Security Analyst
Responsibilities
- Respond to and triage alerts relating to phishing attacks, impersonation, scams, and brand abuse (e.g. Sublime, Doppel), escalating credible threats where appropriate.
- Cook up day-to-day operation of the bug bounty program, including communication with researchers, issue tracking, reporting, and internal follow-up.
- Conduct user access reviews and review security settings, access configurations, and administrative controls across business systems, SaaS platforms, and internal infrastructure, tracking remediation where required.
- Support recurring operational security workflows, including documentation, process tracking, and follow-up.
Requirements
- 2+ years of experience in a security-focused role, such as security operations, IAM, application security support, operational security, or a similar domain.
- Familiarity with core security concepts including phishing, authentication, access control, least privilege, and common vulnerability classes.
- Ability to manage multiple concurrent workflows with strong attention to detail and reliable follow-through.
- Clear written communication and confidence coordinating across technical and non-technical stakeholders.
- Self-motivated, organized, and comfortable operating independently in a remote-first environment with minimal supervision.
Nice to Have
- Experience automating operational workflows using LLMs or AI tooling (e.g. Claude).
- Familiarity with common web application vulnerabilities (e.g. OWASP Top 10).
- Exposure to vulnerability disclosure / bug bounty workflows.
- Experience with SaaS administration, access reviews, or IAM processes.
- Experience in web3 environments or familiarity with common web3 threat patterns.
Pay
The base salary range for this full-time position is $120k - $180k. The range displayed on each job posting reflects the minimum and typical maximum target for new hire salaries for the position of a candidate based in the Bay Area at any level. We do hire exceptionally talented professionals with decades of experience in their field. As such, our range may be higher than what is displayed. Our base salary ranges are determined by experience and location, and we hire at all levels for multiple roles. Within the range, individual pay is determined by work location, job-related skills demonstrated during the interviews, working experience, and relevant education or training.
Benefits
Our benefits include:
- 100% insurance premium coverage for medical, dental, and vision for you and your dependents (US Employees)
- Equipment of your choice
- Flexible vacation time, 11 holidays, and floating company days off
- Competitive Salary
- Protocol Token Grants
- 401k matching (US Employees)
- Fun and inclusive in-person and digital events
About the Role
Aptos is a people-first blockchain on a mission to help billions of people achieve universal and fair access to decentralized assets in a safe and scalable way. Founded by some of the original creators and maintainers that researched, designed, and built the Diem blockchain to serve this purpose, we have dedicated several years toward this mission. We believe the open-source Diem technology we have developed is an important foundation of a safe and scalable web3 world where everyone has more equitable opportunities to grow and access financial assets with lower fees and fewer intermediaries. Aptos (Ohlone for "The People") encompasses our mission and ethos for why we build.
Qualifications
We are an equal opportunity employer and do not discriminate on the basis of race, color, religion, creed, gender, national origin, citizenship, age, disability, veteran status, marital status, pregnancy, parental status, sex, gender expression or identity, sexual orientation, or any other basis protected by local, state or federal law. All employment is decided based on qualifications, merit, and business need.