Security Operations Analyst
Salary undisclosed
Apply on
Original
Simplified
Who we are
About Stripe
Stripe is a financial infrastructure platform for businesses. Millions of companies-from the world's largest enterprises to the most ambitious startups-use Stripe to accept payments, grow their revenue, and accelerate new business opportunities. Our mission is to increase the GDP of the internet, and we have a staggering amount of work ahead. That means you have an unprecedented opportunity to put the global economy within everyone's reach while doing the most important work of your career.
About the team
The Security Incident Response team works to analyze, investigate, and respond to threats before they impact Stripe's business or users. From external attacks to insider threats, our goal is to respond with speed and precision, remediate, and support the incident postmortem process. The team is distributed, working primarily in Eastern and Pacific time zones, and will regularly coordinate with stakeholders in Europe and Asia.
What you'll do
You will be leveraging your security operations experience to analyze and respond to security notifications, events, and inquiries. You will be performing initial triage of potential security incidents through log and data analysis to determine whether or not activity is a substantiated or valid threat, assessing severity and potential impact, taking pre-approved remediation measures to contain a threat, and escalating findings to investigators for further review and analysis. You will use your knowledge of cyber threats and the results of your analysis to coordinate with partner teams to improve threat detection through tuning and creation of new use cases, to improve capabilities through enriching existing data and creation of new data feeds, and to improve triage accuracy, consistency and timeliness through automation. This role plays a critical part in threat detection and response, ultimately reducing the likelihood of security breaches and protecting sensitive company information.
Responsibilities
Who you are
We're looking for someone who meets the minimum requirements to be considered for the role. If you meet these requirements, you are encouraged to apply. The preferred qualifications are a bonus, not a requirement.
Minimum requirements
Preferred qualifications
Hybrid work at Stripe
This role is available either in an office or a remote location (typically, 35+ miles or 56+ km from a Stripe office).
Office-assigned Stripes spend at least 50% of the time in a given month in their local office or with users. This hits a balance between bringing people together for in-person collaboration and learning from each other, while supporting flexibility about how to do this in a way that makes sense for individuals and their teams.
A remote location, in most cases, is defined as being 35 miles (56 kilometers) or more from one of our offices. While you would be welcome to come into the office for team/business meetings, on-sites, meet-ups, and events, our expectation is you would regularly work from home rather than a Stripe office. Stripe does not cover the cost of relocating to a remote location. We encourage you to apply for roles that match the location where you currently or plan to live.
About Stripe
Stripe is a financial infrastructure platform for businesses. Millions of companies-from the world's largest enterprises to the most ambitious startups-use Stripe to accept payments, grow their revenue, and accelerate new business opportunities. Our mission is to increase the GDP of the internet, and we have a staggering amount of work ahead. That means you have an unprecedented opportunity to put the global economy within everyone's reach while doing the most important work of your career.
About the team
The Security Incident Response team works to analyze, investigate, and respond to threats before they impact Stripe's business or users. From external attacks to insider threats, our goal is to respond with speed and precision, remediate, and support the incident postmortem process. The team is distributed, working primarily in Eastern and Pacific time zones, and will regularly coordinate with stakeholders in Europe and Asia.
What you'll do
You will be leveraging your security operations experience to analyze and respond to security notifications, events, and inquiries. You will be performing initial triage of potential security incidents through log and data analysis to determine whether or not activity is a substantiated or valid threat, assessing severity and potential impact, taking pre-approved remediation measures to contain a threat, and escalating findings to investigators for further review and analysis. You will use your knowledge of cyber threats and the results of your analysis to coordinate with partner teams to improve threat detection through tuning and creation of new use cases, to improve capabilities through enriching existing data and creation of new data feeds, and to improve triage accuracy, consistency and timeliness through automation. This role plays a critical part in threat detection and response, ultimately reducing the likelihood of security breaches and protecting sensitive company information.
Responsibilities
- Analyze and investigate activity on company devices that could represent a security threat
- Work cross-functionally with the Security teams to develop solutions for analyzing security events at scale and protecting Stripe networks, systems, and data
- Interpret disparate data sources to report on trends and support investigative requests
- Collect requirements for enhancements to detection models and response systems
- Leverage existing systems and data to perform analyses and promote process improvements
- Provide actionable insights to help identify, prevent, detect, and respond to anomalous or potentially malicious user activity
- Collaborate effectively with teammates, lead projects, mentor others, and develop and champion quality operational standards across the team
Who you are
We're looking for someone who meets the minimum requirements to be considered for the role. If you meet these requirements, you are encouraged to apply. The preferred qualifications are a bonus, not a requirement.
Minimum requirements
- 5+ years experience in information technology or cyber security roles including security operations/incident response
- 2+ years experience analyzing large data sets to solve problems and/or manage projects related to security event triage and/or workplace investigations
- B.S. or M.S. in Cyber Security and Information Assurance, Data Analytics, Computer Science or related field, or equivalent experience
- Working knowledge of SQL
- Basic knowledge of scripting or programming in Python, Go, or other programming languages
- Proven experience with log querying and analysis (e.g. first or third party applications, system / data access, event logs), digital forensics, or incident response using one or more industry standard SIEM Platforms (Splunk, Sentinel, Chronicle, Elastic, etc.)
- Proficiency using analytical methods to inform detection systems or guide strategic response
- Strong cross-functional collaboration and written/verbal communication skills
- Ability to think creatively and holistically about identifying and reducing risk in a complex environment
- High level of judgment, objectivity, and discretion
Preferred qualifications
- Prior experience working with high volume data in a security operations environment
- Experience with data processing and analysis tools (e.g. Jupyter Notebooks, Databricks)
- An adversarial mindset, understanding the goals, behaviors, and TTPs of threat actors
- Ability to leverage threat intelligence and/or hunting concepts in an enterprise environment
- Experience in one or more of the following areas: user and entity behavior analytics (UEBA), SOAR/security automation, security information event management (SIEM), data loss prevention (DLP), Information Security, or Data Privacy
- One or more security certifications through a recognized industry provider: GIAC, ISACA, ISC2, OffSec, CompTIA, etc.
Hybrid work at Stripe
This role is available either in an office or a remote location (typically, 35+ miles or 56+ km from a Stripe office).
Office-assigned Stripes spend at least 50% of the time in a given month in their local office or with users. This hits a balance between bringing people together for in-person collaboration and learning from each other, while supporting flexibility about how to do this in a way that makes sense for individuals and their teams.
A remote location, in most cases, is defined as being 35 miles (56 kilometers) or more from one of our offices. While you would be welcome to come into the office for team/business meetings, on-sites, meet-ups, and events, our expectation is you would regularly work from home rather than a Stripe office. Stripe does not cover the cost of relocating to a remote location. We encourage you to apply for roles that match the location where you currently or plan to live.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
Report this job Similar Jobs
