Throughout the year, our employees have continued to ensure Proact has maintained excellent standards of customer service, despite remote working and separation from one another due to COVID-19.
As a thank you, Proact UK has given all its staff an additional day’s leave during the holidays. Most people will take this on Christmas Eve. However, some team members still need to keep the wheels in motion, even on national holidays, to whom we are very grateful. They will get to choose when they wish to take their extra day’s leave anytime up to the end of January.
We interviewed Ryan Kane, Senior SOC (Security Operations Centre) Analyst, to learn more about his role, how he has found remote working this year and the importance of the SOC team over the holiday season.
What’s your role and how long have you been with Proact?
I have worked in Proact’s Security Team for three years. I came straight from Glasgow Caledonian University into a graduate role.
I started off as a SOC analyst, and a year ago was promoted to Senior SOC Analyst. In my role, I work 12-hour shifts in the form of a four days-on four days-off pattern.
Ryan Kane, Senior SOC Analyst (UK)
What are your main responsibilities?
As a SOC analyst, my responsibilities are to monitor all our services and technologies for new threats and alerts, both for customers and internally.
This includes automated alerts, such as ‘Hey, this bad thing is happening’, as well as more manual threat hunting. The threat hunting is a proactive approach which can include suspicious activity that has not been detected by an alarm. At this point, the investigation splits into:
- A: what is this potentially malicious activity?
- B: why did none of our alarms pick up on this?
This is when it is important to work as part of a team, as both A and B need to be resolved concurrently.
The ‘Senior’ part of my role involves dealing and supporting with escalations, and providing training and general guidance for newer, less experienced SOC analysts. This also includes the role of Shift Lead, which means I’m accountable for my shift block.
The SOC team is used to working in the office. How have you found remote working over the last several months?
In the beginning, the biggest objective difference for the SOC was visibility. We work with both multiple desk screens, as well several wallboard screens in the office.
This was difficult to replicate in a home working environment. It took both the provision of additional equipment for home use and multiple new methods to maintain ‘eyes-on’ as much as possible, as well as reminders to do so.
Personally, I find night shifts and project work more comfortable at home. However, in core business hours it can be more difficult to keep everyone in the loop with important information or conversations that otherwise took place ‘over the desk’.
What exciting work or projects are you involved in or have coming up?
We’ve had a lot of new analysts join this year, some during lockdown, and many new processes and products. As a result, I’ve had a few long-term projects to produce many work instructions/documents. Right now, we don’t have the advantage of shadowing like we do in the office, and there’s only so much screensharing in Teams can achieve.
This is an exciting project for me as I find it gratifying to have a tried-and-tested process put into a tangible resource piece. I also enjoy seeking feedback and recommendations from newer analysts. We don’t have a ‘We do it this way, because we always have’ type of approach. Fresh perspectives can always help improve the way we work.
Why is it important that we provide 24/7 security support to our customers over the holidays?
Unfortunately, cyber security exists because there are bad people out there, and these people do not have the decency to respect annual holidays.
In fact, they will be aware when targets are more likely to have their guards down and try to take advantage of this. An example would be the near-immediate phishing campaigns leveraging COVID-19 related topics during the height of the pandemic.
Our 24/7 SOC allows customers to know they will have the same protection on 25 December, as they would any other day of the year.
You’ll be working during the Christmas holidays. What are you most looking forward to outside of work?
Fortunately, I have a lot of friends and family who also work unconventional hours, so the social aspect of shift work isn’t as much of a drawback for me as it may be for others.
In terms of what I’m getting up to over the festive period, there obviously aren’t a lot of options right now given the pandemic. Going by the current guidelines, it will be games and movies. Perhaps some homemade mulled wine to simulate the cancelled Christmas markets.
What do you enjoy most about working at Proact? And in the SOC team?
Whether it’s a new service, technology or methodology, there’s always something fresh to work with. This can be intimidating at first, when you realise there isn’t a finish point as there’s always more to pick up.
But with time I have realised there are learnings you can take from previous work and projects, so you don’t have to start from scratch. What you’re learning becomes less about the actual knowledge and more about how you learn things and can grow as a person. At Proact, every day is a school day.