Cyber Security Operations Center (SOC) Senior Technologist

Who Are We?

Taking care of our customers, our communities and each other. That’s the Travelers Promise. By honoring this commitment, we have maintained our reputation as one of the best property casualty insurers in the industry for over 160 years. Join us to discover a culture that is rooted in innovation and thrives on collaboration. Imagine loving what you do and where you do it.

Job Category

Technology

Compensation Overview

The annual base salary range provided for this position is a nationwide market range and represents a broad range of salaries for this role across the country. The actual salary for this position will be determined by a number of factors, including the scope, complexity and location of the role; the skills, education, training, credentials and experience of the candidate; and other conditions of employment. As part of our comprehensive compensation and benefits program, employees are also eligible for performance-based cash incentive awards.

Salary Range

$106,300.00 - $175,400.00

Target Openings

1

What Is the Opportunity?

Travelers Cybersecurity is offering Senior Technologist opportunity within our Security Operations Center (SOC). We are looking for an experienced cybersecurity professional, who will be responsible for taking a leading role in monitoring enterprise systems and performing incident response services in our 24x7x365 SOC. This is an on-call position that works with a skilled cybersecurity team to help protect the enterprise.

This role is a key member of our SOC, and will act as a subject matter expert, detecting, analyzing, and responding to alerts and other cybersecurity events alongside junior analysts. You must be willing to work in a 24x7x365 team environment and be in an on-call rotation, meaning you will be prepared to work evening, weekend, and holiday schedules as required to meet our objective of 24x7x365 availability. This role will frequently participate in broader projects, including cybersecurity initiatives, investigations, automation development, data analysis, scripting, and forms process improvement. Additionally, this role will routinely act as a mentor, seek for opportunities to improve team and incident response practices, and maintain the SOC knowledgebase. The ideal candidate will bring a background and experience in Cybersecurity staff management (the evaluation, hiring, and training of SOC staff), strong technical skills related to threat detection and response processes, as well as the curation and presentation of metrics & reporting for Senior Leadership. This position plays a key role within Travelers Cyber Incident Response team.

What Will You Do?

• Be a subject-matter expert within a team of trained Cybersecurity Professionals, spread across various countries and time zones, to protect and defend the enterprise environment.
• Leads alert-based incident response efforts in the SOC, including evaluation and deconstruction of phishing pages and malware (e.g., obfuscated code) through open-source and vendor provided tools.
• Work in a 24x7x365 environment, have a team-centric focus, and be prepared to work evening, weekend, and holiday schedules (as required) for incident response readiness.
• Lead SOC projects and associated workstreams.
• Participates and leads activities or team to resolve cyber incidents and ensure proper procedures are followed throughout lifecycle of an incident.
• Creates, debugs, modifies, and maintains SIEM rules written in KQL and SPL.
• Creates, debugs, modifies, and maintains automation and scripts, written in Python, PowerShell and other various languages.
• Drive onboarding of new technologies, alerts and associated response playbooks and procedures alongside partner Cybersecurity teams.
• Manage knowledge base, including creating, maintaining, and enforcing standard operating procedures (SOPs), threat intelligence, and other documentation.
• Develop metrics and dashboards for alert metrics, coverage, and efficacy to drive performance improvement measures.
• Manage quality assurance activities over alert response and operate feedback loop to correct deficiencies as necessary.
• Maintains records of security monitoring and incident response activities, utilizing case management and ticketing technologies.
• Provide operational support, troubleshooting and maintenance of cybersecurity related processes, controls, or products.
• Assists in coaching peers, developing team culture, and seeking opportunities to improve the team environment.
• Perform other duties as assigned.

What Will Our Ideal Candidate Have?

• Bachelor’s Degree in a STEM (Science, Technology, Engineering, Math) discipline preferred.
• Four years of relevant experience with incident response or technical triage, Cybersecurity practices, processes, and Cybersecurity event investigation/resolution required.
• Experience with incident response is required, preferably in a cybersecurity or security capacity.
• Experience with query languages such as SPL or KQL is required.
• Experience with data platforms such as Splunk, Elastic, etc.
• Experience with at least one of the major cloud providers: AWS, Azure, or GCP.
• Experience with GitHub.
• Experience with interpreting threat intelligence, designing detections, and implementing feedback mechanisms to monitor alert fidelity.
• Experience identifying anomalies, malware, exploit attempts, and other attacks using SIEM and SOAR platforms.
• Skills and experience with SOC investigations; determining root cause of events and understanding the role that automation played in the events.
• Skills and experience analyzing and resolving problems of medium to high complexity.
• Skills and experience with collaborating with SecOps peers to support and resolve cybersecurity events.
• Broad enterprise technology knowledge, including operating systems, networking, cloud (AWS/Azure), with subject matter expertise in Cybersecurity related technology and business exposures impacting organizational vitality preferred.
• Ability to provide consultation and guidance to team members and management concerning SOC maturity and gaps in capability.
• Experience providing high-level administrative support with a comprehensive knowledge of specific Cybersecurity methodologies, processes and software packages and a conceptual understanding of other Cybersecurity procedures and policies preferred.
• Makes sound decisions, based on empirical evidence, and in the absence of evidence, able to utilize analytic and diagnostic skills to gather available information from which to make decisions.
• Experience breaking a problem down to manageable pieces and implements effective, timely solutions. Is very good at identifying the problem versus the symptom.
• Deals increasingly with problems that require involvement of others to solve.
• Has the ability to reach sound decisions quickly.
• Carefully evaluates alternative risks and solutions before taking action.
• Optimizes the use of all available resources.
• Manages functional objectives and priorities supporting multiple assigned business units.
• Responsibilities are assigned with latitude for setting priorities and decision-making using generally accepted guidelines.
• Results are reviewed with next-level manager for clarification according to predefined objectives.
• Develops operational plans and provides resource estimation for task planning.
• Proposes plans of action that are timely, realistic, and positive. Sets appropriate goals for projects and monitors progress against the plan.
• Provides technical leadership to a project team.

What is a Must Have?

• High school diploma or equivalent required.
• Five years of work experience within Computer Science or a related field required.

What Is in It for You?

• Health Insurance: Employees and their eligible family members – including spouses, domestic partners, and children – are eligible for coverage from the first day of employment.
• Retirement: Travelers matches your 401(k) contributions dollar-for-dollar up to your first 5% of eligible pay, subject to an annual maximum. If you have student loan debt, you can enroll in the Paying it Forward Savings Program. When you make a payment toward your student loan, Travelers will make an annual contribution into your 401(k) account. You are also eligible for a Pension Plan that is 100% funded by Travelers.
• Paid Time Off: Start your career at Travelers with a minimum of 20 days Paid Time Off annually, plus nine paid company Holidays.
• Wellness Program: The Travelers wellness program is comprised of tools, discounts and resources that empower you to achieve your wellness goals and caregiving needs. In addition, our mental health program provides access to free professional counseling services, health coaching and other resources to support your daily life needs.
• Volunteer Encouragement: We have a deep commitment to the communities we serve and encourage our employees to get involved. Travelers has a Matching Gift and Volunteer Rewards program that enables you to give back to the charity of your choice.

Employment Practices

Travelers is an equal opportunity employer. We value the unique abilities and talents each individual brings to our organization and recognize that we benefit in numerous ways from our differences. 

In accordance with local law, candidates seeking employment in Colorado are not required to disclose dates of attendance at or graduation from educational institutions.

If you are a candidate and have specific questions regarding the physical requirements of this role, please send us an email so we may assist you.

Travelers reserves the right to fill this position at a level above or below the level included in this posting.

To learn more about our comprehensive benefit programs please visit http://careers.travelers.com/life-at-travelers/benefits/.