Minted logo

Minted

San FranciscoSan FranciscoCAUSA

Security Analyst

full-timeHybrid$72,391 - $95,013

The Role:

As a Security Analyst II/III at Minted, you’ll play a key role in protecting the systems and data that power our global artist community and e-commerce customers.

You’ll monitor our environment, respond to security incidents, analyze vulnerabilities, and support ongoing improvements to our cloud and enterprise security posture. This role blends day-to-day security operations with opportunities to take technical ownership of investigations, tuning, and automation projects that enhance Minted’s overall security resilience.

This is an ideal role for an experienced analyst who enjoys hands-on technical work and wants to contribute across multiple areas of the security program.

You will:

  • Threat Detection & Incident Response
  • Monitor alerts from SIEM, EDR, and cloud monitoring tools for potential security events
  • Conduct in-depth investigations to determine root cause, impact, and scope of incidents
  • Own incident response for medium and high-severity cases — including containment, remediation, and post-incident analysis
  • Develop and refine detection logic and alerting thresholds to improve signal quality
  • Maintain detailed documentation of investigations, incidents, and lessons learned
  • Vulnerability & Risk Management
  • Perform regular vulnerability scans and analyze results to prioritize risk-based remediation
  • Collaborate with system and application owners to ensure timely patching and configuration management
  • Identify recurring issues or trends and recommend ways to reduce overall exposure.
  • Validate remediations and track closure across multiple business units
  • Cloud & Application Security
  • Monitor Minted’s AWS environments using Security Hub, GuardDuty, and other native tools
  • Review and triage application security findings from static and dynamic scans (SAST/DAST)
  • Work with development and DevOps teams to validate and remediate vulnerabilities
  • Contribute to improving cloud security visibility, automation, and alert coverage
  • Identity & Access Management (IAM)
  • Support user lifecycle management and least-privilege enforcement across Okta, Google Workspace, and AWS SSO
  • Conduct periodic access reviews and investigate anomalous authentication or access patterns
  • Assist in implementing automation and process improvements for account provisioning and review
  • Goverance, Risk & Compliance (GRC)
  • Support evidence collection for SOC 2 and PCI DSS audits
  • Participate in risk assessments and help ensure mitigation plans are completed
  • Continuous Improvement & Innovation
  • Identify opportunities to enhance detection, response, and automation capabilities
  • Partner with IT and engineering teams to improve monitoring, logging, and visibility
  • Participate in evaluating and deploying new security tools and integrations

You are:

  • Analytical, curious, and detail-oriented — you enjoy investigating issues and finding root causes
  • Calm and focused under pressure, with strong problem-solving skills
  • Collaborative and communicative — able to partner effectively with teams across the organization
  • Proactive about learning and improving both processes and technology

You will:

  • Bachelor’s degree in Cybersecurity, Computer Science, or related field, or equivalent experience
  • 2–5 years of experience in a security operations, incident response, or IT security role
  • Solid understanding of cybersecurity fundamentals (CIA Triad, defense-in-depth, least privilege, MITRE ATT&CK)
  • Hands-on experience with:
  • SIEM tools (Splunk, Elastic, or similar)
  • EDR platforms (CrowdStrike, SentinelOne, etc.)
  • Cloud monitoring (AWS GuardDuty, Security Hub)
  • Vulnerability management tools (Qualys, Semgrep, or equivalent)
  • Identity management systems (Okta, Google Workspace, AWS SSO)
  • Strong analytical, written, and communication skills

Bonus Points

  • Experience with security automation or SOAR platforms.
  • Basic scripting skills (Python, PowerShell, or Bash).
  • Familiarity with compliance frameworks (SOC 2, PCI DSS).
  • Certifications such as Security+, CySA+, GSEC, GCIA, or AWS Security Specialty.

Compensation:

The compensation range for the role applies to employment offers from Minted. Our employment offers fall between the minimum and midpoint of the range to allow for continued salary growth during your employment at Minted. The upper half of the range accommodates this growth and supports our intention to create an environment that encourages lasting relationships between Minted and our employees.

Geo Base Full Salary Range 0 - Includes SF Bay Area $72,391- $95,013

Salaries will vary based on various factors, including, but not limited to, professional and academic experience, associated job responsibilities, and/or other business or organizational needs.

Benefits:

Benefits will be effective on the first of each month following your initial hire date. 

  • Medical, Dental, and Vision Benefits
  • Employer Funded Health Savings Account
  • 10 Paid Holidays
  • Paid Time Off and Sick Leave
  • Paid Parental Leave
  • Monthly Gym/Wellness Reimbursement
  • 401(k) retirement savings plan
  • Employer Funded Commuter Benefits
  • Employee Discount
  • Friends and Family Discount