Security Engineer II - Threat and Vulnerability jobs in United States
cer-icon
Apply on Employer Site
company-logo

Stifel Financial Corp. · 23 hours ago

Security Engineer II - Threat and Vulnerability

positionSt Louis, MO
timeFull-time
remoteOnsite
seniorityEntry, Mid Level
date2+ years exp

Stifel Financial Corp. is a global wealth management and investment banking firm committed to innovation and client success. The Security Engineer II - Threat and Vulnerability is responsible for identifying, assessing, and mitigating security risks while enhancing the firm's security posture through vulnerability detection and remediation efforts.

BankingFinanceFinancial Services
check
H1B Sponsor Likelynote

Responsibilities

Research, analyze, and evaluate emerging threats, vulnerabilities, and exploits across on-premises and cloud environments
Monitor and correlate threat intelligence feeds to identify relevant tactics, techniques, and procedures (TTPs)
Apply frameworks such as MITRE ATT&CK, OWASP, and CVSS to assess severity, exploitability, and business impact
Identify, assess, and manage vulnerabilities across cloud platforms such as AWS, Azure, or GCP, including misconfigurations and exposed services
Utilize CSPM and CWPP tools like Prisma Cloud, Defender for Cloud, and Wiz to detect, track, and report vulnerabilities
Collaborate with cloud, DevOps, and IT teams to remediate vulnerabilities and integrate security controls into infrastructure and pipelines
Implement and maintain secure configuration standards across servers, endpoints, databases, network devices, and cloud resources
Perform regular configuration audits and compliance checks using frameworks such as CIS Benchmarks, NIST 800-53, and DISA STIGs
Develop and maintain automation scripts or integrations with Python, PowerShell, Bash, JavaScript to streamline scanning, reporting, and data correlation
Integrate vulnerability management tools with SIEM, SOAR, and ticketing systems via APIs to improve workflow efficiency
Create dashboards and data visualizations to enhance threat visibility and remediation tracking
Track and verify remediation progress, ensuring alignment with defined SLAs, risk priorities, and compliance requirements
Communicate technical findings, risks, and remediation guidance clearly to both technical and non-technical stakeholders

Qualification

Vulnerability managementCloud securityThreat intelligenceAutomation scriptingSecurity frameworksConfiguration managementCompliance checksAnalytical skillsLegal compliance knowledgeCommunication skillsTeam collaborationProblem-solvingTechnical documentationReporting skills

Required

2+ years' of experience in cybersecurity or IT with exposure to vulnerability management, configuration management, or cloud security
Advanced understanding of security control environment such as access control, logging, authentication, encryption, integrity, etc
Demonstrated experience managing vulnerabilities in both on-premises and cloud environments
Experience coordinating corporate-wide initiatives for obtaining security-related assurances
Familiarity with federal and state legal and regulatory requirements related to information security
Understand the advanced tenets of security risk management and defense-in-depth practices
The ability to combine pieces of information to form general rules or conclusions
Strong understanding of analyzing and incorporating threat intelligence
Experience with ticketing systems, office productivity, reporting, and technical documentation software
Exposure to systems monitoring tools and logging tools
Proficient in Microsoft Excel, Word, PowerPoint, and Outlook
Proficient with programming or scripting languages like Python, PowerShell, Bash, etc., for automation and tool integration
Proficient with numerous versions of Microsoft Windows, Linux, Mac, and Web Browsers
Hands-on experience with vulnerability management tools such as Tenable, Qualys, Rapid7
Familiar with cloud security frameworks and CSPM solutions like Prisma Cloud, Microsoft Defender for Cloud, and Wiz

Preferred

Bachelor's degree in Cybersecurity, Information Security, Computer Science, Management Information Systems, or equivalent work experience
Experience developing automation or integrations via APIs or scripting
Preferred credentials: CompTIA Security+, CompTIA PenTest+, AWS, Azure, GCP, or equivalent cloud certification

Benefits

Health, dental and vision care
401k
Wellness initiatives
Life insurance
Paid time off

Company

Stifel Financial Corp.

twittertwittertwitter
Glassdoor3.5
company-logo
Established in 1890, Stifel, Nicolaus & Company, Incorporated is one of the nation’s premier full-service financial services firms, providing brokerage, trading, investment banking, investment advisory, and related services to individual investors, professional money managers, businesses, and municipalities through more than 400 locations across the U.S.
dateFounded in 1890
location
St Louis, Missouri, USA
people-size5001-10000 employees
web-link
http://www.stifel.com

H1B Sponsorship

Stifel Financial Corp. has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (16)
2024 (4)
2023 (5)
2022 (5)
2021 (6)
2020 (5)

Funding

Current Stage
Public Company
Total Funding
unknown
1993-01-08IPO

Leadership Team

leader-logo
Ronald Kruszewski
Chairman and CEO
linkedin
leader-logo
Anne Perlman
Managing Director, Investment Banking - Stifel
linkedin

Recent News

thefly.com
Martin Marietta price target raised by $44 at Stifel, here's why
2025-11-11
thefly.com
Global Partners price target lowered by $8 at Stifel, here's why
2025-11-11
Investing.com
Top 5 Investment Banking Stocks for 2025: WarrenAI Analysis
2025-11-11
Company data provided by crunchbase