect of cyber security to safeguard their business systems. At the same time, info-security or cyber security teams are sent for training for more in-depth knowledge in cyber security, so that they can lay the right foundation. Yet, breaches occur. Knowledge is Important, Response is Essential Clearly, knowledge in the techniques required to secure your organisation s critical IT assets and business systems is important. Operational-centric cyber security training allows trainees to hone their cyber security cognitive and analytical skillsets on real-world, live networks, with real malware and exploits. Operational skills to detect genuine cyber threats, respond adequately, and recover appropriately in the event of compromise, however, is beyond important. It is critical. Whether you are a Network Administrators, or an IT professional requiring a basic-level programme on cyber security, attend the (CSOA). This programme focuses on equipping individual with general cyber security knowledge and skillsets. It also enables you to acquire the necessary know-how and possess the relevant information security and information security operational skills and capabilities. Who Should Attend System / Network Administrators requiring a basic level programme on cyber security operations IT Professionals / Engineers looking to build up their foundation in cyber security operations or exploring to take on a cyber security-related job role ST Electronics (Info-Security) Page 2

3 Course Focus Real-World, Operations-Centric Cyber Defence Training State-of-the-Art Cyber Training Platform Emulation of real-world conditions such as network structure, network characteristics, and traffic, with real malware and exploits. True and accurate reflection of what it would be like to experience the entire kill-chain of cyberattack(s) in a controlled environment First in Singapore and the region Course Structure Day One a. Cyber Security Concepts Cyber Security Trends and Overview b. Network Technologies and Security Introduction to Network Systems Network Security c. Security Products and Hands-On Cheat sheets and logging Netstat Exercise Security Information and Event Management (SIEM) Day Two a. Attack Types and Methodology Attack phases Types of vulnerabilities and attacks Web-based attack (OWASP top 10) b. Security Aspects for IT Management c. Security Operations Centre and Incident Response Different types of information security incident Information security incident management framework Overview to SOC concepts and operations Threat identification, threat correlation, threat aggregation, threat filtering (through applications and server logs) Incident handling, response management, notification and reporting Day Three a. Security Products and Hands-On Checkpoint Firewall b. State-of-the-Art Cyber Training System Introduction Real-world cyber-attack scenario ST Electronics (Info-Security) Page 3

4 About the Trainers Trainers conducting the include: Meny Har CTO and Principal Trainer Meny Har is the CTO of the, where leads the Centre s technology strategy and anchors all training curriculum and course design. He is also the Principal Trainer of. Meny possesses nearly a decade of experience in the cyber security industry. He has a rich and versatile technological background combining cyber security solution architecture and design as well as hands-on managerial cyber security experience as a Cyber Security Department Head for one of the Israeli Defense Forces (IDF) primary commands. Prior to joining the centre, Meny was the chief solution architect for Elbit System s cutting-edge Cyber Training System, where he led the design and development efforts for all aspects of the system. Additionally, Meny has spent many years of service in the IDF in the Info-Sec branch of the Intelligence Corps, most of which in commanding-managing positions. During that time, he led all security operations activities in one of IDF s primary commands and administered all of its Info-Sec strategy and policies. Meny also holds a B.Sc.in Computer and Electrical Engineering from the Hebrew University of Jerusalem, one of Israel s leading academic institutions. Zhang Youwei Trainer Zhang Youwei is a Cyber Security Engineer and Trainer at ST Electronics (Info-Security) Pte Ltd. He is experienced in the hardware aspects of Information Technology particularly quality assurance. More recently, Youwei redirected his focus to information security and cyber security. In his current capacity, Youwei is the Systems Lead for a Cyber Security Centre of Excellence housing a state-of-the-art Cyber Trainer Platform that delivers cyber scenarios-based experiential training, which is the first, and only-of-its-kind in Singapore and the region. He administers and operates the Cyber Trainer Platform for training, and also supports curriculum development and improvement. From a systems perspective, he is also the anchor in all customer and partner engagement. Prior to his current role, Youwei was with Advanced Micro Devices under the EDB LOT Programme. During his time in AMD, he was part of the Advanced Testing and Characterisation team with the responsibilities of formulating test scripts, analysing data and correlating subsequent results on new products. In that role, he received two awards, one individual and one as part of a group, for process improvement. Zhang Youwei holds a Bachelor of Engineering degree from National University of Singapore. He is also a Qualified Information Security Professional (AISP), and is pursuing a Certified Ethical Hacking (CEH) certification from EC Council. ST Electronics (Info-Security) Page 4

5 Course Details COURSE DETAILS Course Schedule for Year 2015: Time: Venue: Course Fees: Contact: May June July August Day 1 3: Starts at 9:30am 3-day programme 80 Jurong East Street 21, #04-02 Devan Nair Institute, Singapore October November November SGD$2,500 (Singaporeans and Permanent Residents) Ms Lai Yan Ting lai.yanting@stee.stengg.com General Enquiries: +(65) Ms Jolene Ng joleneng@stee.stengg.com Note: (1) Not inclusive off Singapore goods and services tax (GST) (7%). (2) Course fees is inclusive of lunch. (3) ST Electronics (Info-Security) Pte Ltd reserves the right to make amendments to the course agenda without prior notice. Training Benefits Cyber Security Training based on s Cyber Trainer System benefits trainees by enhancing their ability to: 1. Appreciate the entire kill-chain of various cyber- attacks 2. Develop improved response to cyber attacks 3. Enhance decision-making in the event of cyber-attacks 4. Enhance the collaboration between team mates working together HOW? 1. Be exposed to a myriad or real-world cyber-attacks and participate in the verification of an attack Sharper Detection 2. Gain deeper insights on the actions and steps that can be taken and participate in the evaluation of the organisational and business impact of every action taken against cyber attackers Better Response 3. Sharpen the skills of the team in mitigating against attacks and participate in discussing how future attacks can be thwarted Smarter Mitigation ST Electronics (Info-Security) Page 5

6 About ST Electronics (Info-Security) set up the to offer advanced training courses in cyber security to meet increasing industry demand for such expertise. Training at the centre is supported by a Cyber Trainer System that emulates real world attacks on enterprise networks in a controlled environment. Trainees learn how to apply tools to protect, detect, respond and recover their networks from various types of cyber attacks. All training is designed to be operation-centric and experiential based. Location 80 Jurong East Street 21 #04-02 Devan Nair Institute Singapore We Are Here ST Electronics (Info-Security) Page 6

7 80 Jurong East Street 21 #04-02 Singapore Phone : (65) / (65) Fax : (65) info_digisafe@stee.stengg.com No part of this publication may be reproduced or transmitted in any form or for any purpose without the express permission of ST Electronics (Info-Security) Pte Ltd. The information contained herein may be changed without prior notice. These materials are provided by ST Electronics (Info-Security) Pte Ltd for informational purposes only, without representation or warranty of any kind, and ST Electronics (Info- Security) Pte Ltd shall not be liable for errors or omissions with respect to the materials. The only warranties for ST Electronics (Info-Security) Pte Ltd products and services are those that are set forth in the express warranty statements accompanying such products and services, if any. Nothing herein should be construed as constituting an additional warranty. ST Electronics (Info-Security) Page 7