Position Purpose:

StoneX has an opening for an IT Security Operations Analyst II to join an exciting and growing Security Operations team. This position will report to the IT Security Operations Team Lead and will be responsible for investigating, participating in incident response, creating, and improving process and procedures, and providing an operational function to security tooling. Your role will be critical in identifying and reacting to threats to minimize impact to the organization.

This position is hybrid and requires 3 days in the office per week at one of the locations listed in the job posting. If your resume doesn’t perfectly line up with the role responsibilities and qualifications, we encourage you to apply anyway.

This job might be for you if: 

• You enjoy investigating and analyzing data to paint a picture and find root cause.
• You can critically think and apply information technology and cyber security knowledge to reach conclusions.
• You dig till you find an answer. If you don’t know it, you research to find the answer.
• You can make decisions in a time sensitive and stressful situation.
• You have experience in cyber incident response.
• You are a team player and willing to help the team improve.
• You have good verbal and written communication skills in English.

To land this role: 

You need to have a history of being self-motivated and capable of solving problems with minimal oversight. The ability to learn quickly and retain information is key to being successful in this role. You have strong experience working in a competitive, fast-paced, highly technical environment, ideally in the Financial Services Industry. 

Key Responsibilities:

• Analyze and triage security alerts, investigating any suspicious activity to identify any material risk using various technologies and then taking appropriate action.
• When necessary, act as ‘incident command’ to lead incident response by fully understanding the requirements of our SIRP and ensuring our processes are adhered to.
• While analyzing alerts, utilize MITRE ATT&CK and Threat Intel data to understand threat actor techniques to appropriately identify new places to look for correlated suspicious events.
• Identify and escalate deficiencies in detection capabilities.
• Be able to critically think and able to utilize existing knowledge applied to new situations.
• Collaborate and train members of the team as well as other teams.
• Utilize and automate incident response in a security orchestration, automation, and response (SOAR) platform.
• Integrate threat intelligence data into security operations to proactively defend against emerging threats by threat hunting and investigation enrichment.
• Document security processes and procedures as well as incident reports.
• Provide operational support to security tooling through the organization information technology ticketing system.
• Participating in a 24x7 security incident response on-call rotation split between regional teams.

Qualifications and Requirements:

• 3+ years of experience in cyber security, with a focus on security operations, or 3+ years of experience in information technology with experience in incident response or similar experiences.
• Certifications such as GSEC, GCIH, GCFE, CISSP, CySA+, or equivalent skills.
• Familiar with the MITRE ATT&CK framework.
• Ability to work independently with or without direction and/or supervision.
• Ability to prioritize and multitask.
• Flexibility and adaptability in work approach.
• Demonstrated team-oriented interpersonal skills; ability to effectively interface with a broad range of people and roles across the business.
• Accepts responsibility and personal accountability.
• Experience with security orchestration, automation, and response (SOAR) platforms.
• Prefer experience in using a variety of information technology security tools and technologies.
• Prefer experience with scripting and automation (e.g., Python, PowerShell).