IT Security Operations Analyst
West Des Moines, IA
StoneX has an opening for an IT Security Operations Analyst II to join an exciting and growing Security Operations team.
This position will report to the IT Security Operations Team Lead and will be responsible for investigating, participating in incident response, creating and improving process and procedures, and providing an operational function to security tooling. Your role will be critical in identifying and reacting to threats to minimize impact to the organization.
This position is hybrid and requires 3 days in the office per week at one of the locations listed in the job posting. If your resume doesn’t perfectly line up with the role responsibilities and qualifications, we encourage you to apply anyway.
- Analyze and triage security alerts, investigating any suspicious activity with various technologies and taking appropriate action.
- Investigate security incidents to determine their cause, scope, and impact, and provide actionable recommendations for remediation.
- Lead and participate in security incident response by contributing to identifying, containing, eradicating, and completing appropriate recovery.
- Properly escalate and categorize security alerts and incidents, especially with MITRE ATT&CK.
- Participate in tuning efforts by providing feedback and engaging with the appropriate teams of alert sources.
- Collaborate and train members of the team as well as other teams.
- Utilize and automate incident response in a security orchestration, automation, and response (SOAR) platform.
- Integrate threat intelligence data into security operations to proactively defend against emerging threats by threat hunting and investigation enrichment.
- Document security processes and procedures as well as incident reports.
- Provide operational support to security tooling through the organization information technology ticketing system.
- Participating in a 24x7 security incident response on-call rotation split between regional teams.
This job might be for you if:
- You enjoy investigating and analyzing data to paint a picture and find root cause.
- You can critically think and apply information technology and cyber security knowledge to reach conclusions.
- You dig till you find an answer. If you don’t know it, you research to find the answer.
- You can make decisions in a time sensitive and stressful situation.
- You have experience in cyber incident response.
- You are a team player and willing to help the team improve.
- You have good verbal and written communication skills.
To land this role:
You need to have a history of being self-motivated and capable of solving problems with minimal oversight. The ability to learn quickly and retain information is key to being successful in this role. You have strong experience working in a competitive, fast-paced, highly technical environment, ideally in the Financial Services Industry.
Qualifications and Requirements:
- 3+ years of experience in cyber security, with a focus on security operations, or 3+ years of experience in information technology with experience in incident response or similar experiences.
- Certifications such as GSEC, GCIH, GCFE, CISSP, CySA+, or equivalent skills.
- Familiar with the MITRE ATT&CK framework.
- Ability to work independently with or without direction and/or supervision.
- Ability to prioritize and multitask.
- Flexibility and adaptability in work approach.
- Demonstrated team-oriented interpersonal skills; ability to effectively interface with a broad range of people and roles across the business.
- Accepts responsibility and personal accountability.
- Experience with security orchestration, automation, and response (SOAR) platforms.
- Prefer experience in using a variety of information technology security tools and technologies.
- Prefer experience with scripting and automation (e.g., Python, PowerShell).