Lead Triage Security Analyst

Summary

Join HackerOne's Technical Services team as a Lead Triage Security Analyst! This key leadership role focuses on managing triage operations for a major customer, requiring technical expertise, leadership, and strategic thinking. You will lead a team, act as a subject matter expert on bug bounty triage, and ensure efficient operations. The position is primarily remote, with occasional in-person requirements in Seattle, WA; San Francisco Bay Area; Austin, TX; or Washington, DC. Success requires excellent communication, problem-solving, and the ability to manage multiple priorities. HackerOne offers a flexible work approach and competitive compensation.

Requirements

• 5+ years of experience in application security testing
• 1+ Technical leadership experience in past roles
• 2+ years of experience program managing complex technical programs
• Proven experience with vulnerability disclosure and bug bounty (experience managing a bug bounty program is a plus but not required)
• Deep technical knowledge of application security vulnerabilities, risks and severity rating frameworks such as CVSS
• Excellent analytical and problem-solving skills
• Excellent communication skills, both written and verbal
• Ability to manage multiple priorities and stakeholders effectively
• Must be willing to travel 30% of the time both locally and internationally

Responsibilities

• Lead and manage the dedicated triage operations for one of HackerOne's marquee customers, including onboarding and training new team members
• Act as a subject matter expert on Bug Bounty Triage with deep technical understanding of vulnerabilities and risks
• Act as the primary escalation point for triage situations
• Lead weekly/monthly/quarterly meetings to ensure efficient operations and continuous improvement
• Own and implement changes in the vulnerability triage process to improve efficiency and effectiveness
• Document, share, and maintain Standard Operating Procedures (SOPs) around bug bounty triage
• Collaborate with leadership and cross-functional teams on strategic roadmaps that align with broader business goals, including crawl, walk, and run components
• Perform quality assurance on work done by team members
• Identify and escalate risks in Triage performance to leadership and account teams

Preferred Qualifications

• Past/present security community involvement is a plus
• Strong knowledge of cloud security on AWS environment

Benefits

• Health (medical, vision, dental), life, and disability insurance
• Equity stock options
• Retirement plans
• Paid public holidays and unlimited PTO
• Paid maternity and parental leave
• Leaves of absence (including caregiver leave and leave under CO's Healthy Families and Workplaces Act)
• Employee Assistance Program
• Flexible Work Stipend