Product Security Analyst

Logo of HackerOne

HackerOne

πŸ’΅ $57k-$146k
πŸ“Remote - United States

Job highlights

Summary

Join our Technical Services team as a Security Analyst and gain hands-on technical experience while delivering high-impact vulnerabilities to top bug bounty programs.

Requirements

  • Proven experience with vulnerability disclosure and bug bounty (experience managing a bug bounty program is a plus but not required)
  • Hands-on experience doing security testing or ethical hacking on web and mobile applications
  • Strong technical knowledge of OWASP top 10
  • Comfortable using security testing tools including Burpsuite
  • Excellent written and verbal communication skills
  • Experience using frameworks such as CVSS
  • Self-motivated and able to manage your time and energy output while maintaining a consistent and sustainable operational rhythm
  • English fluency

Responsibilities

  • Evaluate assigned vulnerability reports submitted by hackers to determine the validity, risk and severity to HackerOne customers
  • Collaborate with hackers to address missing information from reports as well as educate the HackerOne community members when reports are invalid
  • Compose a technical summary for each valid report that includes clear and concise details regarding the impact, steps to reproduce and remediation advice
  • Ensure clear and efficient communication between hackers and customers
  • Proactively identify and solve issues, as well as accept and quickly respond to delegated work; as we are distributed, being able to win as a team to solve problems is critical to our success
  • Assess vulnerability findings and determine whether the submission is valid based on program policies, scope and impact
  • Independently reproduce reported vulnerabilities in a test environment and compose a technical summary for valid findings

Benefits

Remote work, flexible hours

Share this job:

Disclaimer: Please check that the job is real before you apply. Applying might take you to another website that we don't own. Please be aware that any actions taken during the application process are solely your responsibility, and we bear no responsibility for any outcomes.

Similar Remote Jobs

Please let HackerOne know you found this job on JobsCollider. Thanks! πŸ™