Skip to main content

Training Programs

The Cybersecurity Operational Methods Education and Training (COMET)

COMET was established to provide relevant, up-to-date training to Maryland state and local government employees to elevate the ability of the workforce to identify and respond to the largest cybersecurity challenges facing the state and local government.

COMET training focuses on two subsets of the state workforce: Incumbent and Advanced Incumbent.

Information on the trainings offered is below. If you are interested in this training, please submit an application to ensure that you receive communication when a cohort is scheduled.

Select a training level to learn more and apply.

Incumbent Training

Incumbent Training for those building foundational knowledge.

5-Week, 3-Part Program
Daily Monday through Friday

Part One – SOCOA I Training: Security Operations Fundamentals

This course introduces participants to the real-world operations of a Security Operations Center (SOC) through immersive, hands-on training. Trainees are guided through industry-defined cybersecurity tools and practices. The training covers foundational security concepts, operating systems, networking, cryptography, scripting, and more, with a strong emphasis on command-line proficiency and practical cybersecurity skills.

Participants explore:

  • Core cybersecurity concepts, threats, and social engineering
  • Linux and Windows command line environments
  • Cryptographic principles and applications
  • OSI and TCP/IP network models, devices, and services
  • Cloud, mobile device, and application security
  • Enterprise security operations including monitoring, incident response, and forensics

Hands-on labs reinforce theoretical knowledge, and instruction is delivered in alignment with real-world employer expectations, preparing participants for entry-level SOC roles.

Part Two – SOCOA I Training & Certification: Cyber Range Simulation

Building on skills acquired in Part One, this module places participants in an interactive cyber range that simulates real-world network environments. Acting as SOC analysts, participants respond to live cyberattacks launched by instructors. They must detect, mitigate, and remediate threats using SOC tools and techniques.

Each group of five students collaborates to defend against simulated brute-force and web defacement attacks while using cyber security tools such as Palo Alto Next Generation Firewal, Splunk security event information management system, and pfSense firewall in a controlled, hands-on environment.

Part Three – Fundamentals of Artificial Intelligence in Cybersecurity

SOC operations are always evolving and so must our SOC operators. After completing two parts on command line, Linux, and SIEM, Part 3 will focus on the fundamentals of artificial intelligence (AI). AI is a significant element of cybersecurity already, and its presence will only grow. From AI-enabled attacks to AI cyber defense tools, SOC operators will need to be proficient in AI. This part introduces concepts such as AI training methods, neural networks, generative AI, and AI for cybersecurity.

Program Requirements:

  • Must be either a State of Maryland or Maryland Local Government Employee
  • Must have at least one year of IT and/or cyber experience
  • Must receive manager approval to take training during business hours
  • Must be 18 years of age or older
Apply Now

Advanced Incumbent Training

Advanced Incumbent Training for those seeking certification.

5-Week, 2-Part Program
Daily Monday through Friday

Part One – GRC-AF Training & Certification: Governance, Risk & Compliance

This course provides comprehensive, instructor-led training in Governance, Risk, and Compliance (GRC) — the strategic discipline that connects technical cybersecurity operations to executive leadership, legal compliance, and enterprise risk management. Designed for incumbent IT and cyber professionals, this course formalizes and expands participants’ understanding of GRC as it applies to state and local government IT environments.

Over 40 hours of synchronous, online instruction, participants explore:

  • Core IT governance principles, including strategic alignment, value delivery, resource management, and performance measurement
  • Risk management and compliance frameworks, including NIST CSF, NIST RMF, ISO 27001, COBIT, CMMC 2.0, SOC 2, and SOX
  • Cybersecurity and technology risk, third-party and supply chain risk, and AI governance
  • Framework harmonization — identifying commonality across overlapping regulatory mandates to reduce duplication and audit fatigue
  • Technical writing and documentation skills, including governance charters, configuration management policies, incident response plans, and risk registers

Upon completion of Part One, participants will have the foundational knowledge to support GRC functions across government IT and cybersecurity operations.

Part Two – GRC-AF Training & Certification: Cyber Range Practicum

Building on the governance and risk concepts introduced in Part One, this module places participants in BCR Cyber’s live cyber range environment for 8 hours of applied, hands-on exercises. Participants apply GRC principles in simulated real-world scenarios, reinforcing their ability to assess risk, evaluate controls, and support compliance activities in operational settings.

Upon successful completion of both parts, participants receive a certificate validating their readiness for GRC support roles in state and local government.

Program Requirements:

  • Must be either a State of Maryland or Maryland Local Government Employee
  • Must receive manager approval to take training during business hours
  • Must be 18 years of age or older
  • Current role in IT, cybersecurity, IT management, compliance, audit, or a related function
  • Demonstrated responsibility for systems, data, or users (e.g., admin, management, oversight role)
  • Completion of COMET Incumbent training or at least two years of IT/cyber experience
Apply Now