Enhancing Cybersecurity Skills: Kefalew Getachew on How the C|SA Broadened His Understanding of Attackers' Tactics

Kefalew Getachew

Employer: Awash Bank
Designation: Senior IT Security Officer
Country: Ethiopia

Kefalew Getachew, senior IT security officer at Awash Bank, shares how EC-Council’s Certified SOC Analyst (C|SA) certification played a crucial role in building his cybersecurity career. He stated that in his day-to-day SOC operations, he applies knowledge gained from C|SA certification to enhance his incident investigations and response tasks. Kefalew values continuous learning, having also earned the Certified Network Defender (C|ND) and Certified Ethical Hacker (C|EH) certifications to build a better understanding of network security and develop relevant skills. He also stated that he actively recommends training and certifications to his team, ensuring that the SOC operates efficiently and effectively in the evolving cybersecurity landscape.

Is C|SA Worth it?

I’m actively applying concepts from the C|SA training in my daily tasks. The content is both highly relevant and engaging, particularly when it comes to incident investigations and response analysis. Our entire team utilizes these resources, and they’ve proven to be incredibly helpful.

Can you tell us about your journey as a cybersecurity professional?

My journey into cybersecurity began with monitoring security incidents at my previous organization. After that, I moved to a new organization as an IT Security Officer, where I worked on endpoint protection and firewalls. I then transitioned to my current role as a Security Operations Center (SOC) Engineer

What motivated you to pursue the EC-Council Certified SOC Analyst (C|SA) certification?

Currently, I’m working as an engineer in the security operations center (SOC) at Awash Bank, and I was motivated to pursue the C|SA certification because it directly aligned with my job role.

What aspect of the C|SA program did you find most interesting or valuable, and how have they contributed to your professional development?

During the training, we studied the guidelines and lab materials, actively analyzing them against our daily protocols to improve our skills. For example, we analyzed Windows events and Linux logs to better understand what’s happening in our environment, which was helpful in developing our expertise.

Can you share a specific incident or scenario where the C|SA knowledge helped in managing a cybersecurity incident?

Yes, there have been many scenarios. For example, during SIEM solution training with threat intelligence as a guide or during malware attacks on Windows workstations, we followed the event response procedures outlined in the C|SA.

Have you completed any other cybersecurity courses or certifications? If so, how does the C|SA differ in terms of the skills it develops, its impact on cybersecurity career advancement, and its overall value?

I received my first-ever official certification from EC-Council, which was the Certified Network Defender (C|ND). After that, I earned the Certified Ethical Hacker (C|EH) and Certified SOC Analyst (C|SA) certifications. Among them, the C|SA certification is closely related to ethical hacking in terms of practical experience. It is highly useful because most offensive actions in cybersecurity stem from ethical hacking, while defensive strategies are closely linked to understanding these offensive tactics. Understanding attack behaviors is crucial for effective responses. Both the ethical hacking and SOC analysis materials are well-organized, as I observed during my review.

How helpful is the C|SA training for career development in incident handling, SOC, and cybersecurity in general?

The C|SA training has been both interesting and incredibly helpful for my career development, especially in areas such as incident response, log analysis, threat intelligence, disposal processes, and understanding attack behaviors.

It’s been valuable in managing various solutions, including firewalls, SIEM tools, and integrating products like Splunk, QRadar, and SolarWinds. I apply the knowledge gained from the C|SA course daily in my SOC engineering tasks, and it has been a huge asset in my work.

In your opinion, how does the C|SA training align with the evolving threat landscape and support organizations in responding effectively to cyber incidents?

The certification is very interesting for any organization, especially since it covers various types of attacks and explains ways to protect against incidents. It guides SOC analysts, engineers, and other contributors, helping them organize existing technologies and methods for event and log analysis, as well as centralizing incident management. I find it fascinating as I continue to learn and use the training materials.

Have you completed any other EC-Council courses? If yes, how did the skills from those courses, combined with C|SA, contribute to your professional development?

I have completed the C|EH, C|ND, and C|SA certifications, all of which have been very helpful for me. For example, in ethical hacking scenarios, I’ve learned about the importance of reconnaissance in understanding attackers’ methods, such as how malware targets organizations with extensive attack surfaces.

These certifications have broadened my understanding of attackers’ techniques and tactics. Through C|SA, I learned how to monitor and detect attack events, analyze logs, and recognize patterns of attacks using various tools.

I also explored different types of attacks, like SQL injection and cross-site scripting, in scenarios such as hospital environments. Understanding how to protect and analyze event logs, as well as respond to these attacks, has been very insightful and helped me gain valuable skills.

Would you recommend the C|SA course for incident handling and cybersecurity? If so, what would be your key reasons for the recommendation?

I highly recommend this training for any organization’s security operations center (SOC). I’m currently suggesting it to my management for new staff members. New SOC staff should take this training to improve their daily performance and effectively handle SOC activities.

Become a
Certified Ethical Hacker (C|EH)

"*" indicates required fields

Name*

Phone*

Email*

Address*

What are you interested in ?*

ETHICAL HACKING

FUNDAMENTALS

Micro Learning

Executive Team

Governing Committees

Code Of Ethics

Diversity

Global Awards 2022

Pressroom

Accreditations

Career

Contact Us

Become a Trainer

Become a Training Partner

Become an Academic Partner

Become a Reseller

Become a Subject Matter Expert

Become an EC-Council Advisory Board Member

Become a Conference Partner

Become a Media Partner

NICE Framework Mapping

Store

Certified Member Portal

Training Partner Portal

Have a Question

C|EH Hall of Fame 2023

C|EH Hall of Fame 2021-2022

C|CISO Hall of Fame 2023

Success Stories

Cybersecurity Exchange

Ethical Hacking Leaderboard

Enhancing Cybersecurity Skills: Kefalew Getachew on How the C|SA Broadened His Understanding of Attackers' Tactics

Is C|SA Worth it?

Become a Certified Ethical Hacker (C|EH)

CAREER TRACKS

TRENDING CERTIFICATIONS

CUSTOMER SERVICE

COMPANY

Vulnerability Assessment And Penetration Testing (VAPT)

Network Defense And Operation

Digital Forensic

Application Security

Incident Handling And Response

Certified Ethical Hacker (C|EH)

Certified Chief Information Security Officer (C|CISO)

Computer Hacking Forensic Investigator (C|HFI)

Certified Network Defender (C|ND)

Certified Incident Handler (ECIH)

Certified Penetration Testing Professional (C|PENT)

Certified SOC Analyst (C|SA)

Certified Cybersecurity Technician (C|CT)

Partner With Us

Have A Question

Report Grievance

Training Partner Portal

Bug Bounty Program

Community

About

Contact Us

Careers

Pressroom

Become a
Certified Ethical Hacker (C|EH)