Remote Security Operations Analyst

Summary

Join Stripe's Security Incident Response team to analyze and respond to threats before they impact the business or users. You will leverage your security operations experience to analyze and respond to security notifications, events, and inquiries.

Requirements

• 5+ years experience in information technology or cyber security roles including security operations/incident response
• 2+ years experience analyzing large data sets to solve problems and/or manage projects related to security event triage and/or workplace investigations
• B.S. or M.S. in Cyber Security and Information Assurance, Data Analytics, Computer Science or related field, or equivalent experience
• Working knowledge of SQL
• Basic knowledge of scripting or programming in Python, Go, or other programming languages
• Proven experience with log querying and analysis (e.g. first or third party applications, system / data access, event logs), digital forensics, or incident response using one or more industry standard SIEM Platforms (Splunk, Sentinel, Chronicle, Elastic, etc.)
• Proficiency using analytical methods to inform detection systems or guide strategic response
• Strong cross-functional collaboration and written/verbal communication skills
• Ability to think creatively and holistically about identifying and reducing risk in a complex environment
• High level of judgment, objectivity, and discretion

Responsibilities

• Analyze and investigate activity on company devices that could represent a security threat
• Work cross-functionally with the Security teams to develop solutions for analyzing security events at scale and protecting Stripe networks, systems, and data
• Interpret disparate data sources to report on trends and support investigative requests
• Collect requirements for enhancements to detection models and response systems
• Leverage existing systems and data to perform analyses and promote process improvements
• Provide actionable insights to help identify, prevent, detect, and respond to anomalous or potentially malicious user activity
• Collaborate effectively with teammates, lead projects, mentor others, and develop and champion quality operational standards across the team

Preferred Qualifications

• Prior experience working with high volume data in a security operations environment
• Experience with data processing and analysis tools (e.g. Jupyter Notebooks, Databricks)
• An adversarial mindset, understanding the goals, behaviors, and TTPs of threat actors
• Ability to leverage threat intelligence and/or hunting concepts in an enterprise environment
• Experience in one or more of the following areas: user and entity behavior analytics (UEBA), SOAR/security automation, security information event management (SIEM), data loss prevention (DLP), Information Security, or Data Privacy
• One or more security certifications through a recognized industry provider: GIAC, ISACA, ISC2, OffSec, CompTIA, etc