The Travelers Companies, Inc.

Cybersecurity Operations Center Engineer (SOAR, SOC)

Posted on Jan 26 4 views Hartford, CT


Company Summary
Taking care of our customers, our communities and each other. That’s the Travelers Promise. By honoring this commitment, we have maintained our reputation as one of the best property casualty insurers in the industry for over 160 years. Join us to discover a culture that is rooted in innovation and thrives on collaboration. Imagine loving what you do and where you do it.

Target Openings
1

Job Description Summary
Travelers has an exciting opportunity for an experienced Cybersecurity professional to join the Security Operations Center (SOC) and Incident Response Team, If you are passionate about Cybersecurity and willing to take on new and complex challenges as a member of creative and collaborative team in a fast paced learning environment, this may be the right opportunity for you!
The key areas of responsibilities include monitoring, alert triage, investigation, and mitigation/response actions as well as documentation, reporting, and communications of Cybersecurity events. In addition, a core focus for this role will be on driving the continuous maturation of our Cybersecurity Orchestration, Automation and Response (SOAR) framework via the development of automated SOC workflows. The ideal candidate will bring a background/experience in SOC or Cybersecurity in general, as well as proficiency in programming and/or scripting languages common to SOC automation use cases (Python, Go, Powershell, bash, etc.).
Typical work schedule for this position will be Monday - Friday 12pm - 8:30pm U.S. Eastern Standard Time.

Primary Job Duties & Responsibilities
  • Create and maintain playbooks/documentation in support of ongoing tuning of the Security Orchestration and Automated Response tool.
    • Configure, test, document and implement new or upgrades to security processes, controls or products as directed.
    • Works with cross-organizational teams to address alert deficiencies
    • Recommends changes to area procedures and products. Implements with management review.
    • Provide operational support, trouble shooting and maintenance of Security related processes, controls or products.
  • Identify anomalies, malware, exploit attempts and other attacks using the Security Information and Event Management (SIEM) platform.
    • Participates in investigations to determine root cause of reported events.
    • Independently analyze and resolve problems of medium to high complexity.
    • Consults with business peers to support and resolve cybersecurity events.
    • Ensures events are properly documented for use in dashboard metrics and reports for management and security stakeholders.
  • Analyzes suspicious email and performs mitigation and response actions.
    • Support reviewing or identifying and responding to security events and escalating to management.
  • Provides guidance to more junior employees.
  • Participates in red team or threat hunting efforts as assigned.
  • Participate in Security and enterprise projects as assigned.

Minimum Qualifications
  • High school diploma or equivalent required.
  • Three years of work experience within Computer Science or a related field required.

Education, Work Experience, & Knowledge
  • Bachelor’s Degree in a STEM (Science, Technology, Engineering, Math) discipline preferred.
  • Five years of relevant experience with Cybersecurity practices, processes, and Cybersecurity event investigation/resolution preferred.
  • Experience providing high-level administrative support with a comprehensive knowledge of specific IS Security methodologies, processes and software packages and a conceptual understanding of other IS Security procedures and policies preferred.
  • Possesses a solid grasp of cloud security concepts and best practices
  • Experience developing in programming and/or scripting languages common to Cybersecurity (Python, Go, Powershell, bash, etc.)

Job Specific Technical Skills & Competencies
  • Problem Solving:
  • Demonstrates sound analytic and diagnostic skills dealing with issues that are loosely defined and/or where information is available but must be further manipulated.
  • Once decisions are made, is able to follow and direct action to implement intended results.
  • Breaks a problem down to manageable pieces and implements effective, timely solutions.
  • Openly and directly confronts conflict until resolved.
  • Team Orientation:
  • Builds relationships with peers and other departments to achieve objectives, to work as one team and to secure necessary resources not under his/her personal control.
  • Balances team and individual responsibilities.
  • Exhibits objectivity and openness to others’ views.
  • Gives and welcomes feedback.
  • Puts success of team above self.
  • Leadership:
  • Supports a distinct business unit or several smaller functions.
  • Responsibilities are assigned with some latitude for setting priorities and decision-making using established policies and procedures.
  • Results are reviewed with next-level manager for clarification and direction before proceeding.
  • Planning and Project Management:
  • Works with the project manager in identifying those project tasks that are most important, establishes clear priorities and understands the larger picture.
  • Anticipates and effectively responds to changes in workload and resources.

Environmental / Work Schedules / Other
  • On call as needed.
  • Typical work schedule consists of Monday - Friday 12pm - 8:30pm U.S. Eastern Standard Time.

Employment Practices
Travelers is an equal opportunity employer. We value the unique abilities and talents each individual brings to our organization and recognize that we benefit in numerous ways from our differences.


If you have questions regarding the physical requirements of this role, please send us an email so we may assist you.


Travelers reserves the right to fill this position at a level above or below the level included in this posting.