Security Analyst

As passionate about our people as we are about our mission.

What We’re All About:

Q2 is proud of delivering our mobile banking platform and technology solutions, globally, to more than 22 million end users across our 1,300 financial institutions and fintech clients.  At Q2, our mission is simple: Build strong, diverse communities by strengthening their financial institutions. We accomplish that by investing in the communities where both our customers and employees serve and live.

What Makes Q2 Special?

Being as passionate about our people as we are about our mission. We celebrate our employees in many ways, including our “Circle of Awesomeness” award ceremony and day of employee celebration among others! We invest in the growth and development of our team members through ongoing learning opportunities, mentorship programs, internal mobility, and meaningful leadership relationships. We also know that nothing builds trust and collaboration like having fun. We hold an annual Dodgeball for Charity event at our Q2 Stadium in Austin, inviting other local companies to play, and community organizations we support to raise money and awareness together.

The Job At-A-Glance:

Q2 is seeking a Security Analyst who is passionate about securing innovative products that scale to 400+ financial institutions.  You will interact with stakeholders across Engineering, QA, DevOps, IT, Operations, and Product Management.  If you enjoy working in a highly collaborative environment and approach every day with a burning passion to thwart hackers, then Q2 wants you!

A Typical Day:

• Monitor and analyze security alerts from various sources, including SIEM systems, intrusion detection/prevention systems, and endpoint detection and response tools.
• Conduct in-depth investigations of security incidents, performing root cause analysis and recommending remediation steps.
• Develop and maintain custom correlation rules and use cases in SIEM platforms to enhance threat detection capabilities.
• Perform advanced threat hunting activities using both automated tools and manual techniques to proactively identify potential security threats.
• Integrate and analyze threat intelligence feeds, incorporating relevant information into daily security operations and incident response processes.
• Conduct forensic analysis on both network traffic and endpoint systems to investigate and respond to security incidents.
• Contribute to the development and maintenance of incident response plans and procedures.
• Participate in regular tabletop exercises and simulations to test and improve incident response capabilities.
• Develop and deliver security awareness training materials for employees across the organization.
• Perform vulnerability assessments and penetration testing to identify and address security weaknesses.
• Collaborate with cross-functional teams to ensure security best practices are integrated into IT and development processes.
• Assist in the implementation and management of security tools and technologies.
• Provide mentorship and guidance to junior security analysts, helping to develop their skills and expertise.
• Contribute to the development of security policies, standards, and procedures.
• Prepare and present detailed reports on security incidents, trends, and recommendations to both technical and non-technical stakeholders.
• Stay current with the latest cybersecurity trends, threats, and mitigation strategies through continuous learning and professional development.
• Participate in the evaluation and selection of new security tools and technologies.
• Assist in maintaining relationships with external security vendors and service providers.
• Contribute to the organization's compliance efforts related to various security standards and regulations (e.g. NIST, SOC2, and SOX frameworks).
• Lead or participate in special security projects as assigned by management.
• Develop and maintain documentation for security processes, procedures, and technical configurations.
• Collaborate with the SOC manager to continuously improve the efficiency and effectiveness of security operations.
• Conduct threat modeling for new products and features, identifying potential security risks and recommending mitigation strategies.
• Manage a security orchestration, automation, and response (SOAR) platform to improve incident response efficiency.
• Support regular security assessments of third-party vendors and partners, ensuring they meet the organization's security standards.

Bring Your Passion, Do What You Love. Here’s What We’re Looking For:

• Typically requires a Bachelor’s degree and a minimum of 2 years of related experience; or an advanced degree without experience; or equivalent work experience.
• 2+ years of experience in information security or related IT roles
• Strong understanding of network protocols, operating systems, and common attack vectors
• Experience with using SIEM platforms, intrusion detection/prevention systems, and endpoint security tools
• Linux or Windows System Administration experience. 
• Experience with scripting languages (e.g., Python, PowerShell) for automation and analysis
• Strong analytical and problem-solving skills
• Strong communication skills, both written and verbal
• Ability to work in a fast-paced environment and handle multiple priorities

Preferred:

• GCIA (Certified Intrusion Analyst), GCIH (Certified Incident Handler), CEH (Certified Ethical Hacker), OSCP (Offensive Security Certified Professional) or other relevant equivalent security certifications
• Experience with configuration management tools (Ansible, Terraform, AWS Config, Chef, and/or Puppet). 
• Experience with security solutions in public clouds (AWS, Azure, and/or Google). 

#LI-HB1

This position requires fluent written and oral communication in English.

Health & Wellness

• Hybrid Work Opportunities

• Flexible Time Off 

• Career Development & Mentoring Programs 

• Health & Wellness Benefits, including competitive health insurance offerings and generous paid parental leave for eligible new parents 

• Community Volunteering & Company Philanthropy Programs 

• Employee Peer Recognition Programs – “You Earned it”

Click here to find out more about the benefits we offer.

How We Give Back to the Community:

You can learn more about our Q2 Spark Program, Q2 Philanthropy fund, and our employee volunteering programs on our Q2 Community page. Q2 supports dozens of wide-reaching organizations, such as the African American Leadership Institute, and The Trevor Project, promoting diversity and success in leadership and technology. Other deserving beneficiaries include Resource Center helping LGBTQ communities, JDRF, and Homes for our Troops, a group helping veterans rebuild their lives with specially adapted homes.

At Q2, our goal is to be a diverse and inclusive workforce that fosters mutual respect for our employees and the communities we serve. Q2 is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.