Security Analyst

Security Analyst II – Minted

Apply to join the Minted team as a Security Analyst II.

As a Security Analyst II at Minted, you will protect both customer‑facing products and enterprise systems. You will join a small, highly collaborative security team, offering hands‑on exposure across application security, cloud security, identity, and security operations.

• Support the security of Minted’s applications and AWS cloud infrastructure in partnership with engineering teams.
• Monitor and investigate security events in AWS using Guard Duty, Security Hub, Cloudflare, and SIEM‑integrated logs.
• Review, triage, and track application security findings from Semgrep.
• Analyze vulnerability severity, impact, and exploitability; partner with engineering and Dev Ops to validate findings and drive remediation.
• Identify cloud misconfigurations, exposed resources, and risky IAM patterns; contribute to improving application and cloud security visibility, alerting, and automation.
• Participate in post‑incident reviews related to application or cloud security events.
• Help protect Minted’s corporate systems, identities, and endpoints by detecting and responding to security incidents.
• Monitor and triage alerts from Crowd Strike, identity providers, and centralized logging tools.
• Investigate phishing attempts, endpoint malware, suspicious login activity, and account compromise; execute incident response actions following playbooks.
• Support identity and access management across Okta, Google Workspace, and AWS SSO; conduct periodic access reviews and assist with improving IAM processes.
• Partner with IT teams to improve endpoint security posture and response workflows.
• First 90 days: ramp up on environment and tooling; review and triage alerts; complete defined IAM access review; use Python for investigations.
• First 6 months: investigate common alerts, respond to incidents, implement SIEM and SOC processes, document runbooks, assist with log onboarding and detection improvement.
• Shared responsibilities: vulnerability scanning, risk‑based remediation, trend analysis, documentation of incidents, SOC 2 and PCI DSS evidence collection, improve monitoring, logging, visibility, tooling, automation.

• Bachelor’s degree in Cybersecurity, Computer Science, or related field, or equivalent experience.
• 2–4 years of experience in security operations, incident response, or IT security.
• Strong understanding of cybersecurity fundamentals (CIA triad, defense‑in‑depth, least privilege, MITRE ATT&CK).
• Hands‑on experience with AWS, Guard Duty, Security Hub, Cloudflare, Semgrep, Crowd Strike, Okta, Google Workspace, and SIEM.
• Basic Python scripting skills for automation, log analysis, or reporting.
• Strong written and verbal communication skills.

• Experience with security automation or SOAR tools.
• Familiarity with SOC 2 or PCI DSS.
• Security certifications such as Security+, CySA+, or similar.

The employment offer will fall between the range for the role. Salaries vary based on experience, responsibilities, and other factors.

• Medical, Dental, and Vision Benefits
• Employer‑Funded Health Savings Account
• 10 Paid Holidays
• Paid Time Off and Sick Leave
• Paid Parental Leave
• Monthly Gym/Wellness Reimbursement
• 401(k) Retirement Savings Plan
• Employer‑Funded Commuter Benefits
• Employee Discount

Minted is an Equal Opportunity Employer committed to inclusion and diversity. We welcome applicants from all backgrounds and consider all qualified applicants in accordance with state, local, and federal laws. Minted participates in the E‑Verify program.

We verify identity at the start of interviews to ensure fairness and security. We reserve the right to withdraw candidates who misrepresent their identity, experience, or qualifications at any stage of the hiring process.

We use AI‑powered tools, including Brainner AI, to support hiring and employment processes. All decisions involve human review.