What We’re All About:
Q2 is proud of delivering our mobile banking platform and technology solutions, globally, to more than 22 million end users across our 1,300 financial institutions and fintech clients. At Q2, our mission is simple: Build strong, diverse communities by strengthening their financial institutions. We accomplish that by investing in the communities where both our customers and employees serve and live.
What Makes Q2 Special?
Being as passionate about our people as we are about our mission. We celebrate our employees in many ways, including our “Circle of Awesomeness” award ceremony and day of employee celebration among others! We invest in the growth and development of our team members through ongoing learning opportunities, mentorship programs, internal mobility, and meaningful leadership relationships. We also know that nothing builds trust and collaboration like having fun. We hold an annual Dodgeball for Charity event at our Q2 Stadium in Austin, inviting other local companies to play, and community organizations we support to raise money and awareness together.
The Job At-A-Glance:
Q2 is seeking a Security Analyst with a deep passion for modern cyber defense, threat intelligence, and threat hunting. You will play a critical role in securing our innovative products that scale to over 400 financial institutions. This position involves collaboration with stakeholders across Engineering, QA, DevSecOps, Operations, Development, and Product Management. If you thrive in a fast-paced, collaborative environment and are driven to enhance security systems' scalability, resilience, and protection, we want you on our team. The ideal candidate will possess extensive experience in handling complex security incidents and advancing our organization's security posture.
A Typical Day:
Monitor and analyze security alerts from advanced SIEM systems, intrusion detection/prevention systems, and endpoint detection and response tools.Lead comprehensive investigations of complex security incidents, performing root cause analysis and recommending effective remediation steps.Develop and maintain sophisticated correlation rules and use cases in SIEM platforms to enhance threat detection capabilities.Execute proactive threat hunting activities using both automated tools and manual techniques to identify potential security threats.Integrate and analyze threat intelligence feeds, incorporating relevant information into daily security operations and incident response processes.Conduct detailed forensic analysis on network traffic and endpoint systems to investigate and respond to security incidents.Contribute to the development and continuous improvement of incident response plans and procedures.Participate in and lead regular tabletop exercises and simulations to test and improve incident response capabilities.Develop and deliver comprehensive security awareness training materials for employees across all levels of the organization.Participate in and perform thorough vulnerability assessments and penetration testing to identify and address security weaknesses.Collaborate with cross-functional teams to ensure advanced security best practices are integrated into IT and development processes.Implement and manage cutting-edge security tools and technologies.Contribute to the development of robust security policies, standards, and procedures aligned with industry best practices.Prepare and present detailed reports on complex security incidents, trends, and recommendations to both technical and non-technical stakeholders.Stay at the forefront of cybersecurity trends, emerging threats, and advanced mitigation strategies through continuous learning and professional development.Assist with the evaluation and selection of new security tools and technologies, focusing on next-generation solutions.Manage and maintain relationships with external security vendors and service providers, ensuring alignment with organizational security goals.Assist with the organization's compliance efforts related to various security standards and regulations (e.g., NIST, SOC2, SOX frameworks).Assist in special security projects assigned by management, driving innovation in security practices.Develop and maintain comprehensive documentation for advanced security processes, procedures, and technical configurations.Collaborate with the SOC manager to continuously improve the efficiency and effectiveness of security operations, implementing automation where possible.Design and implement advanced security architecture, including zero-trust models and secure cloud environments.Conduct threat modeling for new products and features, identifying potential security risks and recommending mitigation strategies.Develop and maintain an insider threat program, including monitoring, detection, and response procedures.Lead and participate in purple team exercises, combining red team and blue team activities to improve overall security posture.Implement and manage a bug bounty program to leverage external security researchers in identifying vulnerabilities.Develop and maintain a cyber threat intelligence program, including the creation of custom indicators of compromise (IoCs) and threat actor profiles.Implement and manage a security orchestration, automation, and response (SOAR) platform to improve incident response efficiency.Conduct regular security assessments of third-party vendors and partners, ensuring they meet the organization's security standards.Mentor and provide guidance to junior security analysts, helping them to develop their skills and expertise.Bring Your Passion, Do What You Love. Here’s What We’re Looking For:
Typically requires a Bachelor’s degree and a minimum of 2 years of related experience; or an advanced degree without experience; or equivalent work experience.3-5 years of experience in information security or related IT rolesDeep understanding of network protocols, operating systems, and advanced attack vectorsExpertise in using SIEM platforms, intrusion detection/prevention systems, and endpoint security toolsAdvanced Linux and Windows System Administration experienceProficiency in automation and scripting using PowerShell, Python, Perl, or BashStrong experience with threat hunting techniques and toolsFamiliarity with machine learning and AI applications in cybersecurityExcellent analytical and problem-solving skills with a focus on innovative solutionsStrong communication skills, both written and verbal, with the ability to convey complex technical concepts to non-technical audiencesAbility to work effectively in a fast-paced environment, handle multiple priorities, and adapt to rapidly evolving threat landscapesPreferred:Relevant certifications such as CISSP, OSCP, GCIA, GCIH, Sec+ or equivalent other security certifications that demonstrate competency in computer securityImplemented Security solutions in public clouds (AWS, Azure, and/or Google)Experience with configuration management tools (Ansible, Terraform, AWS Config, Chef, and/or Puppet)Knowledge of financial regulatory standards, including SOX-404, SOC, FFIEC, PCI, etc.#LI-HB1
This position requires fluent written and oral communication in English.
Health & Wellness
Hybrid Work Opportunities
Flexible Time Off
Career Development & Mentoring Programs
Health & Wellness Benefits, including competitive health insurance offerings and generous paid parental leave for eligible new parents
Community Volunteering & Company Philanthropy Programs
Employee Peer Recognition Programs – “You Earned it”
Click here to find out more about the benefits we offer.
How We Give Back to the Community:
You can learn more about our Q2 Spark Program, Q2 Philanthropy fund, and our employee volunteering programs on our Q2 Community page. Q2 supports dozens of wide-reaching organizations, such as the African American Leadership Institute, and The Trevor Project, promoting diversity and success in leadership and technology. Other deserving beneficiaries include Resource Center helping LGBTQ communities, JDRF, and Homes for our Troops, a group helping veterans rebuild their lives with specially adapted homes.
At Q2, our goal is to be a diverse and inclusive workforce that fosters mutual respect for our employees and the communities we serve. Q2 is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.