Cyber Security Operations Center (SOC) Analyst

Who Are We?

Taking care of our customers, our communities and each other. That’s the Travelers Promise. By honoring this commitment, we have maintained our reputation as one of the best property casualty insurers in the industry for over 160 years. Join us to discover a culture that is rooted in innovation and thrives on collaboration. Imagine loving what you do and where you do it.

Compensation Overview

The annual base salary range provided for this position is a nationwide market range and represents a broad range of salaries for this role across the country. The actual salary for this position will be determined by a number of factors, including the scope, complexity and location of the role; the skills, education, training, credentials and experience of the candidate; and other conditions of employment. As part of our comprehensive compensation and benefits program, employees are also eligible for performance-based cash incentive awards.

Salary Range

$75,500.00 - $124,700.00

Target Openings

1

What Is the Opportunity?

The Cybersecurity Operations Center Analyst is responsible for monitoring enterprise systems and performing incident responder in our 24x7x365 Security Operations Center (SOC). This is a shift-based, on-call position that works with a skilled cybersecurity team to help protect enterprise resources. Responsibilities will include, but not be limited to, performing cybersecurity analysis, monitoring, and incident response.

The ideal candidate will bring a background/experience in a hands-on Cybersecurity role, be a good communicator, have an aptitude for learning, finding a root cause, and can critically think through problems. Self-motivation and a desire to learn are key characteristics that will lead to success in this role.

This role works with experienced cybersecurity leads and uses modern technology to detect, analyze, and respond to alerts and cybersecurity events. You must be willing to work in a 24x7x365 team environment and be on-call during certain times, meaning you will be prepared to work evening and late-night schedules as required to perform incident response actions. Functionally, this means monitoring, researching, classifying, and analyzing security events that occur on across the cloud and on-premises environment. You will assess security events and follow procedures for overseeing these events, ranging from initial triage, investigation, and if needed, response. You will also periodically participate in broader projects, including investigations, automation development, data analysis, and process improvement.

What Will You Do?

• Work in a 24x7x365 environment, have a team-centric focus, and be prepared to work evening, weekend, and holiday schedules (as required) for incident response readiness.
• Able and willing to work off-hours for incident triage and response, on a rotational schedule.
• Monitor environment and perform incident response via SIEM and SOAR platforms.
• Critically think through alerts, triage through various enterprise log systems, and executive defensive technical actions in response to those alerts.
• Maintains records of security monitoring and incident response activities, utilizing case management and ticketing technologies.
• Evaluates and deconstructs phishing pages and malware (e.g., obfuscated code) through open-source and vendor provided tools.
• Provide operational support, troubleshooting and maintenance of cybersecurity related processes, controls, or products.
• Support reviewing or identifying security events and escalating to management.
• Prepares briefings and simple reports of analysis methodology and results.
• Creates and maintains standard operating procedures (SOPs) and other documentation including operating instructions and knowledge transfer articles.
• Creates, debugs, modifies, and updates Security Information Event Management (SIEM) rules and SOAR automation playbooks.
• Consolidates and performs comprehensive analysis of threat data obtained from external, proprietary, and open-source resources to provide indication and warnings of potential threats or threat vectors.
• Generates end-of-shift reports for documentation and knowledge transfer to subsequent analysts on duty.
• Function as a security representative at design and technology design and configuration meetings.
• May provide guidance to more junior employees.
• Perform other duties as assigned.

What Will Our Ideal Candidate Have?

• Bachelor’s Degree in a STEM (Science, Technology, Engineering, Math) discipline preferred.
• Three years of relevant experience with Cybersecurity practices, processes, and Cybersecurity event investigation/resolution preferred.
• Experience working in, or usable knowledge of, operations-focus team responsible for maintaining 24x7x365 availability.
• Knowledge of cybersecurity methodologies, processes, and a conceptual understanding of other cybersecurity procedures and policies is required.
• Working knowledge of Python.
• Experience with GitHub.
• Experience in some discipline of data analysis and root cause analysis.
• Knowledge and experience in networking.
• Knowledge and experience of breach and attack simulation (BAS) tools preferred.
• Knowledge and experience in penetration testing preferred.
• Ability to recognize and analyze problems of average complexity and independently consider a variety of alternatives to arrive at a timely, practical, and effective solution.
• Ability to critically think through problems, and independently determine severity and sensitivity of various cybersecurity events.
• An active participant in team standups, knowledge shares, and other sessions.
• Proactively communicates status and anticipated problems.
• Keeps team aware of status while monitoring (in relation to incident response activities).
• Comfortable reaching out to coworkers and/or leads when progress is blocked.
• Holds self and others accountable.
• Flexible when selecting on-call rotations.
• Builds relationships with teammates.
• Works to build relationships with other departments and stakeholders.
• Balances team and individual responsibilities.
• Exhibits objectivity and openness to others’ views.
• Gives and welcomes feedback with both teammates and management.
• Demonstrates the willingness to live out the values out service before self, integrity first, excellence in all we do.
• Accountable for all tasks delegated by the supervisor.
• Aptitude for managing own workload.
• Seeks opportunity to lead, even as an individual contributor.
• Able to sets appropriate goals and priorities and modify those based on team needs.
• Ability to balance multiple tasks of competing priority on-time and with reasonable quality.
• Provides management with accurate and timely status information.

What is a Must Have?

• High school diploma or equivalent required.
• One year of work experience within Computer Science or a related field required.

What Is in It for You?

• Health Insurance: Employees and their eligible family members – including spouses, domestic partners, and children – are eligible for coverage from the first day of employment.
• Retirement: Travelers matches your 401(k) contributions dollar-for-dollar up to your first 5% of eligible pay, subject to an annual maximum. If you have student loan debt, you can enroll in the Paying it Forward Savings Program. When you make a payment toward your student loan, Travelers will make an annual contribution into your 401(k) account. You are also eligible for a Pension Plan that is 100% funded by Travelers.
• Paid Time Off: Start your career at Travelers with a minimum of 20 days Paid Time Off annually, plus nine paid company Holidays.
• Wellness Program: The Travelers wellness program is comprised of tools, discounts and resources that empower you to achieve your wellness goals and caregiving needs. In addition, our mental health program provides access to free professional counseling services, health coaching and other resources to support your daily life needs.
• Volunteer Encouragement: We have a deep commitment to the communities we serve and encourage our employees to get involved. Travelers has a Matching Gift and Volunteer Rewards program that enables you to give back to the charity of your choice.

Employment Practices

Travelers is an equal opportunity employer. We value the unique abilities and talents each individual brings to our organization and recognize that we benefit in numerous ways from our differences.

In accordance with local law, candidates seeking employment in Colorado are not required to disclose dates of attendance at or graduation from educational institutions.

If you are a candidate and have specific questions regarding the physical requirements of this role, please send us an email so we may assist you.

Travelers reserves the right to fill this position at a level above or below the level included in this posting.

To learn more about our comprehensive benefit programs please visit http://careers.travelers.com/life-at-travelers/benefits/.