Level 1 Security Analyst

About the company

Triskele Labs are one of the leading providers of cybersecurity services in Australia. We assist clients to reduce their risk of a cyber compromise through the delivery of risk-considered controls. 

Triskele Labs are one of the last remaining boutiques in Australia. We are currently the largest CREST Registered Penetration Testing company in Melbourne and one of the only boutiques to run a 24x7x365 Security Operations Team completely onshore. 

About the role

As a level 1 Security Analyst at Triskele Labs, you will be an integral part of our Security Operations Centre (SOC), dedicated to protecting our clients' assets and providing effective incident response. Working on a rotating shift roster, you will play a crucial role in monitoring and responding to security events, ensuring the continued security posture of our clients. Your expertise, attention to detail, and ability to work in a dynamic environment will contribute to maintaining Triskele Labs' reputation as a trusted cybersecurity partner. 

The Level 1 Security Analyst works as a member of the DefenceShield managed services team, liaising primarily with other Security Analysts, technical and operational team leads and consultants, project coordinators, penetration testers and clients. The Triskele Labs SOC monitors and responds to threats and incidents across our manages services client base on a 24x7x365 basis. 

Requirements

Role Responsibilities

Specific activities, duties and deliverables include but are not limited to the following: 

• Monitor, triage, prioritise, and escalate alerts and incidents, ensuring timely detection and response.
• Configure and manage security monitoring tools, adhering to change control processes and escalating as required.
• Meet individual and team KPIs while actively identifying tuning opportunities to improve detection accuracy.
• Respond to phishing emails, service desk tickets, and hotline calls with prompt, professional resolution or escalation.
• Conduct daily client environment health checks and Dark Web monitoring for threats and indicators of compromise.
• Prepare, review, and deliver weekly/monthly client reports, including supporting evidence and addressing follow-up queries.
• Continuously develop skills through formal training and complete at least one BTLO challenge per month.
• Collaborate with SOC peers, lead or attend shift handovers, and contribute to process/SOP improvements across the board.

About you

• Analytical Thinking: Strong analytical skills with the ability to quickly assess and prioritize security events and incidents. Capable of analyzing logs, identifying anomalies, and recognizing potential security threats. 

• Communication Skills: Excellent written and verbal communication skills. Ability to convey complex technical information to both technical and non-technical stakeholders effectively. 

• Team Player: Capable of working collaboratively in a team-oriented environment, interacting with colleagues at all levels. Ability to support and back up colleagues during high-pressure situations. 

• Flexibility and Adaptability: Willingness to work on a rotating shift roster, including nights, weekends, and holidays. Adaptability to changing priorities, emerging threats, and new technologies. 

• Willingness to dive into unknown areas of knowledge and learning and to discover methods (such as practical labs or online resources) to acquire this knowledge.  

• Capability to go the extra mile for customers to deliver on their needs. 

• Understanding of other cultures and beliefs systems to function as part of a team. 

Benefits

At Triskele Labs, you’ll join a supportive SOC team that values quality work and continuous growth. From day one, you’ll be mentored by experienced analysts and involved in real-time monitoring, triage, and incident response across a variety of client environments.

We’re committed to your development, offering structured training, exposure to a broad tech stack, and opportunities to progress into more senior SOC roles. This is an ideal starting point for building a long-term cybersecurity career in a fast-paced, hands-on environment.

If you are early in your cyber career but ready to take the next step, we want to hear from you. Please apply and ensure to include a cover letter addressed to Brad Morgan, Head of Operations in your application. Applicants without a cover letter will not be considered.

Working Arrangements

The role operates on a 24/7 rotating roster and requires on-site attendance at our Melbourne office.