Security Analyst

Remote $75k–$125k middle 29 days ago full-time quality 8.2/10

Role in brief

Aptoslabs is seeking a Security Analyst to join their remote team. This role focuses on enhancing security operations, including responding to phishing attacks, managing the bug bounty program, and conducting access reviews. Candidates with experience in security operations, identity and access management, or application security are encouraged to apply.

security operationsIAMapplication securityphishingauthenticationaccess controlleast privilegecommon vulnerability classesbug bountySaaS administrationOWASP Top 10

About the role

This Security Analyst position involves a range of operational security tasks. A key part of the role is responding to and triaging alerts related to phishing, impersonation, and brand abuse, escalating threats as needed. The analyst will also coordinate the daily operations of the bug bounty program, which includes communicating with researchers, tracking issues, and ensuring internal follow-up on reported vulnerabilities.

The role also includes managing user access and security configurations. This involves conducting regular reviews of security settings, access controls, and administrative configurations across various business systems, SaaS platforms, and internal infrastructure. The analyst will be responsible for tracking and ensuring the remediation of any identified issues.

Success in this role means effectively managing multiple security workflows with attention to detail and consistent follow-through. The ideal candidate will be comfortable operating independently in a remote setting and communicating clearly with both technical and non-technical stakeholders to support ongoing operational security processes, including documentation and process tracking.

The salary for this position ranges from $75,000 to $125,000 annually.

Skills that matter here

  • security operations: This role is centered on operational security, including incident response and workflow management.
  • IAM: The analyst will conduct user access reviews and manage access configurations across various platforms.
  • application security: The role supports application security by coordinating bug bounty programs and addressing common vulnerability classes.
  • phishing: A primary responsibility is to respond to and triage alerts related to phishing attacks.
  • bug bounty: The analyst will coordinate the day-to-day operations of the company's bug bounty program.
  • SaaS administration: The role involves reviewing security settings and controls across various SaaS platforms.

Who this role suits

  • Someone with at least two years of experience in a security-focused role.
  • A person who is self-motivated and comfortable working independently in a remote environment.
  • An individual who can manage multiple tasks concurrently with strong attention to detail.
  • A clear communicator able to coordinate with diverse technical and non-technical groups.

From the employer

  • Respond to and triage alerts relating to phishing attacks, impersonation, scams, and brand abuse (e.g. Sublime, Doppel), escalating credible threats where appropriate.
  • Coordinate day-to-day operation of the bug bounty program, including communication with researchers, issue tracking, reporting, and internal follow-up.
  • Conduct user access reviews and review security settings, access configurations, and administrative controls across business systems, SaaS platforms, and internal infrastructure, tracking remediation where required.
  • Support recurring operational security workflows, including documentation, process tracking, and follow-up.
  • 2+ years of experience in a security-focused role, such as security operations, IAM, application security support, operational security, or a similar domain.
  • Familiarity with core security concepts including phishing, authentication, access control, least privilege, and common vulnerability classes.
  • Ability to manage multiple concurrent workflows with strong attention to detail and reliable follow-through.
  • Clear written communication and confidence coordinating across technical and non-technical stakeholders.
  • Self-motivated, organized, and comfortable operating independently in a remote-first environment with minimal supervision.
  • 100% insurance premium coverage for medical, dental, and vision for you and your dependents (US Employees)
  • Equipment of your choice
  • Flexible vacation time, 11 holidays, and floating company days off
  • Competitive Salary
  • Protocol Token Grants
  • 401k matching (US Employees)
  • Fun and inclusive in-person and digital events

Questions about this role

What is the remote work policy for this position?

This is a remote-first position, and the company supports a remote work environment.

What level of seniority is expected for this role?

This position is for a middle-seniority professional.

What are the core responsibilities of this Security Analyst role?

Responsibilities include responding to phishing attacks, coordinating the bug bounty program, and conducting user access and security configuration reviews.

Similar jobs

Before you apply

  • Legitimate employers never ask you to pay anything to apply or get hired.
  • Never share seed phrases or private keys. No real job needs them.
  • Do not install software ("test tasks", "trading tools", "video call clients") sent during hiring.
  • Check that the application page's domain really belongs to Aptoslabs.