Security Investigations Analyst
Who we are
About Stripe
Stripe is a financial infrastructure platform for businesses. Millions of companies—from the world’s largest enterprises to the most ambitious startups—use Stripe to accept payments, grow their revenue, and accelerate new business opportunities. Our mission is to increase the GDP of the internet, and we have a staggering amount of work ahead. That means you have an unprecedented opportunity to put the global economy within everyone’s reach while doing the most important work of your career.
About the team
The Security Incident Response team works to analyze, investigate, and respond to threats before they impact Stripe’s business or users. From external attacks to insider threats, our goal is to respond with speed and precision, remediate, and support the incident postmortem process. The team is distributed, working primarily in Eastern and Pacific time zones, and will regularly coordinate with stakeholders in Europe and Asia.
What you’ll do
You will leverage your security investigations experience to analyze potential threats and improve operational and response capabilities at Stripe. With an emphasis on user behavior analytics, you will gain a deep understanding of Stripe’s systems, tooling, and workflows to be able to differentiate between legitimate and malicious activity. Interpreting trends and signals collected from endpoints, you will provide dedicated support to our Executive Protection team and drive scalable operational improvements to our detection and response processes. Your analytic capabilities, subject matter expertise, and impeccable judgment will be critical during internal investigations to reduce uncertainty, uncover root causes, and inform future prevention and detection mechanisms.
Responsibilities
Analyze and investigate activity on company devices that could represent a security threat
Work cross-functionally with the Security and Executive Protection teams to develop solutions for analyzing security events at scale and protecting Stripe networks, systems, and data
Interpret disparate data sources to report on trends and support investigative requests
Collect requirements for enhancements to detection models and response systems
Leverage existing systems and data to perform analyses and promote process improvements
Provide actionable insights to help identify, prevent, detect, and respond to anomalous or potentially malicious user activity
Collaborate effectively with teammates, lead projects, mentor others, and develop and champion quality operational standards across the team
Who you are
We’re looking for someone who meets the minimum requirements to be considered for the role. If you meet these requirements, you are encouraged to apply. The preferred qualifications are a bonus, not a requirement.
Minimum requirements
5+ years experience analyzing large data sets to solve problems and/or manage projects related to workplace investigations
B.S. or M.S. Computer Science or related field, or equivalent experience
Working knowledge of SQL, Python, or other programming languages
Proven experience with log analysis (e.g. first or third party applications, system / data access, event logs), digital forensics, or incident response
Proficiency using analytical methods to inform detection systems or guide strategic response
Strong cross-functional collaboration and communication skills
Ability to think creatively and holistically about identifying and reducing risk in a complex environment
High level of judgment, objectivity, and discretion
Preferred qualifications
Prior experience on an Insider Threat/Counterintelligence Program
Experience with data processing and analysis tools (e.g. Jupyter Notebooks, Databricks)
An adversarial mindset, understanding the goals, behaviors, and TTPs of threat actors
Ability to leverage threat intelligence and/or hunting concepts in an enterprise environment
Experience in one or more of the following areas: user and entity behavior analytics (UEBA), security information event management (SIEM), data loss prevention (DLP), Information Security, or Data Privacy
About the job
Apply for this position
Security Investigations Analyst
Who we are
About Stripe
Stripe is a financial infrastructure platform for businesses. Millions of companies—from the world’s largest enterprises to the most ambitious startups—use Stripe to accept payments, grow their revenue, and accelerate new business opportunities. Our mission is to increase the GDP of the internet, and we have a staggering amount of work ahead. That means you have an unprecedented opportunity to put the global economy within everyone’s reach while doing the most important work of your career.
About the team
The Security Incident Response team works to analyze, investigate, and respond to threats before they impact Stripe’s business or users. From external attacks to insider threats, our goal is to respond with speed and precision, remediate, and support the incident postmortem process. The team is distributed, working primarily in Eastern and Pacific time zones, and will regularly coordinate with stakeholders in Europe and Asia.
What you’ll do
You will leverage your security investigations experience to analyze potential threats and improve operational and response capabilities at Stripe. With an emphasis on user behavior analytics, you will gain a deep understanding of Stripe’s systems, tooling, and workflows to be able to differentiate between legitimate and malicious activity. Interpreting trends and signals collected from endpoints, you will provide dedicated support to our Executive Protection team and drive scalable operational improvements to our detection and response processes. Your analytic capabilities, subject matter expertise, and impeccable judgment will be critical during internal investigations to reduce uncertainty, uncover root causes, and inform future prevention and detection mechanisms.
Responsibilities
Analyze and investigate activity on company devices that could represent a security threat
Work cross-functionally with the Security and Executive Protection teams to develop solutions for analyzing security events at scale and protecting Stripe networks, systems, and data
Interpret disparate data sources to report on trends and support investigative requests
Collect requirements for enhancements to detection models and response systems
Leverage existing systems and data to perform analyses and promote process improvements
Provide actionable insights to help identify, prevent, detect, and respond to anomalous or potentially malicious user activity
Collaborate effectively with teammates, lead projects, mentor others, and develop and champion quality operational standards across the team
Who you are
We’re looking for someone who meets the minimum requirements to be considered for the role. If you meet these requirements, you are encouraged to apply. The preferred qualifications are a bonus, not a requirement.
Minimum requirements
5+ years experience analyzing large data sets to solve problems and/or manage projects related to workplace investigations
B.S. or M.S. Computer Science or related field, or equivalent experience
Working knowledge of SQL, Python, or other programming languages
Proven experience with log analysis (e.g. first or third party applications, system / data access, event logs), digital forensics, or incident response
Proficiency using analytical methods to inform detection systems or guide strategic response
Strong cross-functional collaboration and communication skills
Ability to think creatively and holistically about identifying and reducing risk in a complex environment
High level of judgment, objectivity, and discretion
Preferred qualifications
Prior experience on an Insider Threat/Counterintelligence Program
Experience with data processing and analysis tools (e.g. Jupyter Notebooks, Databricks)
An adversarial mindset, understanding the goals, behaviors, and TTPs of threat actors
Ability to leverage threat intelligence and/or hunting concepts in an enterprise environment
Experience in one or more of the following areas: user and entity behavior analytics (UEBA), security information event management (SIEM), data loss prevention (DLP), Information Security, or Data Privacy