Information Technology Security Analyst

At a Glance: The Story Behind AMINA

Founded in April 2018 and headquartered in Zug, AMINA Bank is a pioneer in the financial industry. In August 2019, AMINA received a Swiss banking and securities dealer license from FINMA. The broad, vertically integrated spectrum of services, combined with the highest security standards, make AMINA's value proposition unique.

AMINA operates globally from its regulated hubs in Switzerland, Abu Dhabi, and Hong Kong to offer fiat and crypto services to progressive investors, traditional and crypto-native alike, whether individuals, corporates, or institutions.

CVVC Global Report and CB Insights named AMINA as one of the Top 50 Companies within the blockchain ecosystem. Aite Group awarded AMINA their 2021 Digital Wealth Management Impact Innovation Award in the Digital Startup of the Year category, and LinkedIn listed AMINA as one of the Top Startups 2021 in Switzerland. In 2022, AMINA won the Digital Assets Offering or Service at the WealthBriefing Swiss EAM Awards, and the bank was also recognised for its product offering SEBAX and won the Best ETP of the Year award at the Swiss ETF Awards 2022. In 2023, AMINA won the European WealthBriefing Award in the Digital Assets Solution, Fund Manager category.

AMINA India is a wholly owned subsidiary of AMINA Bank AG. AMINA India acts as a virtual extension of the bank supporting activities spanning trading & liquidity management, digital assets research, marketing, investment solutions, risk management, account management, mid/back-office, product management, technology & engineering, IT support, finance and human resources.

Your Mission (Should You Choose to Accept It)

As an IT Security Analyst you will be a senior individual contributor within our modern Security Operations Center (SOC), responsible for Tier 1 and Tier 2 detection, triage, investigation, and response, while owning incidents end‑to‑end from detection through closure.

This role operates in a innovative and fast-paced organization with limited predefined processes and templates. You are expected to create structure where it does not yet exist, proactively track work, and ensure outcomes are delivered.

Operational execution (e.g. threat hunting, monitoring services) is largely performed by third‑party vendors. As a result, this role places strong emphasis on vendor orchestration, technical validation, follow‑up, and loop closure, rather than passive oversight.

In addition to core SOC responsibilities, you will act as a domain expert across endpoint security, cloud security, cloud application security, and vulnerability & attack‑path management. These domains differentiate the role and contribute to a more holistic and mature security operations capability.

Your AMINA To-Do List

Core Responsibilities – Tier 1 & Tier 2 SOC Operations

Security Monitoring & Triage (Tier 1)

• Monitor and triage alerts from SIEM, XDR, EDR, endpoint, identity, cloud, and application security platforms.
• Assess alerts critically to distinguish false positives from genuine security events.
• Maintain a clear operational overview of active alerts, incidents, and emerging risks.

Incident Investigation & Response (Tier 2)

• Perform deeper technical investigations into escalated incidents across endpoints, identities, networks, cloud environments, and applications.
• Lead containment, mitigation, and recovery activities in coordination with IT Operations and external vendors.
• Provide clear conclusions, impact assessments, and remediation recommendations.
• Produce concise, actionable incident and post‑incident reports.

End‑to‑End Ownership

• Own incidents and investigations from detection through closure.
• Track tasks, follow‑ups, and dependencies proactively without external prompting.
• Ensure actions are completed, validated, and properly documented.
• Escalate decisively when required, including context and recommended next steps.

Domain Expertise – Differentiating Capabilities

In addition to core SOC responsibilities, depth in one or more of the domains below is expected; familiarity across the others is required:

Endpoint & Host Security

• Review endpoint detections, protection gaps, and misconfigurations.
• Collaborate with IT Operations and Engineering to ensure endpoint security controls are correctly deployed and tuned.
• Support host‑based incident investigations and remediation.

Cloud & Cloud Application Security

• Monitor cloud platforms and cloud‑based applications for misconfigurations and threats.
• Support investigations involving cloud workloads, identities, and SaaS platforms.
• Collaborate with Cloud Engineers and IT Operations teams to remediate security findings.

Vulnerability & Attack Path Management

• Analyze vulnerability and attack‑path data to assess real risk and exposure.
• Prioritize remediation based on exploitability and business impact.
• Track remediation progress and escalate unresolved critical issues.
• Feed vulnerability and attack‑path insights back into detection and response activities.

Vendor Orchestration & Operational Oversight

• Act as the technical counterpart to third‑party SOC, threat hunting, and security service providers.
• Work with the SOC Lead to define scope and priorities for vendor‑delivered activities.
• Validate findings, challenge assumptions, and ensure quality of output.
• Translate internal priorities into concrete vendor actions.
• Track outcomes and ensure follow‑up actions are completed and verified.

Automation & Continuous Improvement

• Continuously improve detection, triage, and response capabilities.
• Reduce alert noise and false positives through tuning and analysis.
• Contribute to pragmatic automation of SOC workflows (e.g. Logic Apps, detection rules, scripts).
• Feed insights from incidents, vulnerabilities, and cloud security into improved detections and processes.
• Actively contribute to the maturation of SOC processes and operational practices.

Your golden ticket to the AMINA team:

Required

• 5–8+ years of experience in SOC, security operations, incident response, or related roles.
• Proven experience performing Tier 1 and Tier 2 SOC responsibilities.
• Strong technical understanding of endpoint, identity, cloud, and application security.
• Demonstrated ability to work independently in low‑scaffolding environments.
• Experience coordinating with IT Operations and third‑party security providers.
• Strong written and verbal communication skills (clear, concise, actionable).

Preferred

• Experience in regulated or financial services environments.
• Hands‑on experience with Microsoft security stack (Sentinel, Defender).
• Relevant certifications (e.g. GCIA, GCIH, CISSP, OSCP, Azure Security Engineer).
• Experience improving SOC detections, response workflows, or operational processes.

Why We're Awesome

We owe our exponential growth to our innovative and collaborate team spirit and talented workforce. Every voice counts as we are always committed to learning from diverse perspectives and backgrounds because our people make the difference at AMINA Bank. Regardless of your age, gender, belief, and background, at AMINA EVERYONE is welcome!

Join our skilled team and together redefine finance.