The Level 1 SOC Analyst is responsible for ongoing monitoring and triaging of Triskele Labs Security Operations Centre (SOC) clients on a 24x7x365 basis. This includes monitoring of SIEM technologies, Vulnerability Management and Threat Intelligence Management to identify and report on potential threats within a client network.
In addition to raising threats as tickets for clients, you will also be responsible for assisting with monthly reporting, procedure and workflow development. The Level 1 SOC Analyst is the frontline of the SOC and responsible for catching the bad guys before they can compromise a client network.
A day in the life of a Level 1 SOC Analyst includes:
- Monitor client networks for security issues 24x7 on a rotating roster.
- Investigate security threats, breaches, and incidents.
- Use SIEM, SOAR, and Vulnerability Management platforms to protect systems.
- Act as the first point of contact via the 1300 number through the central Service Desk.
- Raise critical/high alerts with clients following escalation procedures.
- Install security measures per Change Management procedures to address confirmed threats.
- Document and assess security breaches and their impact.
- Prepare monthly service and management reports as needed.
- Review and update client software configurations for DefenceShield services.
- Test and verify software tools to ensure proper functionality within client environments.
- Stay updated on IT security trends and standards.
- Help develop company-wide IT security best practices.
- Research and recommend security enhancements to management.
Triskele Labs are an equal opportunity employer and this position is open to all genders, nationalities and races.
You will be required to participate in the 24x7x365 roster.
As you will be the front line of the SOC, you will be required to have excellent soft skills and the ability to work collaboratively with clients. You will hold an Advanced Certification in Cybersecurity and have exceptional knowledge of cybersecurity practices, especially Security Operations.
You will continually be learning cybersecurity and on the forefront of threats and what is happening in the industry. Importantly, you will be required to:
- Stay aware of all assigned tasks and their time/cost expectations.
- Adhere to company standards, guidelines, procedures, and policies.
- Use approved Triskele Labs templates and style guides for deliverables.
- Inform the Security Operations Manager immediately of any issues or delays with work assignments and suggest solutions.
- Report any factors affecting personal effectiveness to the Security Operations Manager.
- Ensure documentation is stored in the appropriate Document Management System.
- Record time daily in the Time Recording System.
- Conduct shift handover meetings with the outgoing Security Analyst and update the Shift Handover document.
- Attend team meetings as requested by the Security Operations Manager.
- Perform other tasks as directed by the Security Operations Manager.
It is important to note you will be required to complete your CompTIA CySA+ certification within your first 3 months and your Security Blue Team Blue Team Level 1 Certification (Standard) within your first 4 months. In addition, you will be required to conduct at least one (1) Blue Team Online Lab per month.
Triskele Labs have worked since October 2014 to build an inclusive team culture. We believe in information sharing and ensuring all team members feel part of the team, including those on shift. We look after our team not just through salaries, but also ongoing training. Outside of salaries paid, Triskele Labs provide the following for all Level 1 SOC Analysts:
- Blue Team Labs Online Account
- CySA+ Training and Exam
- Security Blue Team Blue Team Level 1 Certification (Standard) Course and Exam
- 5 weeks annual leave per year
- Day of Birthday Leave
- Day of Doona Day Leave
- Access to our Employee Assistance Program
- Social Activities
In addition, there will be opportunities for appropriately skilled analysts to move through the ranks as our team continues to grow. We believe in promoting from within.