My Journey as a Security Analyst

Written By:Ari Benjamin Gråwe | Persinal LinkedIn

For the past 3 months at Webeet, I’ve had the privilege of diving deep into cybersecurity - researching tools and best practices, implementing secure workflows, and helping define how our startup approaches IT security. Up until this point, I have been the only security analyst in the company, under the guidance and mentorship of Craig Taylor, Head of Security. In this article, I’d like to share a behind-the-scenes look at one of my main responsibilities: laying the groundwork for an efficient, secure IT environment that enables growth without sacrificing protection.

The Challenge: Startups & Security

Webeet is at a stage where it’s quickly scaling its operations. Within the nature of rapid growth, it’s easy for security measures to lag behind. My role was to ensure we stayed proactive: from selecting the right tools and setting up permission structures, to recommending strategies for an in-house Security Operations Center (SOC).

Key Concern: How do we maintain agility and collaboration while ensuring everyone only has the access they need (and no more)? How do we build systems that both empower team members and keep our company data safe?

Research & Implementation: Tools, Market, and Secure Practices

1. Researching Tools

I spent a significant amount of time evaluating various software and platforms - ticketing systems, collaboration tools, and security solutions. Each research phase involved:

• Market Analysis: Exploring reputable vendors, assessing features and integration capabilities.

• Security Audits: Investigating how these tools handle data encryption, user roles, and vulnerability disclosures.

• Cost-Benefit Studies: Determining whether a tool’s functionality justified its expense and implementation overhead for our startup context.

Outcome: We narrowed down a suite of tools that balanced functionality and security, ensuring the Webeet team could collaborate effectively without compromising sensitive data.

2. IT Ticketing via Notion & Slack

One of my favorite projects was implementing an automated IT ticketing system using Notion and Slack. It streamlined the way the Webeet team reported issues, tracked progress, and documented solutions. This system:

• Centralized requests in Notion, making them easy to categorize and prioritize.

• Automated Slack notifications to relevant team members, reducing response time.

• Provided a clear history collection, making it easier to track issues over time.

Result: Faster resolution times, improved internal communication, and an organized database of IT issues for future reference.

3. Permissions & The Principle of Least Privilege

I also initiated and implement a least-privilege model: ensuring that every employee has only the access necessary for their specific role. This included:

• Auditing existing permissions and role assignments.

• Switching to a group-based permission system based on internal roles, making it efficient to give new hires the permission they need.

• Conducting mini sessions to explain why permissions matter and how they protect our organization.

Impact: We significantly reduced potential internal vulnerabilities by limiting the scope of access. In the event of a compromised account, attackers would face far fewer opportunities to move laterally within Webeet’s infrastructure.

Paving the Way for a Webeet SOC

Near the end of my tenure, I began outlining how Webeet might build its own Security Operations Center (SOC). While it’s still a work in progress, these initial steps will help shape how Webeet proactively monitors and responds to security threats:

1. Defining SOC Objectives: Documenting the core functions—threat detection, incident response, and continuous monitoring.

2. Identifying Essential Tools: Suggesting SIEM (Security Information and Event Management) systems that align with Webeet’s architecture.

3. Team Structure: Proposing roles and responsibilities, based on tasks and routines that can strengthen the internal security posture of Webeet.

4. Enabling Early Pattern Detection: By setting up an early SOC environment, our team will be able to recognize normal behavioral patterns, thus allowing easier detection of malicious behavior in the future.

The Goal: To create a security environment where threats can be detected early, mitigated swiftly, and prevented from recurring—all while aligning with Webeet’s growth strategy.

What I Learned & Looking Ahead

1. The Power of Proactive Security

Startups benefit immensely from building security into their culture early. A small tweak—like setting up least-privilege access—can make a major difference if an incident occurs.

2. Collaboration is Key

Building and enforcing security policies isn’t a one-person job. Clear communication and demonstrating the real-world benefits of each security measure helped gain support from stakeholders, and allowed expansion of our team of security analysts.

3. Continuous Adaptation

Security threats evolve rapidly. The best defense is an adaptable strategy—ongoing research, policy reviews, and iterative improvements to our processes.

Even as I move on, I’m confident that the foundational work we’ve done—establishing secure IT ticketing, refining permissions, and sketching out a SOC framework—will continue to guide Webeet’s secure growth. I look forward to seeing how these initiatives evolve in the capable hands of the team I leave behind.

Final Thoughts

I’m grateful for the opportunity to shape Webeet’s security landscape. If there’s one takeaway I’d like to leave, it’s that proactive, well-documented security practices are indispensable for any startup looking to scale responsibly. I can’t wait to see how Webeet continues to develop in this space.

If you have questions about implementing least privilege, setting up secure ticketing systems, or building a SOC from scratch, feel free to connect. I love discussing security strategies that balance protection with productivity.