Security Operations Analyst

Thomson Reuters•Eagan, MN

19h•Hybrid

About The Position

The Thomson Reuters Information Security and Risk Management (ISRM) organization is seeking a Security Operations Analyst to join our growing global Security Operations Center (SOC). The candidate will join a team responsible for managing cybersecurity alerts, events, and incidents as well as partnering with the other ISRM capabilities to improve the Thomson Reuters security posture. About the Role In this opportunity as a Security Operations Analyst, you will: Perform continuous security monitoring and incident response for a global enterprise environment Respond to, analyze, and triage alerts from multiple security technologies, including IDS and SIEM platforms Communicate security alerts and investigation findings to internal teams regarding potential intrusions or compromises Collaborate with other ISRM teams to provide feedback that improves detection coverage and alert quality Prepare clear briefings and written reports documenting analysis methodology and results Create and maintain standard operating procedures and other SOC documentation Produce end‑of‑shift reports to ensure effective handoff and continuity between analysts Maintain accurate records of monitoring and response activities using case management and ticketing systems

Requirements

A background or degree in cybersecurity, computer science, or a related field; experience in a SOC or incident response environment is a plus
Hands‑on experience investigating security events across operating systems, networks, cloud environments, and messaging platforms
Familiarity with security tooling such as SIEM, EDR, antivirus, firewalls, forensics, and cloud security solutions
A solid understanding of common attack techniques and defensive response strategies
Working knowledge of networking, operating systems, servers, and endpoints, with the ability to analyze security events
A strong interest in continuous learning and developing technical security skills

Nice To Haves

Experience with cloud security tools, DLP operations, or automation is considered an advantage

Responsibilities

Perform continuous security monitoring and incident response for a global enterprise environment
Respond to, analyze, and triage alerts from multiple security technologies, including IDS and SIEM platforms
Communicate security alerts and investigation findings to internal teams regarding potential intrusions or compromises
Collaborate with other ISRM teams to provide feedback that improves detection coverage and alert quality
Prepare clear briefings and written reports documenting analysis methodology and results
Create and maintain standard operating procedures and other SOC documentation
Produce end‑of‑shift reports to ensure effective handoff and continuity between analysts
Maintain accurate records of monitoring and response activities using case management and ticketing systems

Benefits

flexible vacation
two company-wide Mental Health Days off
access to the Headspace app
retirement savings
tuition reimbursement
employee incentive programs
resources for mental, physical, and financial wellbeing
two paid volunteer days off annually
opportunities to get involved with pro-bono consulting projects and Environmental, Social, and Governance (ESG) initiatives
market competitive health, dental, vision, disability, and life insurance programs
competitive 401k plan with company match
competitive vacation, sick and safe paid time off
paid holidays (including two company mental health days off)
parental leave
sabbatical leave
optional hospital, accident and sickness insurance paid 100% by the employee
optional life and AD&D insurance paid 100% by the employee
Flexible Spending and Health Savings Accounts
fitness reimbursement
access to Employee Assistance Program
Group Legal Identity Theft Protection benefit paid 100% by employee
access to 529 Plan
commuter benefits
Adoption & Surrogacy Assistance
Tuition Reimbursement
access to Employee Stock Purchase Plan