HackerOne is hiring a
Product Security Analyst

Summary

Join HackerOne as a Security Analyst in their Technical Services team. This role involves evaluating vulnerability reports, collaborating with hackers, and ensuring clear communication between them and customers. The position requires proven experience with vulnerability disclosure and bug bounty, strong technical knowledge of OWASP top 10, excellent written and verbal communication skills, and English fluency. Remote work is allowed within the US or Canada.

Requirements

• Proven experience with vulnerability disclosure and bug bounty
• Hands-on experience doing security testing or ethical hacking on web and mobile applications
• Strong technical knowledge of OWASP top 10
• Comfortable using security testing tools including Burpsuite
• Excellent written and verbal communication skills
• Experience using frameworks such as CVSS
• Self-motivated and able to manage your time and energy output while maintaining a consistent and sustainable operational rhythm
• English fluency

Responsibilities

• Evaluate assigned vulnerability reports submitted by hackers to determine the validity, risk and severity to HackerOne customers
• Collaborate with hackers to address missing information from reports as well as educate the HackerOne community members when reports are invalid
• Compose a technical summary for each valid report that includes clear and concise details regarding the impact, steps to reproduce and remediation advice
• Ensure clear and efficient communication between hackers and customers
• Proactively identify and solve issues, as well as accept and quickly respond to delegated work

Preferred Qualifications

Experience managing a bug bounty program

Benefits

• Compensation Bands: Tier Guide (Tier A, Tier B, Tier C, Canada)
• Offers Equity
• Weekend work (Friday-Tuesday during business day time hours, Wednesdays/Thursdays off)
• Remote work allowed within US or Canada