About Ekco

🚀 Founded in 2016, Ekco has quickly become one of Europe’s fastest-growing cloud solution providers and your trusted security-first Managed Service Provider.
IT leaders choose Ekco to drive operational efficiency, scale smarter and stay ahead of risk – powered by local expertise, delivered at European scale.

We specialise in helping organisations advance their cloud maturity guiding transformation, strengthening security, and maximising the value of their technology investments.

☁️ In simple terms: we help organisations modernise with confidence securing their systems, optimising their cloud, and keeping them resilient in a rapidly changing world.

🌍 Today, we’re a thriving team of 1,000+ talented and supportive colleagues across the UK, Ireland, Benelux, South Africa, and Malaysia—and we’re continuing to grow.

At Ekco, how we work matters as much as what we deliver. Our people live by four core values that shape everything we do:

• On It: We take ownership, follow through, and get things done.

• All In : We collaborate, support each other, and commit fully to shared goals.

• Connected: We build trusted relationships with colleagues, clients, and partners.

• Hungry to Grow: We stay curious, keep learning, and push ourselves to the next level.

🏠If these values resonate with you, you’ll feel right at home here.

The Role

Reporting to the regional Security Operations Lead, the role of the SOC Analyst is to apply the understanding of investigative techniques and analytical skills, to defend against and respond to cybersecurity events and incidents in our client’s IT environments.

You will support clients by ensuring they remain secure. You will work as part of a team to deliver monitoring and protection in both a reactive and proactive manner. You will also be responsible for rolling out security tools including creating documentation.

SOC Analysts at Ekco are operationally focused; they secure and monitor systems using advanced toolsets, to prevent security breaches and to respond to incidents as they arise.

Day-to-day your role will involve:

• Performing accurate and precise real-time analysis and correlation of logs/alerts from a multitude of client systems. 

• Analysing and assessing security incidents and advancing to client resources or collaborating with internal teams for additional assistance 

• Determining if events constitute security incidents e.g.: security events and incidents from SIEM/EDR. 

• Assigning and escalating tickets in accordance with defined SLAs. 

• Recommending tuning for security engineers to develop/adjust SIEM rules and reduce false positives. 

• Raising incidents to appropriate Seniors or Incident Response for major security issues. 

• Recognising potential, successful, and unsuccessful intrusion attempts and compromises thorough reviewing and analysing relevant event detail and summary information 

• Monitor identity and access management, including monitoring for abuse of permissions by authorised system users. 

• Participate in cyber-security exercises and training. 

• Deliver best in class customer service, communicating with clients frequently. 

• Responding to inbound requests via phone, emails or tickets. 

• Documenting actions in cases to effectively communicate information internally and to client. 

• Reporting common and repeat problems (trend analysis) to management and propose process and technical improvements. 

• Providing cover in line with rotating shift patterns. You should be flexible to rotating 12 hour shifts. We provide 24/7 cover to clients and shifts are allocated accordingly. 

• Performing other duties as assigned. 

About You 

• Keen problem solving/ troubleshooting skills 

• Strong analytical skills and a logical approach to resolving issues 

• A can-do attitude 

• Excellent written and verbal communication skills. You should be able to communicate technical details clearly 

• The ability to adjust and adapt to changing priorities in a dynamic environment 

• A pro-active approach to addressing issues and requests and the ability to multitask 

• The ability to learn new technologies and concepts quickly 

• Great organisational skills and attention to detail 

• Adaptability to do a range of work, including the complex, non-routine, mundane and multi-environment 

• Able to work under direction, use discretion and determine when to escalate issues 

• Effective communication, teamwork and task-time management skills 

• Prior experience in an MSSP environment 

• Prior experience working with SIEM and EDR – E.g. SentinelOne, Microsoft security stack (Defender, Sentinel), Carbon Black, Rapid7 IDR, CrowdStrike, QRadar 

• Industry recognised certifications – E.g. CompTIA Security+, CySA+, Microsoft SC-200, SBT L1/L2 etc. 

• Theoretical or practical knowledge in the following areas: 

• Unix, Linux, Windows, etc. operating systems 

• MITRE ATT&CK framework and adversary Tactics, Techniques and Procedures (TTPs) 

• Intrusion analysis 

• Creation/tuning of detection analytics 

• Exploits, vulnerabilities, network attacks 

Benefits / Perks

• 📞 Employee Assistance Programme (EAP) for wellbeing support
• 🏃‍♀️ EkcOlympics: Global team activity challenges
• 📚 Unlimited access to Pluralsight for continuous development
• 🌱 Real opportunities to grow, including international progression

Why Ekco

• ⭐️ Microsoft’s 2023 Rising Star Security Partner of the Year
• 🚀 First Irish Microsoft MSP to achieve all four Microsoft Security Specializations
• 🏅 Ranked 4th fastest-growing technology company in the Deloitte Fast50 Awards
• 🌈 A culture rooted in diversity, equality, inclusion & belonging
• 🎉 A commitment to internal mobility and career progression
• ✨ Flexible, family-friendly working at the heart of our culture
• 🔐 Proud to be your trusted security-first Managed Service Provider chosen by IT leaders to drive operational efficiency, scale smarter and stay ahead of risk.