Cybersecurity Operations Analyst

About

Duck Creek is an insurance industry leader, driving transformation and delivering modern SaaS solutions that help insurers set a new standard and revolutionize how consumers interact with insurance companies. As a leading technology provider to the insurance industry, we don’t just build great software to help insurers conduct business. We deliver software with a fully managed service model that empowers insurance companies to transform their business. With Duck Creek OnDemand, insurers are introducing groundbreaking new products faster than ever before, making smarter data‑driven decisions, enhancing the customer experience to meet evolving expectations, and adapting to shifting market conditions and regulatory requirements.

Duck Creek is proud to be a Remote‑First employer, empowering our employees with the choice to work from an office, from home or on a hybrid schedule. Our remote‑first environment fosters inclusion, collaboration, and ensures consistent employee experience regardless of location.

Responsibilities

• Provide first level support for executing best‑in‑class controls and processes in threat management, incident management, vulnerability management, and penetration testing, determining courses of action based on guidelines and modifying processes as needed.
• Support and monitor security controls for servers, appliances, desktops, laptops, and mobile devices, using evaluation and judgment to ensure effective protection and assist in the implementation of security configurations to safeguard systems and data.
• Assist in managing network security solutions, including firewalls, intrusion detection/prevention, data loss prevention, and network access control, to protect Duck Creek’s networks by adapting existing approaches to resolve issues.
• Provide support for secure remote access solutions for employees, third parties, and clients, using sophisticated analytical techniques to address unusual circumstances.
• Monitor systems by correlating logs for security events, provide alerts for potential incidents, and deliver incident response through internal and external monitoring, contributing to analysis and investigation to mitigate threats while staying current on emerging risks.
• Assist in delivering metrics as required by the CISO and contribute to periodic and ad‑hoc reporting for management and clients.
• Perform routine assignments and exercise judgment within defined procedures and practices to determine appropriate action and apply learned techniques, contributing to analysis and investigation to solve problems.
• Maintain a commitment to continuous education in the information security domain to stay current with evolving threats and best practices.
• Perform all other duties and activities as required.
• Act in accordance with and as a good steward of Duck Creek Technologies mission, vision, and core values.

Competencies

Core Employee

• Communication: Effective communication, both verbal and written; includes ability to express ideas clearly, listen actively, and collaborate with colleagues and clients.
• Collaboration: Work effectively in teams, build positive relationships, and contribute to achieving common goals; includes the ability to recognize and incorporate a broad range of diverse perspectives.
• Problem Solving: Can analyze complex situations, identify problems, ask important questions, and generate creative solutions; involves critical thinking, adaptability, and the ability to make informed decisions.
• Accountability: Willingness to accept responsibility for your actions and work; ability to set and achieve meaningful outcomes for oneself.
• Adaptability: Can adapt to change, embrace new technologies, and learn quickly; embracing a growth mindset, being flexible and open to different approaches is highly valued.
• Integrity: Conducts themselves with integrity and professionalism, understands and models our core values, and is obsessed with doing the right thing.
• Cultural Agility: Ability to effectively and comfortably adapt to different cultural contexts; understand, communicate, and interact with people from diverse cultural backgrounds in a respectful and inclusive manner.

Requirements

Required

• Bachelor's degree in Cybersecurity, Information Security, Computer Science, or a related field, or equivalent experience.
• 1‑3 years of applicable experience in cybersecurity or related domains.
• Working knowledge of cloud infrastructure security principles, shared responsibility models, and incident response procedures within cloud environments.

Preferred

• CISSP, CISA, CISM, SANS, GCIA, GCIH, OSCP, and/or Security+ certification.
• Experience working in a global software company or similar large‑scale enterprise environment.

Knowledge, Skills, Abilities & Behaviors

• Understanding of cybersecurity principles across one or more security domains, including threat management, incident response, and system protection strategies.
• Experience in using cybersecurity tools and technologies for monitoring and analysis, such as log correlation and alerting systems, to support security operations.
• Analytical and problem‑solving skills to evaluate routine and diverse security challenges, identify potential incidents, and devise effective solutions using judgment and existing procedures.
• Ability to analyze security events and data, assess risks, and provide actionable insights for mitigation while adapting approaches under guidance as needed.
• Skilled in managing time and prioritizing tasks to meet expected outcomes, handling small projects within scope, budget, and timeline, and supporting operational efficiency in a dynamic environment.
• Ability to respond effectively to security incidents with initial analysis and support, working independently on routine tasks while seeking direction for complex issues.
• Strong communication skills to articulate technical updates and security findings clearly to team members and related functions, facilitating collaboration and understanding.
• Collaborative mindset to work with the Cybersecurity Operations team and cross‑functional partners, building relationships and supporting security initiatives across the organization.
• Strong attention to detail and commitment to maintaining high standards of cybersecurity, with a focus on continuous learning to stay informed about emerging risks and industry trends.
• Dedication to continuous improvement practices, advocating for industry‑recognized best practices, and actively pursuing skill growth in the cybersecurity domain while managing multiple priorities.

Work Environment & Other Requirements

• Travel: 0‑10%
• Special Hours: 6:30 AM to 3:30 PM IST
• Work Authorization: Must be legally authorized to work in the country of the job location
• Physical Requirements: Sedentary Work (exerting up to 10 pounds of force occasionally or negligible force frequently)

What We Stand For

Our global company celebrates and leverages the differences each employee brings to the table. Our success is a direct result of an inclusive culture where opportunities to learn from one another occur regardless of title, seniority, or background. This collaborative and team‑oriented approach is at the core of how we operate and continuously improves our products, services, and systems. Duck Creek is committed to providing equal opportunity to all employees and applicants – to recruit, hire, train, and reward employees for their individual abilities, achievements, and experience without regard to race, color, gender, religion, sexual orientation, age, national origin, disability, marital status, military status, or any other protected status.

We strive to be an example to the world of inclusion, diversity, and equity in all things – where employees are free to be their authentic selves in the workplace and in the communities in which we live. Our Core Values: We Prioritize Respect; We Listen; We Care; We Add Value; We Lead.