Skip to main content

What do you think of this service? Your feedback will help us to improve it.

Monitoring

Role overview

The role of monitoring is to collect and analyse security event data arising from activity across the organisation, tune and improve rules generating security alerts, and follow up by investigating indicators of potentially malicious activity, escalating incidents or initiating responses.

Role level

Skills

Skill Associate Lead Principal
Information risk assessment and risk management Practitioner Practitioner Expert
Applied security capability Practitioner Practitioner Practitioner
Protective security Working Practitioner Expert
Threat Understanding Working Practitioner Practitioner

Core learning

Entry level  

CompTIA IT Fundamentals

Management of Risk (M_o_R) Foundation

Certified Security Risk Manager

Associate level  

CompTIA Security+

Certified ISO 27001 Practitioner

Management of Risk (M_o_R) Practitioner

Lead level  

Certified in Risk and Information Systems Control (CRISC)

CREST Registered Intrusion Analyst (CRIA)

SEC501: Advanced Security Essentials – Enterprise Defender

Principal level

FOR572: Advanced Network Forensics: Threat Hunting, Analysis, and Incident Response

FOR508: Advanced Incident Response, Threat Hunting and Digital Forensics

Automating Administration with Windows PowerShell

Sign up to UK Government Security

Subscribe to our newsletters to receive notifications when changes to strategy, policy, standards, and guidance are published on the website.

Sign up now