Security Operations Analyst II

About The Position

Requirements

• Knowledge of basic IT and cybersecurity procedures and frameworks, or a closely related field as normally obtained through a Bachelor’s Degree in Cybersecurity, a related field, or equivalent experience
• Minimum of 2-3 years of experience in information security with specific experience in operations. Experience must include an understanding of information security concepts, industry tools, and standard methodologies.
• Strong analytical ability and critical thinking application
• Ability to independently triage, analyze, and respond to information security alerts, including decision making
• A strong customer service orientation is essential
• A passion for learning and demonstrated ability to adapt to the changing demands of business is crucial

Nice To Haves

• Preferred Certifications: CHFI, any SANS GIAC certification, ECIH, CEH, Security+, Network+

Responsibilities

• Support coordination of HealthEquity's Security Operations Framework by contributing intelligence‑driven analysis and aligning activities with NIST‑standard incident management processes.
• Analyze indicators, activity patterns, and suspicious behaviors related to cyber, privacy, DLP, fraud, and other risk areas, incorporating threat intelligence findings into investigations.
• Provide daily analytical oversight of threat activity and work with platform owners to strengthen detections across enterprise security tools.
• Assist with operational execution of investigative workflows and contribute to evaluating and enhancing detective controls.
• Analyze suspicious emails, links, and files, incorporating CTI context to assess threat relevance, severity, and recommended response actions.
• Document threat findings, analytic assessments, and investigative outcomes to maintain a comprehensive intelligence and incident activity log.
• Collaborate with partner teams to support enterprise security initiatives and improve threat‑focused processes, playbooks, and analytical standards.
• Assist with developing and tuning threat‑detection content (e.g., correlation rules, behavioral analytics, detections across EDR, email security, IDS, M365, AWS, CASB, SIEM, SOAR).
• Perform threat hunts and work with the Cyber Intelligence team to proactively identify anomalous or malicious activity and emerging risks.
• Support communication of threat insights, recommended mitigations, and tactical response actions to ensure timely and effective engagement from stakeholders.
• Participate in an on‑call response schedule during incidents, priority events, holidays, or weekends.

Benefits

• Medical, dental, and vision
• HSA contribution and match
• Dependent care FSA match
• Uncapped paid time off
• Paid parental leave
• 401(k) match
• Personal and healthcare financial literacy programs
• Ongoing education & tuition assistance
• Gym and fitness reimbursement
• Wellness program incentives