Cybersecurity Operations Center Analyst

The Cybersecurity Operations Center Analyst is a critical role within the Security Operations Center (SOC) at Travelers, responsible for monitoring enterprise systems and performing incident response in a 24x7x365 environment. This position requires a shift-based, on-call commitment, working alongside a skilled cybersecurity team to protect enterprise resources. The analyst will engage in various responsibilities, including cybersecurity analysis, monitoring, and incident response, ensuring the security of both cloud and on-premises environments. The ideal candidate will possess a hands-on background in cybersecurity, strong communication skills, and a keen aptitude for learning and problem-solving. Self-motivation and a desire to continuously learn are essential traits for success in this role. In this position, the analyst will be responsible for eyes-on-glass monitoring, researching, classifying, and analyzing security events. They will assess security incidents, follow established procedures for triage, investigation, and response, and participate in broader projects such as automation development and process improvement. The role requires the ability to work flexible hours, including evenings and late nights, to ensure effective incident response coverage. The analyst will utilize Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) platforms to monitor the environment and respond to incidents. Additionally, they will maintain records of security monitoring activities, evaluate phishing pages and malware, and prepare reports on analysis methodologies and results. The Cybersecurity Operations Center Analyst will also be involved in creating and maintaining standard operating procedures (SOPs), debugging and updating SIEM rules, and consolidating threat data analysis to provide indications of potential threats. This role may include providing guidance to junior employees and functioning as a security representative in design and technology meetings. Overall, the position is designed for individuals who thrive in a team-centric environment and are committed to maintaining the highest standards of cybersecurity practices.