The Level 1 SOC Analyst is responsible for ongoing monitoring and triaging of Triskele Labs Security Operations Centre (SOC) clients on a 24x7x365 basis. This includes monitoring of SIEM technologies, Vulnerability Management and Threat Intelligence Management to identify and report on potential threats within a client network.
In addition to raising threats as tickets for clients, you will also be responsible for assisting with monthly reporting, procedure and workflow development. The Level 1 SOC Analyst is the frontline of the SOC and responsible for catching the bad guys before they can compromise a client network.
A day in the life of a Level 1 SOC Analyst includes:
- Monitor client computer networks for security issues on a 24x7x365 Rotating Roster.
- Investigate security threats, security breaches and other cyber security incidents.
- Operate software to protect systems and information infrastructure including SIEM, SOAR and Vulnerability Management platforms
- Operate the centralised Service Desk function and act as a fist point of contact via the 1300 number.
- Raise Critical and High alerts with clients via SMS and phone following Escalation procedures.
- In accordance with Change Management Procedures, install security measures to mitigate confirmed security threats.
- Document confirmed security threats and breaches and assess where possible the damage they cause.
- Prepares monthly service management and other service reports as required
- Regularly review and maintain all client software configurations used to provide the contracted DefenceShield services and where required update these within the relevant Document Management system that records for future reference each configuration parameter and value that has been
- Verify (through testing) that any software tools, used as part of performing your role within a client environment, works as intended and produces the results as expected.
- Stay current on IT security trends and news.
- Assist to develop company-wide best practices for IT security.
- Research security enhancements and make recommendations to management.
- Stay up to date on information security standards.
Triskele Labs are an equal opportunity employer and this position is open to all genders, nationalities and races.
You will be required to participate in the 24x7x365 roster, working in our SOC in South Melbourne.
As you will be the front line of the SOC, you will be required to have excellent soft skills and the ability to work collaboratively with clients. You will hold an Advanced Certification in Cybersecurity and have exceptional knowledge of cybersecurity practices, especially Security Operations.
You will continually be learning cybersecurity and on the forefront of threats and what is happening in the industry. Importantly, you will be required to:
- Maintain an awareness of all work that has been assigned.
- Maintain an awareness of the delivery expectations in relation to time and cost of all assigned work.
- Strictly adhere to Company Standards, Guidelines, Procedures, Processes and Policies.
- Use approved Triskele Labs Company templates and style guides for deliverables.
- Bring to the Security Operations Manager’s attention as soon as it becomes known, if there is a problem with the way in which a work assignment / deliverable is expected to be met and suggest an alternative solution.
- Bring to the Security Operations Manager's attention, as soon as it becomes known, if the expected completion date of a work assignment/deliverable cannot be met.
- Bring to the Security Operations Manager's attention any issues impacting personal effectiveness.
- Ensure documentation is held in the appropriate Triskele Labs Document Management System.
- Record time correctly in the Time Recording System on a daily basis.
- Hold a shift hand over meeting with the outgoing Security Analyst Level 1 at the start of each shift and update all relevant information into the Shift hand over document at the end of each shift.
- Attend and participate in team meetings as requested by the Security Operations Manager.
- Other activities as directed by Security Operations Manager.
It is important to note you will be required to complete your CompTIA CySA+ certification within your first 3 months and your Security Blue Team Blue Team Level 1 Certification (Standard) within your first 4 months. In addition, you will be required to conduct at least one (1) Blue Team Online Lab per month.
Triskele Labs have worked since October 2014 to build an inclusive team culture. We believe in information sharing and ensuring all team members feel part of the team, including those on shift. We look after our team not just through salaries, but also ongoing training. Outside of salaries paid, Triskele Labs provide the following for all Level 1 SOC Analysts:
- Blue Team Labs Online Account
- CySA+ Training and Exam
- Security Blue Team Blue Team Level 1 Certification (Standard) Course and Exam
- 5 weeks annual leave per year
- Day of Birthday Leave
- Day of Doona Day Leave
- Access to our Employee Assistance Program
- Social Activities
In addition, there will be opportunities for appropriately skilled analysts to move through the ranks as our team continues to grow. We believe in promoting from within.