Cyber Security Operations Center (SOC) Manager

Who Are We?

Taking care of our customers, our communities and each other. That’s the Travelers Promise. By honoring this commitment, we have maintained our reputation as one of the best property casualty insurers in the industry for over 160 years. Join us to discover a culture that is rooted in innovation and thrives on collaboration. Imagine loving what you do and where you do it.

Job Category

Technology

Compensation Overview

The annual base salary range provided for this position is a nationwide market range and represents a broad range of salaries for this role across the country. The actual salary for this position will be determined by a number of factors, including the scope, complexity and location of the role; the skills, education, training, credentials and experience of the candidate; and other conditions of employment. As part of our comprehensive compensation and benefits program, employees are also eligible for performance-based cash incentive awards.

Salary Range

$117,200.00 - $193,400.00

Target Openings

1

What Is the Opportunity?

The Cybersecurity Operations team is responsible for the identification, protection, detection, response and disruption of cybersecurity events across Travelers through threat intelligence gathering, detection, and techniques to assess, support, and resolve cyber incidents. The Cybersecurity SOC Manager will lead assessments of systems and networks within the environment and measure effectiveness of defense-in-depth architecture against known vulnerabilities.

This role is a key member of our SOC, and will act as a subject matter expert, leading detection, analysis, and response to SOC alerts and other cybersecurity events alongside junior analysts. You must be willing to work in a 24x7x365 team environment and be in an on-call rotation, meaning you will be prepared to work evening, weekend, and holiday schedules as required to meet our objective of 24x7x365 availability, alongside the team. This role will ensure that the SOC is functioning and operationally ready to perform incident response, as well as cybersecurity initiatives, investigations, automation development, data analysis, scripting, and forms process improvement. Additionally, this role will routinely act as a mentor, seek for opportunities to improve team and incident response practices, and maintain the SOC knowledgebase. The ideal candidate will bring a background and experience in Cybersecurity staff management (the evaluation, hiring, and training of SOC staff), strong technical skills related to threat detection and response processes, as well as the curation and presentation of metrics & reporting for Senior Leadership. This position plays a key role within Travelers Cyber Incident Response team.

Applicants must be authorized to work for ANY employer in the US. The company does not sponsor/support H-1B petitions, TN, or Forms I-983/STEM OPT, this this role.

What Will You Do?

• Provide day-to-day operational leadership for the SOC.
• Monitor SOC service levels and metrics for internal SOC reporting.
• Manage SOC capacity levels.
• Manages the SOC QA program.
• Leads alert-based incident response efforts in the SOC, including evaluation and deconstruction of phishing pages and malware (e.g., obfuscated code) through open-source and vendor provided tools.
• Use cyber defense tools for continual monitoring and quickly analyze alerts from various sources across the enterprise and determine possible causes of alerts and consult with business partners for a fast resolution.
• Analyze identified malicious activity to determine weaknesses exploited, exploitation methods, effects on system and information.
• Conduct research, analysis, and correlation across a wide variety of all source data sets (indications and warnings).
• Perform technical and nontechnical risk and vulnerability assessments of relevant technology focus areas and complex influence risk mitigation approaches to senior management.
• Conduct network scouting threat hunting and vulnerability analyses of systems within a network.
• Exploit network devices, security devices, and/or terminals or environments using various methods or tools and ensure communication of risks owners.
• Work in a 24x7x365 environment and be prepared to work evening, weekend, and holiday schedules (as required) for incident response readiness.
• Lead SOC projects and associated workstreams.
• Manage knowledge base, including creating, maintaining, and enforcing standard operating procedures (SOPs), threat intelligence, and other documentation.
• Develop metrics and dashboards for alert metrics, coverage, and efficacy to drive performance improvement measures.
• Manage quality assurance activities over alert response and operate feedback loop to correct deficiencies as necessary.
• Maintains records of security monitoring and incident response activities, utilizing case management and ticketing technologies.
• Provide operational support, troubleshooting and maintenance of cybersecurity related processes, controls, or products.
• Assists in coaching peers, developing team culture, and seeking opportunities to improve the team environment.
• Perform other duties as assigned.

What Will Our Ideal Candidate Have?

• Degree or Certificate in Cybersecurity, Computer Science or related field.
• 5 years of experience in cybersecurity with experience in recognizing and categorizing types of vulnerabilities and associated attacks and applying cybersecurity and privacy principles to organizational requirements.
• Experience managing an operational team.
• Experience using incident handling methodologies.
• Deep technical knowledge of computer networking concepts and protocols, network security methodologies, cyber threats and vulnerabilities, authentication, authorization, and access control methods.
• Knowledge of operational impacts of cybersecurity lapses.
• Experience with cyber defense and vulnerability assessment tools and capabilities with the ability to determine how a security system should work and how changes would impact outcomes.
• Ability to apply cybersecurity and privacy principles to meet organizational requirements
• Ability to effectively communicate and influence meaningful insights regarding the organization’s threat environment in order to improve its risk management posture.
• Experience with data platforms such as Splunk, Elastic, etc. and associated query languages (SPL).
• Experience with at least one of the major cloud providers: AWS, Azure, or GCP.
• Experience with GitHub.
• Ability to provide consultation and guidance to team members and management concerning SOC maturity and gaps in capability.
• Makes sound decisions, based on empirical evidence, and in the absence of evidence, able to utilize analytic and diagnostic skills to gather available information from which to make decisions.
• Experience breaking a problem down to manageable pieces and implements effective, timely solutions. Is very good at identifying the problem versus the symptom.

What is a Must Have?

• Bachelor’s degree or its equivalent in work experience.
• 4 years of experience working in a Technology related field or role.

What Is in It for You?

• Health Insurance: Employees and their eligible family members – including spouses, domestic partners, and children – are eligible for coverage from the first day of employment.
• Retirement: Travelers matches your 401(k) contributions dollar-for-dollar up to your first 5% of eligible pay, subject to an annual maximum. If you have student loan debt, you can enroll in the Paying it Forward Savings Program. When you make a payment toward your student loan, Travelers will make an annual contribution into your 401(k) account. You are also eligible for a Pension Plan that is 100% funded by Travelers.
• Paid Time Off: Start your career at Travelers with a minimum of 20 days Paid Time Off annually, plus nine paid company Holidays.
• Wellness Program: The Travelers wellness program is comprised of tools, discounts and resources that empower you to achieve your wellness goals and caregiving needs. In addition, our mental health program provides access to free professional counseling services, health coaching and other resources to support your daily life needs.
• Volunteer Encouragement: We have a deep commitment to the communities we serve and encourage our employees to get involved. Travelers has a Matching Gift and Volunteer Rewards program that enables you to give back to the charity of your choice.

Employment Practices

Travelers is an equal opportunity employer. We value the unique abilities and talents each individual brings to our organization and recognize that we benefit in numerous ways from our differences. 

In accordance with local law, candidates seeking employment in Colorado are not required to disclose dates of attendance at or graduation from educational institutions.

If you are a candidate and have specific questions regarding the physical requirements of this role, please send us an email so we may assist you.

Travelers reserves the right to fill this position at a level above or below the level included in this posting.

To learn more about our comprehensive benefit programs please visit http://careers.travelers.com/life-at-travelers/benefits/.